Answer the question
In order to leave comments, you need to log in
R
R
Ruslan Galiev2014-07-23 14:14:26
Ruslan Galiev, 2014-07-23 14:14:26
Rails + Devise how to prevent unauthorized users from accessing files in the public directory?
Hello
Tell me how you can restrict access to files in the public directory to unauthorized users:
http://server.com/uploads/product_photo/02d13ce6-ff11-4194-ba86-b1ab38d90ed7.jpgsuch requests are not authorized. If the only option is to move the photos to another directory, then which tmp ?
2 answer(s)
@HerMajor
@Rikkit
I
Ivan Kryak, 2014-07-24 @HerMajor
1. close the /uploads/product_photo folder with nginx
2. Add a controller/method in the application that will receive the file name, check the file for existence, check user authorization
3. If everything is ok, send the file using send_file
D
Dmitry Snegirev, 2014-07-23 @Rikkit
As far as I understand in rails, you cannot restrict access to files in the /public folder, for good they are given directly through nginx.
The folder can be used /private/uploads for example. A logical contrast to the public folder.
Similar questions
A
T
E
W
S
Didn't find what you were looking for?
Ask your questionAsk a Question
731 491 924 answers to any question