Laravel 5.3 proper way to secure files for download

dukauwa · October 2, 2016, 3:10pm

I need to download files from my Laravel App. Download can be done for authorized users. I don’t want to put this files in public directory.

return response()->download(’/storage/app/export/file.txt’);

I use this response in my controller to download file, but I don’t know how to refer to file name/path.

My file is located at storage/app/export/file.txt. But I see download method assume the root is storage/app/public (which is linked to public/storage/).

How can I serve file to download from not public disk ?

YusufTunde · October 6, 2016, 4:06pm

Here is what you can do.
Move the file to your public directory and then set permissions(privileges) to it.

abolajibisiriyu · October 7, 2016, 8:34am

You can use the helper function storage_path() to get the path to the storage directory, you can pass it an argument which returns the generates path to that argument relative to the storage directory.
In your own case you would say:

return response()->download(storage_path('app/export/file.txt'));

Hope this helps.

wonexo · October 8, 2016, 9:21am

Great, thanks I’ll keep this with me so I don’t forget. When. I need it

Godofbrowser · October 13, 2016, 10:58am

For simplicity, you can run the following command

php artisan storage:link

This creates a symbolic link to the storage directory right inside the public folder.
You can access the files in storage directly as if they were in the public folder.