Jump to content

Specific permissions to access files


Recommended Posts

Hello,

I'm trying to develop my own cloud storage system. 

Currently having trouble with permissions of certain files.
I need a specific client to have access to file located in user specific directory such as "/cloud/files/members/N10000/".
But I dont want the file to be accessable via url or by any other client.

The file could be an png, txt, mp4, etc.

No I dont want to use an opne source cloud software. I want to create my own one.

Is this possible with PHP. Do I need further software?

Using Debian 9 and PLESK 17.8

Thanks in advance.

Link to post
Share on other sites

One option is to route all requests for those files to a PHP script that authorizes people before sending the file content, and having the actual files stored outside of the web server root.  You could also use a custom web server module to do authorization.

Link to post
Share on other sites
49 minutes ago, justsomeguy said:

One option is to route all requests for those files to a PHP script that authorizes people before sending the file content, and having the actual files stored outside of the web server root.  You could also use a custom web server module to do authorization.

What exactly is a custom webserver module?

Sorry im not teh best in terms of configuring optional software for webservers 😕

 

Link to post
Share on other sites

Apache, for example, has modules that change its behavior.  Some well-known ones are things like mod_rewrite or mod_expires.  One option would be a custom module like that which would handle the authentication and authorization so that the web server could still do its job serving the actual files.

Link to post
Share on other sites

You'd have to do the same thing every time, and it doesn't seem like it would much of an effect because anyone who pulls up the URL in a web browser would be running with the same permissions, whatever user the web server is running as.  You can't use that for authentication and authorization if you need different people to be able to access different files.  You need a way to authenticate who the user is, and a way to authorize that the user can access the file.  That's what usernames and passwords are for, that's authentication.  Once they authenticate themselves then you need a database or folder structure or something to tell you which user can access which file, so you need to check that also.  That's authorization.  If either of those fail then you need to show an error message.  All of that is done on the server with a language like PHP, or with a custom web server module.

Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Loading...
×
×
  • Create New...