There is a res directory under the public directory of laravel. I want to verify whether the user has the permission to access the images in it,
However, the address entered by the user will directly access this file and will not be authenticated by auth middleware,
For example, put an image in the res directory under public,
Route:
Route::get('/res/{res}', ['middleware' => 'auth', 'uses' => 'TestController@res']);You can view images directly during access. how can you view images only by logged-on users?
I looked at the link of the pictures on my Baidu disk,
Is similar to this
http://thumbnail0.baidupcs.com/thumbnail/e9be0226a22b8a1ad721032ac0338bb3?fid=4079835327-250528-565979844600151&time=1467727200&rt=yt&sign=FDTAER-DCb740ccc5511e5e8fedcff06b081203-4mQdS41CM3TuSq6hpE8LIAn%2FiL0%3D&expires=2h&chkv=0&chkbd=0&chkpc=&dp-logid=4335431112578733428&dp-callid=0&size=c256_u256&quality=100It seems that a hash value is produced for each image, which is verified based on the parameters in the route and route. after passing the hash value, the file is returned based on the hash value.
Which of the following can I ask about the specific implementation principle?
There is a res directory under the public directory of laravel. I want to verify whether the user has the permission to access the images in it,
However, the address entered by the user will directly access this file and will not be authenticated by auth middleware,
For example, put an image in the res directory under public,
Route:
Route::get('/res/{res}', ['middleware' => 'auth', 'uses' => 'TestController@res']);You can view images directly during access. how can you view images only by logged-on users?
I looked at the link of the pictures on my Baidu disk,
Is similar to this
http://thumbnail0.baidupcs.com/thumbnail/e9be0226a22b8a1ad721032ac0338bb3?fid=4079835327-250528-565979844600151&time=1467727200&rt=yt&sign=FDTAER-DCb740ccc5511e5e8fedcff06b081203-4mQdS41CM3TuSq6hpE8LIAn%2FiL0%3D&expires=2h&chkv=0&chkbd=0&chkpc=&dp-logid=4335431112578733428&dp-callid=0&size=c256_u256&quality=100It seems that a hash value is produced for each image, which is verified based on the parameters in the route and route. after passing the hash value, the file is returned based on the hash value.
Which of the following can I ask about the specific implementation principle?
Laravel only processes the/public/index. php entry. The image file you mentioned is not in index. php. Laravel doesn't care;
Unless you put the image access in a controller, such as/Img/locaiton? User = xxx & name = iiii to access ImgController. php: You can read the image and display it on your own. you can add auth and OK (be sure not to put the image under/public and put it under the public Directory at the same level)
Public/All files except index. php are pure static files, which are not included in the Laravel route.
As for Baidu's network disk, the hash parameter and the expiration time of all files are read, you can implement it in your own way and add what you want
Use WebServer for rewrite. after passing through a controller php, Auth: check in this controller.
Files that require access control should not be stored in the public directory, but under the storage directory, so that external access is impossible.
You can implement a controller to authenticate the access permission. If yes, you can output the binary data of the image through the HTTP transmission stream as you want.
Laravel (or Symfony) already provides this type of Response. you can refer to the document to find the corresponding API.
Most of the image permission verification and anti-Leech processing methods you know are the same.
Above.
Start building with 50+ products and up to 12 months usage for Elastic Compute Service
1 on 1 presale consultation
24/7 Technical Support 6 Free Tickets per Quarter Faster Response
Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.
A comprehensive suite of global cloud computing services to power your business
Payment Methods We Support
