我应该将图像上传到Django中的静态目录吗? [英] Should I upload images to a static directory in Django?
问题描述
我有一个包含图像字段的模型.
I have this model containing an image field.
from django.db import models
from django.contrib.auth.models import User
class Customer(models.Model):
user = models.ForeignKey(User)
name = models.CharField(max_length=127)
logo = models.ImageField(upload_to='customer/logo', null=True, blank=True)
def __str__(self):
return self.name
在我看来,我从指定的url下载图像并将其存储在image字段中.为了进行测试,我将测试用户用作外键.
In my view, I download the image from the specified url and store it in the image field. For testing, I use a test user as foreign key.
import json
import urllib.request
from django.core.files.base import ContentFile
from django.http import HttpResponse
from django.contrib.auth.models import User
from customer.models import Customer
def create(request):
values = json.loads(request.body.decode('utf-8'))
values['user'] = User.objects.get(id=1)
values['logo'] = ContentFile(urllib.request.urlopen(values['logo']).read(),
'test.png')
model = Customer.objects.create(**values)
return HttpResponse('Created customer with ' + str(values))
图像已按预期上传到customer/logo/test.png
.现在,如何在前端显示这些图像?我可以将它们保存到静态文件目录中,但是只有相关用户才能访问它.
The image gets uploaded to customer/logo/test.png
as expected. Now, how can I display those images in the frontend? I could save them into the static files directory, but only the related user should be able to access it.
(顺便说一句,Django管理界面显示有一个为Customer
对象上传的文件.但是它链接到http://localhost:8000/admin/customer/customer/20/customer/logo/test.png
,该位置错误并导致找不到页面.)
(By the way, Django admin interface shows that there is a file uploaded for the Customer
object. But it links to http://localhost:8000/admin/customer/customer/20/customer/logo/test.png
which is a wrong location and leads to a not found page.)
推荐答案
FileField
和ImageField
的文件是相对于settings.MEDIA_ROOT
上载的,并且应使用与settings.MEDIA_URL
相同的相对文件名进行访问.这就是为什么您的管理界面指向错误的URL的原因.出于安全原因,它们应该与STATIC_ROOT
和STATIC_URL
不同,否则Django将引发ImproperlyConfiguredError
.
The files for FileField
and ImageField
are uploaded relative to settings.MEDIA_ROOT
and should be accessible by the same relative filename appended to settings.MEDIA_URL
. This is why your admin interface points to the wrong url. For security reasons these should be different than STATIC_ROOT
and STATIC_URL
, otherwise Django will raise an ImproperlyConfiguredError
.
这不会阻止用户访问他们不知道的文件(如果他们知道或可以猜到该URL).为此,您将需要通过Django而不是您选择的Web服务器来提供这些私有文件.基本上,您需要在Web根目录级别下指定一个私有目录,并且如果用户有权查看这些文件,则需要加载这些文件.例如:
This will not prevent users from accessing files they shouldn't see, if they know or can guess the url. For this you will need to serve these private files through Django, instead of your web server of choice. Basically you need to specify a private directory under the web root level, and you need to load these files if the user has permission to see the file. E.g.:
from django.core.files.storage import FileSystemStorage
PRIVATE_DIR = os.path.join(ROOT_DIR, 'web-private')
fs = FileSystemStorage(location=PRIVATE_DIR)
class Customer(models.Model):
logo = models.ImageField(upload_to='customer/logo', storage=fs, null=True, blank=True)
在您看来,您将必须提供此文件.我当前项目中的一个自定义应用程序使用以下功能发送静态文件:
In your view you will have to serve this file. One of the custom apps on my current project uses the following function to send static files:
import mimetypes
from django.http import HttpResponse # StreamingHttpResponse
from django.core.servers.basehttp import FileWrapper
def send_file(file):
"""
Send a file through Django without loading the whole file into
memory at once. The FileWrapper will turn the file object into an
iterator for chunks of 8KB.
"""
filename = file.name
if settings.PRIVATE_MEDIA_USE_XSENDFILE:
# X-sendfile
response = HttpResponse()
response['X-Accel-Redirect'] = filename # Nginx
response['X-Sendfile'] = filename # Apache 2, mod-xsendfile
# Nginx doesn't overwrite headers, but does add the missing headers.
del response['Content-Type']
else:
# Can use django.views.static.serve() method (which supports if-modified-since),
# but this also does the job well, as it's mainly for debugging.
mimetype, encoding = mimetypes.guess_type(filename)
response = HttpResponse(FileWrapper(file), content_type=mimetype)
response['Content-Length'] = os.path.getsize(filename)
return response
,然后在视图中使用send_file(customer.logo)
.
And then use send_file(customer.logo)
in your view.
Django> = 1.5应该使用新的StreamingHttpResponse
而不是HttpResponse
.
Django >= 1.5 should use the new StreamingHttpResponse
instead of HttpResponse
.
这篇关于我应该将图像上传到Django中的静态目录吗?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!