如何使用带有Django的Google App Engine安全地提供静态文件?
[英]How to serve static files securely using google app engine with django?
问题描述
Currently my website runs on google app engine with Django and my static files are served using google cloud storage. 
目前,我的网站使用Django在google app引擎上运行,而我的静态文件则使用google cloud storage服务。 I had explored the documentations and I could not find a easy way to serve my static files securely. 我浏览了文档,但找不到安全地提供静态文件的简便方法。
Let say i am logged in as a user into Django site. 假设我以用户身份登录Django站点。 I only want the logged in user to see the picture and other user can't see the picture. 我只希望登录的用户看到图片,而其他用户看不到图片。
Currently the picture is serve using a link to the google cloud storage and the access are made public. 目前,图片是通过指向Google云存储的链接提供的,访问权限已公开。
However, that means that anyone with that link can view that picture. 但是,这意味着具有该链接的任何人都可以查看该图片。 How do i make sure that only the logged in person with the link can view the image instead of everyone with the link can view it, is there any way to do it with google app engine standard, google cloud storage and Django? 我如何确保只有具有链接的登录用户才能查看图像,而不是具有链接的每个人都可以查看图像,是否可以使用Google App Engine标准,Google云存储和Django来执行此操作?
I also know that google cloud storage can have some form of access control but how do i link that part with Django users? 我也知道谷歌云存储可以有某种形式的访问控制,但是我该如何与Django用户链接呢?
1 个解决方案
解决方案1
1 2018-11-01 09:42:35
Maybe you can set your bucket acl to private and implement Signed URL feature for your purpose. 也许您可以将自己的存储桶acl设置为私有,并根据需要实现Signed URL功能。
https://cloud.google.com/storage/docs/access-control/signed-urls https://cloud.google.com/storage/docs/access-control/signed-urls
For Python take a look at documentation about signed URLs: https://googleapis.github.io/google-cloud-python/latest/storage/blobs.html#google.cloud.storage.blob.Blob.generate_signed_url 对于Python,请查看有关签名URL的文档: https : //googleapis.github.io/google-cloud-python/latest/storage/blobs.html#google.cloud.storage.blob.Blob.generate_signed_url
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.