开发者

Show pdf only to authenticated users

问答 作者:

I'm building a web site from the old one and i need to show a lot of .pdf files.

I need users to get authenficated before the can't see any of my .pdf but i don't know how (and i can't put my pdf in my database).

I'm using Pylons with Python.

Thank for you help.

If you have any question, ask me! :开发者_JAVA百科)

Here's my stab at how to do it in Pylons. I haven't tested this but there should be enough links to get you going.

  1. Enable X-SendFile on your HTTP server (as Paul said, the implementation depends on the server): Apache mod_xsendfile, Nginx equivalent
  2. Put the PDFs outside the /public directory in your Pylons install (I'd suggest a directory at the same level as your Pylons directory)
  3. Add some kind of Authentication and Authorization to your site. Here is a good article on how you use repoze.who (Authentication) and repoze.what (Authorization)
  4. Create a route and controller to handle the request for your PDF, this is like any other route and controller. (ie a route of /pdfs/{filename}.pdf)
  5. If everything is authorized and authenticated properly you can create the right headers for the x-sendfile (or equivalent) you are using.

You want to use the X-Sendfile header to send those files. Precise details will depend on which Http server you're using.

Paul's suggestion of X-Sendfile is excellent - this is truly a great way to deal with actually getting the document back to the user. (+1 for Paul :)

As for the front end, do something like this:

  1. Store your pdfs somewhere not accessible by the web (say /secure)
  2. Offer a URL that looks like /unsecure/filename.pdf
  3. Have your HTTP server (if it's Apache, see Mod Rewrite) convert that link into /normal/php/path/authenticator.php?file=filename.pdf
  4. authenticator.php confirms that the file exists, that the user is legit (i.e. via a cookie), and then uses X-Sendfile to return the PDF.

Maybe filename with md5 key will be enough?

48cd84ab06b0a18f3b6e024703cfd246-myfilename.pdf

You can use filename and datetime.now to generate md5 key.

继续阅读:pdfpermissionspylonspython

更多精彩内容

0

上一篇:

下一篇:

精彩评论

暂无评论...
登录 注册
Qedev.com
验证码 换一张
取 消

最新问答

问答排行榜

法律声明:本站内容均为网友上传,网站举办方负责审核和监督,

如存在版权或非法内容,欢迎举报,我们将尽快予以删除。

Copyright © 2018-2020 开发者. All rights reserved.

Powered by 开发者

ICP备案号: 京ICP备10032868号-9