Password Protecting Documents with Rails Authentication


#1

Hello all,

I’m working on a project which involves users uploading and downloading
documents. I am using the file_column plugin to do this.

The file_column device stores the documents in the public folder, in the
folder documents. What I would like to do is require that a user be
authorized before they download a document from that directory. What
suggestions do you have on the best way to go about this?

My thought is to create a controller that intercepts all requests for
that directory, and then if the user is logged in it will allow the
download by passing the data manually. I really wish there were a more
elegant method, however.

Thanks


#2

Helo Bryan,

If you are using lighttpd then check out

http://trac.lighttpd.net/trac/wiki/Docs%3AModSecDownload

I used it for image download website successfully. It is
straightforward.

Good luck
Gokhan A.
www.sylow.net

Bryan C. wrote:

Hello all,

I’m working on a project which involves users uploading and downloading
documents. I am using the file_column plugin to do this.

The file_column device stores the documents in the public folder, in the
folder documents. What I would like to do is require that a user be
authorized before they download a document from that directory. What
suggestions do you have on the best way to go about this?

My thought is to create a controller that intercepts all requests for
that directory, and then if the user is logged in it will allow the
download by passing the data manually. I really wish there were a more
elegant method, however.

Thanks


#3

Hey,

There is a bit of discussion about this on this post:
http://groups.google.co.uk/group/rubyonrails-talk/browse_thread/thread/9b94c53a6733e596/f3d5aa3a8beb82c4?lnk=gst&q=protect+files+directory&rnum=1&hl=en#f3d5aa3a8beb82c4

Steve