Attachement_fu and protecting files from download

Rails
1

I successfully installed attachement_fu but I still
have one question:

How can I protect my uploaded files from being downloaded like

http://127.0.0.1:3000/images/galleries/0000/0001/1.jpg

I only what logged in users to download images?

Thanx.


Jochen K.
gissmoh.de, figgfrosch.de, ror-ror.de

2

jochen kaechelin wrote:

This has been asked a few times in the past (though I don’t have links
handy) but basically:

  1. You’ll need to save files to a non-public directory (I’ve done this
    with file_column but I expect it’s possible also with attachment_fu)
  2. Add a controller action that will use send_file to send the file to
    the browser
  3. Add a before_filter to make sure that the user is logged in.

Cheers,
Mohit.
7/11/2007 | 12:13 AM.

3

On Jul 10, 8:47 am, jochen kaechelin [email protected] wrote:


Jochen K.
gissmoh.de, figgfrosch.de, ror-ror.de

google for “protected download” or “secure download” or authenticated,
etc

http://www.bencurtis.com/archives/2006/11/serving-protected-downloads-with-rails/
http://robertrevans.com/article/files-outside-public-directory

4

You might also be interested in this discussion:
http://groups.google.com/group/WellRailed/browse_thread/thread/b2b925ea74a605df/

Cheers,
Walter

5

Correction. send_data and not send_file.

-Pratik

On 7/10/07, Mohit S. [email protected] wrote:

  1. Add a before_filter to make sure that the user is logged in.

Cheers,
Mohit.
7/11/2007 | 12:13 AM.


http://m.onkey.org

6

Pratik wrote:

Correction. send_data and not send_file.

-Pratik

Thanks! Of course, that’s what I meant :stuck_out_tongue:

Cheers,
Mohit.
7/11/2007 | 12:28 PM.