On Sep 27, 3:08 am, Ben Davis <
bendavi...@gmail.com> wrote:
> I would like to be able to serve files that were uploaded via the admin
> site; for example, when someone clicks on the "Currently:" file link in the
> changeform. However, I also have the following requirements:
>
> 1. The file should only be accessible when authenticated via django's
> auth system
> 2. Clicking the file link should not present an already authenticated
> user with another authentication challenge
>
> I'm currently using a custom FileSystemStorage location and base_url for
> files that should be only accessible via the admin.
>
> I've seen this documentation:
http://docs.djangoproject.com/en/dev/howto/apache-auth/, but it deals with
> mod_python, and I'm using mod_wsgi, so I'm not sure if that will work.
> Also, I'm not sure if that solution meets requirement #2.
>
> Any ideas?
The mod_wsgi equivalent of that page is at:
http://code.google.com/p/modwsgi/wiki/AccessControlMechanisms
Neither will help you though as they implement Basic/Digest
authentication which is distinct from Django form/session based
authentication and would as a result prompt for credentials again.
Graham