Home > other >  How can I hide current uploaded image location path in django?
How can I hide current uploaded image location path in django?

Time:05-30

I have made a feature in Django where every user can change his platform's logo. The image selected by the user will be saved in static/{user.customer.public_id}/platformLogo/image.jpg. When i save the changes, i can see the uploaded image's path which also contain unique public ID which i don't want user to see for security purpose. Can anyone help me to hide this image path in Django for user? Attaching my code part here below.

Here we can see the image path which has unique ID in path, which we need to hide

Here is the uploaded image path directory

Here is my models.py

from sre_constants import CATEGORY
from unicodedata import category
from attr import fields
from django.db import models
from datetime import date
from django.contrib.auth.models import User
import uuid

def upload_path(instance, filename):
    filename = str(date.today())
    name = instance.user.customer.public_id.hex
    return f'{name}/platformLogo/{filename}.jpg'


class Customer(models.Model):
    user = models.OneToOneField(User, null=True, blank =True, on_delete=models.CASCADE)
    public_id = models.UUIDField(primary_key=True, default = uuid.uuid4, editable=False)
    date_created = models.DateTimeField(auto_now_add=True, null=True)
    name = models.CharField(max_length=200, null=True)
    otp_code = models.CharField(max_length=6, null=True)
    first_name = models.CharField(max_length=200, null=True)
    last_name = models.CharField(max_length=200, null=True)
    email = models.CharField(max_length=200, unique=True)
    phone = models.CharField(max_length=200, null=True)
    profile_pic= models.ImageField(upload_to=upload_path, default='logo.png', null=True, blank=False,)

def __str__(self):
    return self.name

Here is my views.py

@login_required(login_url='login')
def accountSetting(request):
    customer = request.user.customer
    form = CustomerForm(instance= customer)

    if request.method == 'POST':
        form = CustomerForm(data=request.POST, files=request.FILES, instance=customer)
        if form.is_valid():
            form.save()

    context = {'form': form}
    if request.user.is_anonymous:
        return redirect("/") 
    return render(request, 'account-settings.html', context)

Here is my forms.py

from django.forms import ModelForm
from django.contrib.auth.forms import UserCreationForm
from django.contrib.auth.models import User
from .models import Customer
from django import forms


class CustomerForm(ModelForm):
    class Meta:
        model = Customer
        fields  = '__all__'
        exclude = ['user', 'email','name','otp_code']


class CreateUserForm(UserCreationForm):
    class Meta:
        model = User
        fields  = ['username','first_name','last_name', 'email', 'password1', 'password2']

Here is settings.py

STATIC_URL = '/static/'
STATICFILES_DIRS = [os.path.join(BASE_DIR, 'static')]

MEDIA_URL = '/platformLogo/'
MEDIA_ROOT = os.path.join(BASE_DIR, 'static/platformLogo')

CodePudding user response:

Since you already made public_id UUID, why not hash the logo and image name?

CodePudding user response:

In Django environments I’ve used xsendfile with Apache or nginx. You end up placing the images in a folder that is accessible by Apache and served by apache, but can only be served after a request to the Django backend. It prevents all of the logos being visible to prying eyes.

Page link:https//www.codepudding.com/other/424529.html

Prev:django.contrib.admin.sites.NotRegistered: The model User is not registered
Next:How to put up new content some part of a div is pressed
  • Related

About Us:  Contact Us      Terms of Service       Privacy Policy

Copyright © 2010-2023,Powered By CodePudding