Restricting access to files with Roda and Rodauth #386

i-h8-github · 2024-01-01T02:14:17Z

i-h8-github
Jan 1, 2024

Hello,

What is the preferred approach to restricting access to (certain) files to a logged-in user? I can't seem to quite figure out how this should work with Roda and Rodauth. Given "public/file.pdf", my instinct was to try something like this:

r.is "file.pdf" do
  rodauth.require_authentication
  pass
end

r.public

but that skips the authentication requirement (tangentially, what use case was the :pass plugin designed for?).

Is there a preferred approach to this? Or am I just missing something obvious?

jeremyevans · 2024-01-01T03:52:13Z

jeremyevans
Jan 1, 2024
Maintainer

You should have a separate directory for files that require authentication, and then you can use the multi_public plugin to only serve those files after authentication: https://roda.jeremyevans.net/rdoc/classes/Roda/RodaPlugins/MultiPublic.html

0 replies

i-h8-github · 2024-01-01T08:10:03Z

i-h8-github
Jan 1, 2024
Author

Thank you, that was indeed very simple.

0 replies

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Restricting access to files with Roda and Rodauth #386

Uh oh!

{{title}}

Uh oh!

Replies: 2 comments

Uh oh!

{{title}}

Uh oh!

Uh oh!

{{title}}

Uh oh!

Select a reply

Uh oh!

Restricting access to files with Roda and Rodauth #386

Uh oh!

i-h8-github Jan 1, 2024

Replies: 2 comments

Uh oh!

jeremyevans Jan 1, 2024 Maintainer

Uh oh!

i-h8-github Jan 1, 2024 Author

i-h8-github
Jan 1, 2024

jeremyevans
Jan 1, 2024
Maintainer

i-h8-github
Jan 1, 2024
Author