You should not map the URLs directly to your qrcode paths in Nginx, and instead use Django URLs to control the access.
You can use Nginx’s X-Accel header functionality to redirect the user to the actual file without showing the real link. Google for “Using NGINX’s X-Accel with Remote URLs” on how to do that. You should also utilize expiring links for extra security. S3 supports expiring links but I’m sure others do, too. On Mon, Apr 19, 2021 at 6:21 AM Tal Bar-Or <tba...@gmail.com> wrote: Hello, > > i have a project that create qrcode per user one to one relation, i > discover that this media qr iame can be access if url is known . > > Can somone please help me with best practice to Protect Django media files > per user basis and also under NGINX for later production > > Please advice > > Thanks > > -- > You received this message because you are subscribed to the Google Groups > "Django users" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to django-users+unsubscr...@googlegroups.com. > To view this discussion on the web visit > https://groups.google.com/d/msgid/django-users/cac7d1c4-f2df-4b94-9fa5-01260634afbbn%40googlegroups.com > <https://groups.google.com/d/msgid/django-users/cac7d1c4-f2df-4b94-9fa5-01260634afbbn%40googlegroups.com?utm_medium=email&utm_source=footer> > . > -- You received this message because you are subscribed to the Google Groups "Django users" group. To unsubscribe from this group and stop receiving emails from it, send an email to django-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/django-users/CAMZO7wJTUA9Y702vQ3hd6JbdTjLx%2BeqfzwX_RL%2BP_NUKnyZCqg%40mail.gmail.com.
