11👍
The usual way to do this is to pass back a special header to the web server.
You can do it with nginx using x-accel-redirect as in this Django snippet.
For Apache, it should be pretty similar using the mod_xsendfile module (discussion and examples on Django users mailing list).
2👍
If you have freedom to switch from Apache to lighttpd, then the most straightforward solution would be to use mod_secdownload which would do exactly what you want, that is, provide application authentication while serving the actual files via web server.
However if you are stuck with Apache, then I suggest mod_auth_token, here they mention PHP but you can generate the token in Python or any other language. Using mod_auth_token you will be able to generate the token in your application, and then have web server serve the static file utilizing that token.
- "TemplateSyntaxError Invalid block tag: 'trans'" error in Django Templates
- Exclude URLs from Django REST Swagger
- Setting Django admin display times to local time?