Forum: Ruby on Rails securing a file

Announcement (2017-05-07): www.ruby-forum.com is now read-only since I unfortunately do not have the time to support and maintain the forum any more. Please see rubyonrails.org/community and ruby-lang.org/en/community for other Rails- und Ruby-related community platforms.
Dor Kalev (Guest)
on 2006-06-13 22:35
Hi,
I want to allow the downloading of specific file only to authorized
user,
lets say an MPEG.

where do I start? ;-)

Thx,
Dor.
Trevor Turk (Guest)
on 2006-06-13 23:45
(Received via mailing list)
I don't know how far back you want to start, but I've done a Wordpress
plugin in PHP that does something like this:

http://www.almosteffortless.com/wordpress/secure-files/

The basic idea is that you have to store the file above the web root,
and
then use your code to access it - instead of just linking to it.

So, you're going to have to figure out how to save files above or
outside of
the web root, then how to check that a user is logged in
(acts_as_authenticated?), and then how send those files to the user
(that's
the readfile function in PHP).

That's the best I can do.

- Trevor
22eaa9e4501ca2a43160d2c06bed8844?d=identicon&s=25 Gokhan A. (sylow)
on 2006-06-14 00:03
Dor Kalev wrote:
> Hi,
> I want to allow the downloading of specific file only to authorized
> user,
> lets say an MPEG.
>
> where do I start? ;-)
>
> Thx,
> Dor.

If you are using lighttpd check out mod_secdownload module, I use it few
places and works like charm.

Gokhan
www.sylow.net
This topic is locked and can not be replied to.