Serve private media with angular, DRF, CORS and token authentication
A long time has passed since my last post, I was fighting hard with a project learning django REST framework and angularjs, and now time has come to share some interesting knowledges.
This entry talks about serving private media from a django REST webservice, developed with django REST framework, to angularjs, in a scenario which uses a token authentication schema and CORS requests.
The problems to face
Let's see the problems we have to deal with.
- Media with django are normally served directly by the web server, so they are out of the authentication/permission logic of the application
- The token authentication schema needs every request to contain an header 'Authentication' part providing the token key (also when requesting files ...
