如何将上传的文件存储在安全文件夹中,并且可以在asp.net core中安全地访问它? [英] how to store uploaded files in secure folder and it can be accessed securely in asp.net core?
问题描述
如何将上传的文件存储在安全文件夹中,并且可以在asp.net core中安全地对其进行访问?我知道该文件夹必须位于www根文件夹的外部.但是,我做了一些谷歌搜索仍然找不到一个例子.有人可以帮我举个例子或给我说明如何设置吗?谢谢.
how to store uploaded files in secure folder and it can be accessed securely in asp.net core? I knew the folder must be outside for www root folder. However, I did some google search still cannot find an example. Can someone please help me give an example or give me instructions how to setup? Thanks.
我参考(在Asp.NET Core 1.0中在wwwroot之外提供静态文件的说明)建立. 但是仍然可供公众访问.我只希望授权用户可以访问上载的文件.怎么做?谢谢.
I refer to the instructions from (Serving Static Files Outside of wwwroot in Asp.NET Core 1.0) to setup. But it's still available for public access. I would like to only authorized user can access the uploaded files. how to do that? Thanks.
推荐答案
(1)最简单的解决方案可能取决于您的服务器操作系统和访问级别,以调整文件夹访问权限.为此,我需要您提供更多详细信息.
(1) The simplest solution which may depend on your server OS and access level, to adjust folder access permissions. To advise on this I would need more details from you.
(2)我认为一个更好的方法是实现一个处理程序/服务,该处理程序/服务将处理公共请求,如果用户被授权,则将文件的内容流回给用户.同样,根据您的服务器/配置,可能还需要参考(1).
(2) A better approach I think would be to implement a handler/service that would handle public requests, and if user if authorized then stream the file's content back to the user. Yet again, depending on your server/configuration, might need to refer to (1) also.
(3)另一个选择是使用云Blob存储,您可以在其中将存储设置为私有并使用其API,然后为用户访问特定文件颁发访问令牌.令牌也可以设置为在一段时间后过期.
(3) Another option is to use a cloud blob storage, where you could set storage to be private and use their API, and issue access tokens for users to access a specific file. Tokens may be set to expire after some time as well.
这篇关于如何将上传的文件存储在安全文件夹中,并且可以在asp.net core中安全地访问它?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
