A package for bulletproof attachment serving in Django Rest Framework.
- Nginx
- Django Rest Framework
- Session Authentication
- Django Storages (S3)
- Install package from PyPi.
pip install yediemin- Add the view to
urls.py
from yediemin import YedieminView
urlpatterns = [
re_path(r'^yediemin/(?P<file_name>\S+)/$', YedieminView.as_view(), name='yediemin'),
]- Configure Nginx. Place the configuration below under your server.
location /yediemin-files/ {
internal;
resolver 8.8.8.8;
set $redirect_uri "$upstream_http_redirect_uri";
proxy_buffering off;
proxy_pass $redirect_uri;
}
- Use
YedieminFileFieldin serializer forFileField.
from yediemin import YedieminFileField
class AttachmentSerializer(serializers.ModelSerializer):
file = YedieminFileField()
class Meta:
model = Attachment
fields = (
"id",
"file",
)- Use
PrivateS3Boto3Storagefor the field inmodels.py
from yediemin import PrivateS3Boto3Storage
class Attachment(models.Model):
file = models.FileField(storage=PrivateS3Boto3Storage())-
Upload files to S3 with
YedieminFileField. Yediemin requires presigned object url. -
Make private already uploaded S3 objects by using AWS CLI. Change
<bucket-name>and<bucket-name>/<path>/<to>/<folder>with your use-case.
# Script is inspired from 'Varun Chandak' (https://stackoverflow.com/a/48060930).
export AWS_PAGER="" # https://stackoverflow.com/a/60374670
aws s3 ls --recursive s3://<bucket-name>/<path>/<to>/<folder> | cut -d' ' -f5- | awk '{print $NF}' | while read line; do
echo "$line"
aws s3api put-object-acl --acl private --bucket <bucket-name> --key "$line"
doneYEDIEMIN_HIDDEN_REDIRECT_PATH
Default: yediemin-files.
It should be same with location in nginx configuration.
YEDIEMIN_AUTHENTICATION_CLASSES
Default: [rest_framework.authentication.SessionAuthentication]
YEDIEMIN_EXPIRE_IN
Default: 604800 seconds which is 1 week. This is the maximum limit provided by AWS. Using Query Parameters