1👍
✅
Use Apache’s x-sendfile, for an example see: Having Django serve downloadable files
Store the files in a private folder. Django authorizes the request and let Apache serve the file using the x-sendfile header.
0👍
- Use S3, and django-storages.
- Upload the CV to S3, with the file set as private.
- Create a view which will fetch a given CV from the S3 bucket, producing an “expiring URL”, or that will just fetch the raw data from S3 and pass it through to the user through a view.
The file’s privacy is completely controlled this way.
You could also do this by storing the uploaded file outside of your projects STATICs directory (which is assumed to be publicly accessible), and doing step 3 for that.
Or, if you want to make a DBA’s head explode, store the CV as a BLOB in the database and use a view in the same way.
- [Answer]-Get data from Django's raw() query function?
- [Answer]-Django : how to rename a record in the admin panel
Source:stackexchange.com