how to allow RSS aggregators to use feeds available only for logged-in users?
I want to have RSS feeds in my Django application, which should be viewa开发者_如何转开发ble only by a logged-in user. I want to allow users to add these RSS feeds to all aggregators, so I would need something which would work like this: supply the feed URL with a token, for example: http://example.com/feed/rss&token=AeYQtFjQfjU5m so that token will cause the feed to be seen as if the user would be logged in.
Is there some library in Django which would provide such a functionality?
Try making a hash of some unique property of the user... something like
md5("%s!%s" % (SECRET_KEY, user.username)).hexdigest()
PS - I didn't test this code but you get the idea
You could generate the token when creating a user for the first time. This way you can add the token to the feed when a user is logged in. Later when a RSS feed reader comes by your site for the user, you just load the user information for the user with that token.
精彩评论