0

I've an application where my users create a video-file (mp4) which is saved as a Filefield in the model.

In my view I add the object (model) to the context of a TemplateView class.

In my HTML I use the video tag and use the "src" to add the url and to display the video. I restrict the view to the owner only.

This all works fine.

But now anyone can see the videos if they get the url (used in "src"). How can I restrict access the the files ?

jefferson
  • 105
  • 1
  • 9
  • 3
    Does this answer your question? [Restricting access to private file downloads in Django](https://stackoverflow.com/questions/28166784/restricting-access-to-private-file-downloads-in-django) – Mehrdad Moradi Jul 28 '22 at 14:49
  • @MehrdadMoradi, it does ... I changed my nginx settings to use XSendfile. But this gives another issue. Then my videos cannot play on iOS anymore .... ? [Nginx XSendfile](https://www.nginx.com/resources/wiki/start/topics/examples/xsendfile/) – jefferson Jul 28 '22 at 14:53
  • Please [edit](https://stackoverflow.com/posts/73154226/edit) your question and include that information as it may help someone identify your issue more quickly. – Mehrdad Moradi Jul 28 '22 at 14:54
  • @MehrdadMoradi, it doesn't work ... seems that all solutions are about downloading a file. I do want to play a video. – jefferson Jul 28 '22 at 17:30

0 Answers0