Hi Tim, > I've read the docs for authentication but I can't see how I can replicate > existing functionality I have using php. > > I have a directory /private on the web server, marked using .htaccess > and .htpasswd to only allow access if a username is passed. Anything I put > inside this directory (images, html etc) all require the password before the > asset can be returned to the browser.
Firstly, there is a big difference between PHP's filesystem based architecture and Django's MVC-like one. Assuming that you are following the Django recommendation of serving your media files directly through Apache (or another web server), you can continue to use your .htaccess files at least for your media files. To secure your Django "views" with authentication, you will need to use Django's authentication facility. If you want to make Apache use a Django auth backend, take a look at: http://www.djangoproject.com/documentation/apache_auth/ > > Is there any way to do this with django auth? I need to have confidence that > nothing can be returned (including direct image urls) from the /private > directory without login. Can I use http .htaccess style authentication with > django? If you're using the /private filesystem directory to hold just your media files (i.e. /private/* does not map on to any Django views) *and* if you're using Apache to server those /private/* media files directly (i.e. not using Django's static media serving DEVELOPMENT- ONLY NON-PRODUCTION-USE[1] feature), the .htaccess method of securing those files will work fine. -Rajesh Dhawan [1] http://www.djangoproject.com/documentation/static_files/ --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Django users" group. To post to this group, send email to django-users@googlegroups.com To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/django-users?hl=en -~----------~----~----~----~------~----~------~--~---