On Sat, Jan 31, 2015 at 11:52 AM, Robert Rössler <
r.ros...@gmail.com> wrote:
> what is the best way to restrict downloading files only to authorized users?
it's not hard to do if you manage the file downloading with a view.
of course, file serving within Django is very inefficient, your
webserver (Apache, nginx, etc.) is far more efficient at this.
so, the solution is to write a view that looks like it's serving the
file (after checking for authorization), but instead of actually
serving, delegates the job to the webserver. check X-Accel-Redirect
(nginx) or X-Sendfile (apache)
--
Javier