I need help understanding Laravel's file storage system. I'm creating an app where I need to upload a users drivers license photo. This is obviously sensitive information. I would like to keep this image off of the internet unless an admin is viewing it. My understanding is that i have to save things to the public directory in the storage>app>public and create a symlink to the public>storage folder. I have this done and it's working fine. I save the path to the database and the program can display it, but I don't want things to be in the public folder if I can avoid it.
Is there any way to save an image/file to a private folder in the storage system then access it through the view? If I do this, does it keep that image "private" so that it's not stored in a cache somewhere beings that it's not in a "public" folder? Does the symlink protect files in the storage folder in the way I'm wanting or does it truly make all files available to the public?
Any help in understanding this would be appreciated.
What you've said is correct the files in storage/app/public
is public. This is why you have to create a private directory, lets say storage/app/private
, then upload your sensitive files here.
You may want to add a disks in your config/filesystems.php
:
'private' => [
'driver' => 'local',
'root' => storage_path('app/private'),
],
If you want to access your private files. Create a route for this:
Route::get('/private-files/{file?}','FileController@get')->where('file', '(.*)');
Then in the FileController.php
, you will have something like this (this is just an example, edit the code here to check if the user is admin):
<?php
namespace App\Http\Controllers;
use Auth;
use Storage;
use App\Http\Controllers\Controller;
class FileController extends Controller {
public function __construct()
{
$this->middleware('auth');
}
public function get($file)
{
return Storage::disk('private')->get($file);
}
}
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With