Non-public image upload

Question

By default, Django uploads images to the MEDIA_ROOT setting, which is assumed to be a publicly accessible directory.

I don't want users to be able to upload images and to have those images immediately accessible. Instead, I want the images to be uploaded to a non-public tmp directory. Later on, a site moderator will approve images in django-admin, which will move them to a public image directory.

The catch is that the site moderators need to be able to view the images stored in the tmp directory in order to approve them. So, those images need to be served from the web server, but can't be accessible to users who aren't moderators.

How do I:

1. Extend ImageField to store images in a directory other than MEDIA_ROOT
2. Protect temporary images so that they are only viewable by site moderators before they are approved?

Answer 1

Re 2: completely protecting them on django level is impossible, since static media is served by the webserver, bypassing django entirely. What you could do instead, is to create a directory /private/ in your media source and protect it using normal apache means - eg .htaccess;

Though hash, which was suggested earlier, seems like a better method to me.