oadam
commented
9 years ago Actually a simple view checking that the user is logged in will suffice since we don't have multi-tenancy
Closed oadam closed 9 years ago
oadam
commented
9 years ago Actually a simple view checking that the user is logged in will suffice since we don't have multi-tenancy
oadam
commented
9 years ago Blog post describing how to do it with nginx http://sametmax.com/servir-un-fichier-protege-avec-django-et-nginx/
oadam
commented
9 years ago Fixed in 69de002
for the moment anyone can guess the file name and access it without being authenticated. We need to secure it using https://github.com/RacingTadpole/django-private-media