In the Laravel, you can protect your uploaded files access, restricting by authenticated user, with a simple code.
Move the uploaded file to local disk:
$path = $request->file('file')->store('photos', ['disk' => 'local']); return Photo::create(['path' => $path]); Route::get('photo/{id}', function (Photo $photo) { $disk = Storage::disk('local'); return response($disk->get($photo->path), 200, [ 'content-type' => $disk->mimeType($photo->path) ]); })->middleware('auth'); 
Top comments (1)
Does this isolate files between different users? Maybe using something with
Illuminate\Auth\Access\HandlesAuthorizationor controlling it by the Model itself is better or even using the user ID as a subfolder could solve.