Closed hiasl closed 2 years ago
Can you elaborate on the use case or flow?
ok, my use case just got bigger:
We need to create a password protected area where also files (including images) are protected. I am looking for plugins I could use for this purpose. However I just found out, that your plugin does not consider if a user is logged in or not, right? Would it be possible to add this via an event? That only logged in users can download a file?
My initial question:
I want to have a protected url in my image src, which also allows resizing/transformations. Approx. like this:
<img src="{{ craft.linkvault.downloadUrl(asset.getUrl({width: 200, height: 200})) }}">
Will this work? Mayby it would if I ensure that the asset is immediately resized, by adding true as second param
<img src="{{ craft.linkvault.downloadUrl(asset.getUrl({width: 200, height: 200}, true)) }}">
You could always wrap the DL link in a logged in check. We use Link Vault for logged in users all the time. We'll get back to you on the initial question.
What you are attempting to do will work as long as you supply that true parameter in your second example. As for protecting the links from unauthenticated users, I recommend handling that in the template, if possible. Then you can disable leech attempts in the plugin config so that authenticated users can't share their generated download links with other people.
If there are situations where people do need to be able to follow download links from somewhere other than a webpage on the site, you can definitely tie in to a Link Vault event and serve an alternate response before the download gets recorded and served.
LinkVaultDownload
elements have all the basic Craft element events so you could handle the authentication check in the LinkVaultDownload::EVENT_BEFORE_SAVE event.
Thanks a lot! We will give it a try.
Hi, is it possible to use your plugin to protect resized assets (which might not exist on the first request)? thanks, Matthias