I'm about to create a blog and wanted to host the content on Dropbox (only Markdown files, everything else is on my server) because I want to be able to quickly upload and edit posts from all my devices without having to get some FTP app on them.
So far I managed to access files via https://dl.dropboxusercontent.com/u/********/<sub-folder>/<file name>.md and like pointed out here I can get the last-modified attribute via etags.
However, I'm stuck at getting a file list (or a folder's metadata in general). Is this possible without using OAuth?
No, this isn't possible without using the API. But why are you against using the API?
Feel free to use my tool https://dbxoauth2.site44.com/ to get an OAuth access token for your account. Then just do an HTTP GET to https://api.dropbox.com/1/metadata/auto/<path> with an Authorization header of Bearer <token>. Ditto for getting the actual file contents, just use /files/auto/<path> instead.
Oh, unless you're doing this client-side in JavaScript? In that case, this won't work since you can't give your access token out to the client (where it could be abused by anyone who visited your website).
make "Public" folder and go https://www.dropbox.com/enable_public_folder
back to your dropbox folder (web) right mouse at file in public folder and chose "Copy public link..."
Update: As of September 1, 2017 public links have been disabled for all users.
https://help.dropbox.com/files-folders/share/public-folder
Related
What is the best way to password-protect a folder on IIS with a single set of credentials to be shared by a group of users?
Our hosting service offers Plesk, which in turn offers a "password-protected directory" function, but some of our clients have HTTP authorization disabled, so they get an automatic 401.4 error with no prompt for credentials.
I've looked into Forms authentication but this seems cumbersome to set up for the numerous separate domains at issue.
The protected content is not super sensitive, we just don't want it easily accessible to the public. Many of our users do not use the site frequently and we don't want to implement individual credentialing for everyone (we do have that in place for more sensitive sections) just so they can view current project reports or meeting minutes.
On sites I don't control, but am just a user, that do the same things as mine, it is a big pain to have to look up a username and password twice per year just to view a meeting agenda (yes, browser could remember but they also have a 4-month expiration and lots of us are on different devices all the time).
Is Forms authentication the way to go? Took a several hours for me to get it set up and working, with all sorts of settings not well documented in a single place.
(I had previously asked about how to disable Basic Auth on the client side, was told more than once it's not possible - but it is, via client/browser registry keys)
Thanks.
It's perfectly fine to use forms authentication. All you need to do is navigate to the folder or file you want to protect, then go to Authorization Rules. Add a deny rule for anonymous users, when users who are not logged in try to click on any file in that folder, they will be redirected to your login page. You can find a lot of guides on forms authentication in Google, you can refer to the following:
https://learn.microsoft.com/zh-CN/troubleshoot/developer/webapps/aspnet/development/forms-based-authentication
https://learn.microsoft.com/en-us/iis/application-frameworks/building-and-running-aspnet-applications/how-to-take-advantage-of-the-iis-integrated-pipeline
I've been fairly successful in using the Hubspot API. For example, I've written a PHP script (using the SevenShores HubSpot PHP API client) that lists out all companies and their file attachments.
Now I'd like to go a step further and download all of the file attachments. However, I didn't see an API endpoint for downloading an attachment. Any suggestions on how to do this?
I know that the meta-data returned from...
GET /filemanager/api/v2/files
.. includes the URL of the hosted files.
For example:
"type":"IMG", "updated":1381896526000,
"url":"http://cdn2.hubspot.net/hub/62515/file-352535575-png",
"version":1, "width":150
However, direct access to the URLs of the hosted files seems to be forbidden.
Thanks in advance!
I see this question is old, but since there are no other answers...
As far as I can see from various Hubspot forum posts (e.g. this one), attachments directly uploaded to a company, contact, or deal can't be downloaded through the API at all.
Attachments can only be downloaded if they were uploaded to the Hubspot file manager, in which case they're public and can also be downloaded by unauthorised users.
We want to use the Dropbox REST API to check if a file/folder has a shared link, and if so what permissions it has (e.g. is it password protected).
The only relevant API call seems to be /shares, which creates a public shared link if no shared link already exists. Calling it with the GET http verb also has the side effect.
Is there a way to check the shared link status without changing it?
No, it's not currently possible to just get shared link status/metadata like this on the Dropbox API, but we're tracking this as a feature request.
How do you log a user in and out in Flask using the Flask-Security extension?
I just started using flask-security, and going through the documentation here http://pythonhosted.org/Flask-Security/api.html , I can't really figure out how to explicitly log a user in and out, as well as authenticate the user before logging them in.
Flask-Security uses Flask-Login. So you can do the following as per documentation:
login_user(user) # where user is your user object
logout_user()
Obviously, you still need to write your views where you will validate the form submissions etc before calling these methods and do the proper template rendering or redirects as needed.
Go to the flask security configurations page here: http://pythonhosted.org/Flask-Security/configuration.html
and copy over all the default configuration values into your init.py file like:
app.config['SECURITY_LOGIN_USER_TEMPLATE'] = 'security/login_user.html'
etc...
Then you have to download the security file which contains all the html templates. Put that folder in your templates folder where you keep all the other html templates. You can use google to figure out where to download the folder as well as how to set up the rest of flask security. I had a lot of trouble figuring out flask security as well, but after poking around here and on google, I was able to get some of it working, so don't lose faith. Hope this helps.
I am attempting to use an S3 bucket as a deployment location for an internal, auto-updating application's files. It would be the location where the new version's files are dumped for the application to puck up on an update. Since this is an internal application, I was hoping to have the URL be private, but to be able to access it using only a URL. I was hoping to look into using third party auto updating software, which means I can't use the Amazon API to access it.
Does anyone know a way to get a URL to a private bucket on S3?
You probably want to use one of the available AWS Software Development Kits (SDKs), which all implement the respective methods to generate these URLs by means of the GetPreSignedURL() method (e.g. Java: generatePresignedUrl(), C#: GetPreSignedURL()):
The GetPreSignedURL operations creates a signed http request. Query
string authentication is useful for giving HTTP or browser access to
resources that would normally require authentication. When using query
string authentication, you create a query, specify an expiration time
for the query, sign it with your signature, place the data in an HTTP
request, and distribute the request to a user or embed the request in
a web page. A PreSigned URL can be generated for GET, PUT and HEAD
operations on your bucket, keys, and versions.
There are a couple of related questions already and e.g. Why is my S3 pre-signed request invalid when I set a response header override that contains a “+”? contains a working sample in C# (aside from the content type issue Ragesh is experiencing of course).
Good luck!