Vector Tiles Group Access

Django-Geostore has a mecanism to authorize only some django’s user Groups to access layer’s on vector tiles.

This can be used to manage layer access through vector tiles.

Here we’re going to describe how it works.

Where to add a group

Each layer has a ManyToMany relationship to django’s Group model, that authorized only users present is thoses groups to have access to thoses layers through vector tiles.

You can add a group, with the normal django’s ORM API:

from django.contrib.auth.models import Group
from geostore.models import Layer
g = Group.objects.first()
l = Layer.objects.first()


Then ?

Then, you can generate the autheticated URL by using a QueryString like above, where user_groups are a list of user_groups names, and layergroup is the group of the layer:

from geostore.tokens import tiles_token_generator
querystring = QueryDict(mutable=True)
    "idb64": tiles_token_generator.token_idb64(
        user_groups, layergroup
    "token": tiles_token_generator.make_token(
        user_groups, layergroup

tilejson_url = reverse("group-tilejson", args=(layergroup.slug,))
authenticated_url = f"{tilejson_url}?{querystring.urlencode()}"

You’ll have available an authenticated url, this will filter layers in tiles that are accessible to the authenticated user groups.

All authenticated informations will be provided by the authenticated tilejson, that will provide to frontend all authenticated urls.

Usually, mapbox needs only the tilejson, geostore will do all the remaining work.