Forums

instance_path

I am configuring my code so that only users with permission can access certain files on my flask app. To do so I need to set the instance_path correctly. I have it set correctly locally when testing and it works, but it doesn't seem to work on pythonanywhere even though I have changed to instance_path. Can I just check, I am using the correct path please? I have it set to:

app = Flask(__name__, instance_path='/home/damianreid/mysite/application/protected')

Does this seem correct to ensure files in the protected folder are not accessed? thanks

Beloved premium user damianreid | 11 posts | Nov. 28, 2023, 5:33 p.m. | permalink

That looks like you've set the instance_path to a path. Make sure that the path is where you want it to actually point. What do you mean by "not working"?

Staff glenn | 279 posts | PythonAnywhere staff | Nov. 28, 2023, 6:14 p.m. | permalink

I’m trying to protect anything in that folder from being accessed which is in the ‘protected’ folder unless the user is logged in. When running on localhost, if I click on a url link for a file in that folder then the file downloads (I have instance ‘protected’ folder set as the local location when running on localhost). When then change the location to the path for pythonanywhere and upload then it fails and I get the redirected page. Here is my code:

In the template:

                    <a href="protected/papers/seag_practice_paper_001.pdf" class="btn btn-primary quizselect">Download</a>

In my routes:

def special_requirement(f):
    @wraps(f)
    def wrap(*args, **kwargs):
        try:
            if session['username'] is True:
                return f(*args, **kwargs)
            else:
                return redirect(url_for('contact'))
        except:
            return redirect(url_for('login'))
    return wrap

@app.route('/protected/<path:filename>')
@special_requirement
def protected(filename):
    try:
        return send_from_directory(
            os.path.join(app.instance_path, ''),
            filename
        )
    except:
        return redirect(url_for('index'))

When I attempt to download the file from the template with the link, I get redirected to the index page. I was wandering if I had set the instance_path incorrectly as it works when set to the local path location, any idea? Thanks

Beloved premium user damianreid | 11 posts | Nov. 28, 2023, 7:11 p.m. | permalink

sincere apologies, I got it sorted, I had simply not uploaded the files, thanks for the help

Beloved premium user damianreid | 11 posts | Nov. 28, 2023, 8:16 p.m. | permalink

OK, glad to hear you worked it out!

Staff giles | 225 posts | PythonAnywhere staff | Nov. 29, 2023, 6:40 p.m. | permalink