Django + AWS S3存储桶:对S3存储桶的身份验证访问 [英] Django + AWS S3 Bucket: Authenticated Access to S3 Bucket
本文介绍了Django + AWS S3存储桶:对S3存储桶的身份验证访问的处理方法,对大家解决问题具有一定的参考价值,需要的朋友们下面随着小编来一起学习吧!
问题描述
我有一个带有特殊目录的S3存储桶,用于转储我想限制通过身份验证的用户的用户上传图像.它不仅应限于上传图像的用户.我真的在努力避免为此设置数据库模型.反正有什么办法阻止匿名成员阻止用户上传图片?
I have a S3 bucket with a special directory that I'm dumping user uploaded images that I want to restrict to authenticated users. It shouldn't be restricted to just the user that uploaded the image. I'm really trying to avoid setting up a db model for this. Is there anyway to block anonymous members from the user uploaded images?
因此,我有两个问题: 如何设置匿名用户阻止的S3存储桶? 和 我应该如何在is_authenticated条件内访问该存储桶?
So, I have two questions: How do I go about setting up an anonymous-user-blocked S3 bucket? AND How should I access this bucket within a is_authenticated conditional?
推荐答案
- 将存储桶ACL设置为私有.这将阻止除您(存储桶所有者)以外的任何人访问对象.
- 检查用户是否已通过身份验证,以及他们是否...
- 生成一个签名的URL ,这基本上是一个预先验证的请求,并将其提供给用户,然后用户可以在一段时间内请求该对象.
- Set the bucket ACL to private. This will stop anyone but you (the bucket owner) from accessing the objects.
- Check if the user is_authenticated and if they are...
- Generate a signed URL which is basically a pre authenticated request and give it to the user who can then request the object for some period of time.
这篇关于Django + AWS S3存储桶:对S3存储桶的身份验证访问的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
查看全文