通过Auth Controller保护资产/媒体文件夹安全吗? Laravel 5.2 [英] Secure Asset/Media Folder through Auth Controller ? Laravel 5.2
问题描述
我有公共/资产/媒体/文件夹
I have public/Asset/Media/folder
我可以像下面一样公开访问此文件.
I can access this file publicly like below.
http://localhost/myapp/public/Asset/Media/1/phpunit.xml
类似地,资产/媒体"文件夹中还有其他正在动态创建的文件夹.
Similarly there are other folders in the Asset/Media folder which are being created on the fly.
这些子文件夹中也有很多文件,资产/媒体文件夹中也有文件
There are many files also present in those sub folder and are also present in Asset/Media folder
有什么办法,如果我尝试访问Asset/Media文件夹中的任何文件或Asset/Media文件夹的子文件夹中存在的任何文件,由于未完成身份验证,应该将我重定向到登录页面吗?
Is there any way, such that if I try to access any file in Asset/Media folder or any file present in the sub folder of Asset/Media folder, I should be redirected to login page because authentication is not done?
我的意思是,我可以使用Auth
中间件来保护此文件夹吗?如果是这样,是否必须从Android应用程序访问文件,这是一种有效的方法?
I meant, can i use Auth
Middleware to secure this folder? if so, Is it a valid approach if we have to access the files from a Android App?
推荐答案
我的示例网址在这里:
http://domainname.com/storage/Asset/Media /1/filename.txt
http://domainname.com/storage/Asset/Media/1/filename.txt
我的路线
Route::get('/storage/Asset/Media/{ID}/{file}', array(
'as' => 'Files',
'uses' => 'User\Account\Media\MediaController@DownloadMedia',
));
控制器操作方法
public function DownloadMedia($ID) {
$headers = array(
'Content-Type' => 'application/octet-stream',
'Content-Disposition' => 'attachment; filename=somefile.txt"'
);
return response()->download(base_path("storage/Asset/Media/1/somefile.txt"));
}
重要的是,我可以使用 application/octet-stream
下载任何文件类型.
Here important thing is I can use application/octet-stream
to download any file type.
这篇关于通过Auth Controller保护资产/媒体文件夹安全吗? Laravel 5.2的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!