Restrict public access of files

Asked Jul 02 '19 at 11:13

Active Jul 03 '19 at 05:31

Viewed 58 times

I'm using laravel 5.6 for APIs and for frontend I'm using angular 4.4.

there is a concern for the files accessibility. public folder is used to store files. now I want to restrict files from being accessed publicly. I want to give access of the files to the authenticated users only.

tried to create a folder inside storage/app named uploads and put an image but it was accessible globally too.

I have been trying to find a proper solution since a day but not found anything yet.

There are some suggestions to use response->file($file) and response->download($file) but I need to return it in json response.

There are similar questions asked but not found helpful answer yet.

Please suggest a way to implement this, may help others like me who have been struggling to find a way out of this. How can I do this?

edited Jul 03 '19 at 05:31

asked Jul 02 '19 at 11:13

Nikhil Radadiya

1,995
2
20
43

1

THe correct solution would be NOT to store these files in a publically accessible folder – RiggsFolly Jul 02 '19 at 11:16
What type of file are we talking about? How does you site currently access these files – RiggsFolly Jul 02 '19 at 11:17
@RiggsFolly Okay, lets say I set proper permissions like public don't have access to files, how can I access those from code? – Nikhil Radadiya Jul 02 '19 at 11:19
Well I would have thought that was a given – RiggsFolly Jul 02 '19 at 11:20
You can find infos about that in the [docs](https://laravel.com/docs/5.8/filesystem#downloading-files) `return Storage::download('file.jpg');` – Roland Starke Jul 02 '19 at 11:20
@RiggsFolly There are images,docs,pdf etc files. for now site access files directly through path like ```` – Nikhil Radadiya Jul 02 '19 at 11:21
@RolandStarke Okay, so Storage::download will generate stream response and that won't give direct link, Right? – Nikhil Radadiya Jul 02 '19 at 11:23
@NikhilRadadiya yes – Roland Starke Jul 02 '19 at 11:26
@RolandStarke For that moving files to storage folder is necessary? is it possible to do that from public folder? – Nikhil Radadiya Jul 02 '19 at 11:28
@RolandStarke Thank you. Let me try that. – Nikhil Radadiya Jul 02 '19 at 11:32
I just saw you use the url inside a src of an image, so you probably don't want ->download but `return response()->file($pathToFile);` https://laravel.com/docs/5.8/responses#file-responses – Roland Starke Jul 02 '19 at 11:35
@RolandStarke I'm using angular as front end. so, need image in json response. tried response->file($pathToFile) but it returns just `image:{headers: {}}` – Nikhil Radadiya Jul 02 '19 at 12:43
https://stackoverflow.com/questions/30682421/how-to-protect-image-from-public-view-in-laravel-5/30682456#30682456 – Maytham Fahmi Jul 04 '19 at 21:31
@maytham-ɯɐɥʇʎɐɯ Thanks, will look into it. Hope it works with Angular as front end. – Nikhil Radadiya Jul 05 '19 at 07:15

Restrict public access of files

0 Answers0

Linked