了解文件存储和保护内容Laravel 5 [英] Understanding file storage and protecting contents Laravel 5

问题描述

我需要帮助来了解Laravel的文件存储系统.我正在创建一个需要上传用户驾驶执照照片的应用程序.这显然是敏感信息.除非管理员正在查看，否则我想将此图像保留在Internet之外.我的理解是，我必须将内容保存到storage> app> public的public目录中，并创建一个指向public> storage文件夹的符号链接.我已经完成了，并且工作正常.我保存了数据库的路径，程序可以显示它，但是如果可以避免的话，我不希望东西放在公共文件夹中.

I need help understanding Laravel's file storage system. I'm creating an app where I need to upload a users drivers license photo. This is obviously sensitive information. I would like to keep this image off of the internet unless an admin is viewing it. My understanding is that i have to save things to the public directory in the storage>app>public and create a symlink to the public>storage folder. I have this done and it's working fine. I save the path to the database and the program can display it, but I don't want things to be in the public folder if I can avoid it.

有什么方法可以将图像/文件保存到存储系统中的私有文件夹，然后通过视图访问它?如果执行此操作，是否将映像保留为私有"，以便不将其存储在不在公共"文件夹中的生物的高速缓存中?符号链接是否以我想要的方式保护存储文件夹中的文件，或者确实使所有文件可供公众使用?

Is there any way to save an image/file to a private folder in the storage system then access it through the view? If I do this, does it keep that image "private" so that it's not stored in a cache somewhere beings that it's not in a "public" folder? Does the symlink protect files in the storage folder in the way I'm wanting or does it truly make all files available to the public?

任何帮助您理解这一点的人都会感激不尽.

Any help in understanding this would be appreciated.

推荐答案

您所说的是正确的storage/app/public中的文件是公开的.这就是为什么您必须创建一个私有目录(例如说storage/app/private)，然后在此处上传您的敏感文件的原因.

What you've said is correct the files in storage/app/public is public. This is why you have to create a private directory, lets say storage/app/private, then upload your sensitive files here.

您可能想在config/filesystems.php中添加磁盘:

You may want to add a disks in your config/filesystems.php:

'private' => [
    'driver' => 'local',
    'root' => storage_path('app/private'),
],

如果要访问您的私人文件.为此创建一条路线:

If you want to access your private files. Create a route for this:

Route::get('/private-files/{file?}','FileController@get')->where('file', '(.*)');

然后在FileController.php中，您将看到类似的内容(这只是一个示例，请在此处编辑代码以检查用户是否为admin):

Then in the FileController.php, you will have something like this (this is just an example, edit the code here to check if the user is admin):

<?php
namespace App\Http\Controllers;

use Auth;
use Storage;
use App\Http\Controllers\Controller;

class FileController extends Controller {

    public function __construct()
    {
        $this->middleware('auth');
    }

    public function get($file)
    {
        return Storage::disk('private')->get($file);
    }

 }

这篇关于了解文件存储和保护内容Laravel 5的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！