1

我希望 Apache 和 Pinax 只向经过身份验证的用户提供附件。

我找到了这篇文章,但我无法让它工作。

我的 Apache 配置文件:

WSGIPythonPath /usr/local/bin/python

<VirtualHost *:80>
    ServerName      www.domain.com
    ServerAlias     domain.com


    WSGIDaemonProcess k-production python-path=/path/to/app/pinax-env/lib/python2.6/site-packages
    WSGIProcessGroup k-production

    Alias /site_media  /path/to/app/cp/site_media    
    <Directory /path/to/app/cp/site_media>
    Order deny,allow
    Allow from all
    </Directory>

    WSGIScriptAlias /site_media/media/attachments /path/to/app/cp/deploy/pinax.wsgi
    <Directory /path/to/app/cp/site_media/media/attachments>
    Deny from all
    </Directory>

    XSendFile On
    XSendFileAllowAbove On

    WSGIScriptAlias / /path/to/app/cp/deploy/pinax.wsgi
    <Directory /path/to/app/cp/deploy>
        Order deny,allow
        Allow from all
    </Directory>

</VirtualHost>

和我的(仍然粗略的)观点,应该被称为:

@login_required 
def sendfile(request, slug): 

    app, content_object_id, img = slug.split('/')
    project_file = get_object_or_404(Attachment, attachment_file = 'attachments/'+slug) 
    response = HttpResponse() 
    response['X-Sendfile'] =  os.path.join(settings.MEDIA_ROOT,   'attachments/'+slug) 
    content_type = 'application/octet-stream' 
    response['Content-Type'] = content_type 
    response['Content-Disposition'] = 'attachment; filename="%s"' %  os.path.basename(os.path.join(settings.MEDIA_ROOT,   'attachments/'+slug))
    return response

无论用户是否登录,Apache 都会抛出 403。

通过开发服务器,我可以访问视图,但不会传输任何数据。

怎么了?

4

2 回答 2

1

Try to concentrate on the development server first - since it is a simpler setup and thus less error prone.

Perhaps try this:

@login_required  def sendfile(request, slug): 
    ## these are never used    
    # app, content_object_id, img = slug.split('/')
    # project_file = get_object_or_404(Attachment, attachment_file = 'attachments/'+slug)

    response = HttpResponse() 
    response['X-Sendfile'] =  os.path.join(settings.MEDIA_ROOT,   'attachments/'+slug)

    import pdb; pdb.set_trace() 
    # your development server will stop here
    # you can now inspect the your context, e.g.
    # >> p response['X-Sendfile']
    # this should print the value of response['X-Sendfile']
    # >> c
    # this will continue program execution
    # for more commands see http://www.python.org/doc/2.4/lib/debugger-commands.html

    content_type = 'application/octet-stream' 
    response['Content-Type'] = content_type 
    # Content-Disposition filename is only for suggesting a name for the file
    # when the user tries to download it, e.g.:
    # response['Content-Disposition'] = 'attachment; filename='localfile.txt'
    response['Content-Disposition'] = 'attachment; filename="%s"' %  os.path.basename(os.path.join(settings.MEDIA_ROOT, 'attachments/'+slug))
    return response

But by using the dev server you won't get any files served, since Apache will do the file serving. You can just ensure, the data sent to apache is correct. Or use (not recommended for your production server)

f = open(os.path.join(settings.MEDIA_ROOT, 'attachments/'+slug), 'rb')
response = HttpResponse(f.read())

instead of

response = HttpResponse() 
response['X-Sendfile'] =  os.path.join(settings.MEDIA_ROOT, 'attachments/'+slug)

Some Links:

于 2009-11-26T09:17:02.897 回答
1

我试图做几乎完全相同的事情,结果发现解决方案不是使用 WSGIScriptAlias,而是使用常规别名来定义 wsgi 处理程序的目录。对于视图,我基本上只是围绕 django.views.static.serve 编写了一个包装器。

我的 apache conf 最终看起来像这样:

# myproject
<VirtualHost *:8080>
    #DocumentRoot /var/www/myproject/public
    ServerName myproject
    ErrorLog /var/www/myproject/logs/apache_error_log
    CustomLog /var/www/myproject/logs/apache_access_log common

    AliasMatch ^/(media/uploads/protected/.*) /var/www/myproject/src/myproject-trunk/server/django.wsgi/$1
    Alias /media/ /var/www/myproject/public/media/
    Alias / /var/www/myproject/src/myproject-trunk/server/django.wsgi/

    <Directory /var/www/myproject/src/myproject-trunk/server>
        Options ExecCGI
        AddHandler wsgi-script .wsgi
        # WSGIApplicationGroup %{GLOBAL}
        Order allow,deny
        Allow from all
    </Directory>

    <Directory /var/www/myproject/public/media>
        Order deny,allow
        Allow from all
    </Directory>
</VirtualHost>
于 2009-11-26T00:58:50.890 回答