Protected static files with a flask

Question

Protected static files with a flask

I am creating a flash application and I want it to serve some static files only if the user is authenticated. This is a very low traffic application (internal use only). How can i do this? One thing that I was thinking about is to use serve_static () and put it for authentication, but it uses a static directory in which the checkbox already serves the content.

+6

python security flask static password-protection

marcog Aug 25 '12 at 1:02

source share

1 answer

Sean vieira · Accepted Answer · 2012-08-25T01:36:38+0000

Just subclass flask.Flask and override the send_static_file method:

 class SecuredStaticFlask(Flask): def send_static_file(self, filename): # Get user from session if user.is_authenticated(): return super(SecuredStaticFlask, self).send_static_file(filename) else: abort(403) # Or 401 (or 404), whatever is most appropriate for your situation

See also definition of send_static_file and following

Protected static files with a flask

More articles: