Private Files Area

Hi guys,

Just a quick questions: I am trying to create a private files area and I don’t want the files be accessible via a url for everyone who has it.

I am creating a method with authorisation logic to be executed prior to getting the files and creating a download link. I am using kartik basic template and I found that the files uploaded to the app/uploads directory are accesible via url.

Does anyone know of a tutorial that explains folder permisions and creating a private files area in yii2?

Also I would like to learn more about opening different types of extensions inside a browser / previewing file content for docs, ppts, …etc all ideas are welcome!

Htaccess configuration partly… still a tutorial will be useful for all

have you considered uploading your files somewhere out of the webroot? this way web server cannot serve them to users, there would be no direct link to files outside webroot.

then you might write an action to serve this files to users, and an action can easily check for roles and permissions and whatever else. if this helps I can provide a sample code.