通过Auth Controller保护资产/媒体文件夹安全吗? Laravel 5.2 [英] Secure Asset/Media Folder through Auth Controller ? Laravel 5.2

问题描述

我有公共/资产/媒体/文件夹

I have public/Asset/Media/folder

我可以像下面一样公开访问此文件.

I can access this file publicly like below.

http://localhost/myapp/public/Asset/Media/1/phpunit.xml

类似地，资产/媒体"文件夹中还有其他正在动态创建的文件夹.

Similarly there are other folders in the Asset/Media folder which are being created on the fly.

这些子文件夹中也有很多文件，资产/媒体文件夹中也有文件

There are many files also present in those sub folder and are also present in Asset/Media folder

有什么办法，如果我尝试访问Asset/Media文件夹中的任何文件或Asset/Media文件夹的子文件夹中存在的任何文件，由于未完成身份验证，应该将我重定向到登录页面吗?

Is there any way, such that if I try to access any file in Asset/Media folder or any file present in the sub folder of Asset/Media folder, I should be redirected to login page because authentication is not done?

我的意思是，我可以使用Auth中间件来保护此文件夹吗?如果是这样，是否必须从Android应用程序访问文件，这是一种有效的方法?

I meant, can i use Auth Middleware to secure this folder? if so, Is it a valid approach if we have to access the files from a Android App?

推荐答案

我的示例网址在这里:

http://domainname.com/storage/Asset/Media /1/filename.txt

http://domainname.com/storage/Asset/Media/1/filename.txt

我的路线

Route::get('/storage/Asset/Media/{ID}/{file}', array(
    'as' => 'Files',
    'uses' => 'User\Account\Media\MediaController@DownloadMedia',
));

控制器操作方法

public function DownloadMedia($ID) {
    $headers = array(
        'Content-Type'        => 'application/octet-stream',
        'Content-Disposition' => 'attachment; filename=somefile.txt"'
    );

    return response()->download(base_path("storage/Asset/Media/1/somefile.txt"));
}

重要的是，我可以使用 application/octet-stream 下载任何文件类型.

Here important thing is I can use application/octet-stream to download any file type.

这篇关于通过Auth Controller保护资产/媒体文件夹安全吗? Laravel 5.2的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！