18

This is strange. I have mix of public as well as private files. I want normal urls in public files, and signed urls in private files.

I tried to change AWS_QUERYSTRING_AUTH to False as I see by default, it's True in django-storages.

But, when I change it, my private files url is not signed (thus not accessible).

May be I am missing something here. What can be solution?

Thanks in advance.

chhantyal
  • 11,874
  • 7
  • 51
  • 77

4 Answers4

29

AWS_QUERYSTRING_AUTH sets the default behavior, but you can override it when you create an instance of S3BotoStorage, by passing in an additional argument to the initializer:

S3BotoStorage(bucket="foo", querystring_auth=False)

So if you have one bucket private and another bucket public, you can set the querystring_auth argument appropriately and get your desired behavior.

caesarsol
  • 2,010
  • 1
  • 20
  • 21
user2433326
  • 306
  • 3
  • 2
  • 1
    Thanks, but I have single bucket with different dirs. – chhantyal May 30 '13 at 07:01
  • 4
    still no problem. two seperate instances will do it `S3BotoStorage(bucket="foo", location="bar", querystring_auth=False)`` Your separation of private/public is media/static, you can just set different instances as backends. – Denis Cornehl Jun 04 '13 at 12:42
5

put this in your settings.py

AWS_QUERYSTRING_AUTH = False
Algorithmatic
  • 1,824
  • 2
  • 24
  • 41
  • Setting `AWS_QUERYSTRING_AUTH` to `False` worked for me and looks pretty strait forward in the code (https://github.com/jschneier/django-storages/blob/1.5.0/storages/backends/s3boto.py#L214) for both python 2 and 3. I'm running these verstions: boto==2.42.0 django-storages==1.5.1 – Aleck Landgraf Oct 11 '16 at 20:02
1

Another way to get around this is to set AWS_S3_CUSTOM_DOMAIN in your settings. @see: https://github.com/jschneier/django-storages/blob/master/storages/backends/s3boto.py#L478

(tested with boto==2.38.0 and django-storages-redux==1.3)

pawciobiel
  • 145
  • 10
1

You can create separate storage types for separate folders, directories and manage the access permission there.

With Django - create a file you can call "storage_aws.py" and add the following:

from storages.backends.s3boto3 import S3Boto3Storage

class PublicMediaStorage(S3Boto3Storage):
    location = 'media/location2/public'
    default_acl = 'public-read'
    file_overwrite = False
    querystring_auth=False

class PrivateMediaStorage(S3Boto3Storage):
    location = 'media/location1/private'
    default_acl = 'private'
    file_overwrite = False
    custom_domain = False
    querystring_auth=True

use default_acl to define the access (public or private) use location to define location - (you can specify paths) like

location1 = 'media/location1/private'
location2 = 'media/location2/public'

*Note the querystring_auth=False or True

Then when you define your model, you can specify which location to use for which model

from django.db import models
from appname.storage_aws import PublicMediaStorage, PrivateMediaStorage


class Upload(models.Model):
    file = models.FileField(storage=PublicMediaStorage())


class UploadPrivate(models.Model):
    file = models.FileField(storage=PrivateMediaStorage())

The private files will have query string while the public ones will not, as defined in the "storage_aws.py' file

matshidis
  • 489
  • 5
  • 11