Django ImageField S3 Storage private and public access according to the model's boolean field


As the topic reads, I have an ImageField on a model and a BooleanField.

I am using S3 storage backend.

According to the BooleanField, I want to make the image public or private.

How can I do this?

By public, do you mean that everyone (included unauthenticated people) can retrieve that image, or is access restricted to individuals authenticated to the web site?

By private, if “public” means “everyone”, does this mean only authenticated people? Or does private mean access is only granted to a small subset of authenticated people?

How are you serving these files through your site? Is Django serving them? Or nginx? (or apache or lighthttp, etc) Or directly from S3 urls?

Is there any intent to handle the option that you could provide a URL that won’t be immediately retrieved as part of a page? (For example, providing a link on a page to “Show (or Download) Image”, where there might be minutes of time between when the link is generated and when it’s used.)

Are you at all concerned about the possibility that someone who does have access, saves the url for a “private” image and shares that url with other people?

These are all slightly different situations with different options for handling them and so the answers are going to depend upon the precise intended behavior of “public” and “private”.

Public means you can download/access image without token but only with url to the image.
Private means you need to authenticate to get the image with AWS_ACCESS_KEY_ID and AWS_SECRET_ACCESS_KEY.

Hope this makes sense.

Hi @KenWhitesell
Any idea?

I asked a bunch of questions about your requirements - I really can’t provide any specific help without knowing a lot more about your target environment and objectives.

The most direct route to doing this is to apply per-object ACLs on the files in AWS - but that’s not the easiest to implement or manage - and it’s probably not the method I would choose - but then my requirements are likely to be different than yours.