This entry talks about serving private media from a django REST webservice, developed with django REST framework, to angularjs, in a scenario which uses a token authentication schema and CORS requests.
The problems to face
Let's see the problems we have to deal with.
- Media with django are normally served directly by the web server, so they are out of the authentication/permission logic of the application
- The token authentication schema needs every request to contain an header 'Authentication' part providing the token key (also when requesting files ...