Set password on file

dubstep · April 13, 2011, 1:38pm

User must have opportunity to set password on their files.
So what would be the best way to implement it?
Is there any gems?
Regards,
Ivan.

skywriter · April 13, 2011, 2:26pm

We don’t have the faintest idea as to what you are talking about.

Please explain the use case for this feature.

skywriter · April 13, 2011, 2:42pm

Hi Peter, sorry i don’t really know english well.
I have small application. User can upload files. Files could be public
or private. And if a user decided to make file private he could set
password on file. So if any other user want to get acces to the
private file he need password.
Is it a little bit clearer?
Thanks.

On Apr 13, 6:24pm, Peter H. [email protected]

skywriter · April 13, 2011, 3:24pm

Do you have a model for the uploaded files. This could have a field
for the password.

When presenting a link to the file, if it has a password then user is
redirected to a screen to fill out the password and if it matches they
can download the file.

The thing to watch out for is that the link for the protected file
should be a one time url so that anyone who copies the final link will
not be able to download the file.

skywriter · April 13, 2011, 3:49pm

The thing to watch out for is that the link for the protected file
should be a one time url so that anyone who copies the final link will
not be able to download the file
That’s the goal of this feature

skywriter · April 13, 2011, 3:59pm

For the moment lets create a model for one off downloads that have:

file_id (from the file model)
uid (a random value)

When the user has successfully filled in the password create a new
entry in the OneOffDownload model and present them with a link such as
/secure_download/<uid - from the OneOffDownload file>. If the link is
accessed within 10 minutes of the created_at time_stamp (for example)
let them download the file, otherwise present an error page and let
them reenter the password.

skywriter · April 13, 2011, 4:57pm

Lets say :file_id => 1, :uid => 9
Link would be look like /secure_download/9
How user gonna get the file? Aren’t user would see the original link
to file while downloading?

On Apr 13, 7:58pm, Peter H. [email protected]

skywriter · April 13, 2011, 5:16pm

Thanks a lot, Peter.
I got all pieces together now.

On Apr 13, 9:10pm, Peter H. [email protected]

skywriter · April 13, 2011, 5:12pm

On 13 April 2011 15:56, Ivan K. [email protected] wrote:

Lets say :file_id => 1, :uid => 9
Link would be look like /secure_download/9
How user gonna get the file? Aren’t user would see the original link
to file while downloading?

When you render the links to the files, assuming that there is a page
with a list of their files on it, you render /ordinary_download/xxx
for a file without a password and /enter_password/yyy for a file with
a password. If they successfully enter the password on the
enter_password page create the OneTimeDownload entry and give them the
link /secure_download/037GA738AE from which they can download the
file.

You should also check that the /ordinary_download/xxx link (when
accessed by the controller) does not have a password associated so
that they can’t just enter /ordinary_download/yyy in the browser.