Forum: Ruby on Rails upload file above /public, authenticate before serving?

Announcement (2017-05-07): www.ruby-forum.com is now read-only since I unfortunately do not have the time to support and maintain the forum any more. Please see rubyonrails.org/community and ruby-lang.org/en/community for other Rails- und Ruby-related community platforms.
Robbie S. (Guest)
on 2006-03-01 07:40
I have file uploads to the database and stored in a longblob working on
our client extranet, except that it kills mysql/activeRecord on files
bigger than about 200kb. (is there a reason for this - running mysql
5.0.18, lighttpd or webrick on winxp??)

So I'm now thinking about whether its possible to do either:

1) upload a file into #rails_root/some_folder/ instead of
/public/some_folder, store a reference to the file in the db instead and
somehow serve it up to authenticated users

or 2) upload the file into /public/folder but find a way of only serving
up the files to authenticated users (I'm currently using login_system.rb
to authenticate users)

anyone have any ideas? I'm stumped...
Roberto S. (Guest)
on 2006-03-01 17:47
(Received via mailing list)
If you are using lighttpd, there is secure download mod, so you can
store
the files outside public and authenticated users can get a specially
formatted url with limited lifetime, and the files gets served by the
webserver. If you set the time low, you don't have to worry about
hot-linking.
This topic is locked and can not be replied to.