CODEWITHSUNDEEP
djangoapachemod-wsgi
Yuval Adam
Yuval Adam

Reputation: 165212

Deploying a Django app on Apache + mod_wsgi with HTTP auth

Is it possible to deploy a Django app on Apache + mod_wsgi (the standard way) but with HTTP authentication in front of the whole thing?

Basically, I need an extra layer of HTTP security before any user, Django-authenticated or anonymous, is even able to reach the app.

Is this possible? If so, where do the Apache auth directives go?

Upvotes: 2

Views: 1473

Answers (2)

MattH
MattH

Reputation: 38247

Yes, it's possible.

With mod_wsgi on /, any resources to be provided by apache need to be listed as aliases.

Auth directives and host restrictions live in Location directives.

So I've disabled any apache access restrictions on things like css, and provided host/ip based access to another directory.

<VirtualHost *:80>
        Servername              app.domain.example
        CustomLog               logs/access_log combined
        ErrorLog                logs/error_log
        DocumentRoot            "/home/app/apache/app/html"

        Alias /media/           /home/app/apache/app/html/media/

        <Location />
                Options None
                AuthType                Basic
                AuthName                "Login Prompt"
                AuthUserFile            /path/to/passwd.file
                Require                 valid-user
        </Location>

        <Location /media>
                Order allow,deny
                Allow from all
                Satisfy any
        </Location>

        WSGIDaemonProcess       app user=app group=app processes=5 threads=1 display-name=app_WSGI
        WSGIProcessGroup        app
        WSGIScriptAlias         /       /home/app/apache/app.wsgi
</VirtualHost>

Upvotes: 2

bmihelac
bmihelac

Reputation: 6323

Sure, here is example from one site:

<VirtualHost *:80>
  ServerName djangoproject.domain.biz

  DocumentRoot "/home/user/websites/djangoproject/website/"

  WSGIDaemonProcess djangoproject python-path=/home/user/.virtualenvs/djangoproject/lib/python2
.6/site-packages/ user=user group=user threads=1
  WSGIProcessGroup  djangoproject
  WSGIScriptAlias / /home/user/websites/djangoproject/website/django.wsgi

  <Directory "/home/user/websites/djangoproject/website/">
    Order deny,allow
    Allow from all

    AuthType Basic
    AuthName "By Invitation Only"
    AuthUserFile /etc/apache2/passwords
    Require valid-user
  </Directory>

</VirtualHost>

Upvotes: 2

Related Questions