I am building a flask application, and I want it to serve some static files only if the user is authenticated. It's a very low-traffic application (for internal use only). How would I go about this? One thing I was thinking of is using serve_static(), and putting that behind an authentication check but that uses the static directory which flask already serves content from.
Simply subclass flask.Flask
and override the send_static_file
method:
class SecuredStaticFlask(Flask):
def send_static_file(self, filename):
# Get user from session
if user.is_authenticated():
return super(SecuredStaticFlask, self).send_static_file(filename)
else:
abort(403)
# Or 401 (or 404), whatever is most appropriate for your situation
See also the definition of send_static_file
and following
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With