stackoom
  简体   繁体   中英

Secure static files with flask

 原文  2012-08-25 01:02:16       python/ security/ static/ flask/ password-protection

Question

I am building a flask application, and I want it to serve some static files only if the user is authenticated. It's a very low-traffic application (for internal use only). How would I go about this? One thing I was thinking of is using serve_static(), and putting that behind an authentication check but that uses the static directory which flask already serves content from.

1 answers

solution1
 12 ACCPTED  2012-08-25 01:36:38

Simply subclass flask.Flask and override the send_static_file method: 

class SecuredStaticFlask(Flask):
    def send_static_file(self, filename):
        # Get user from session
        if user.is_authenticated():
            return super(SecuredStaticFlask, self).send_static_file(filename)
        else:
            abort(403) 
            # Or 401 (or 404), whatever is most appropriate for your situation

See also the definition of send_static_file and following

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question Sending static files in Flask Flask: Static files in subdirectories Flask and css reference to static files Nginx will not load Flask static files python flask - serving static files Flask: Set header on static files Flask unable to resolve static files Static files not found Flask on Apache Flask static files getting 404 browser caching static files in flask?
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM