Hicham Zouarhi Hicham Zouarhi -4 years ago 99
Ruby Question

How to block access to public/assets from url in Ruby On Rails

I'm working on a Ruby On Rails app and I'm calling some js, css, images and csv files from public/assets.

I added an authentication when accessing the page using these assets:

class MyPageController < ApplicationController
before_action :authenticate

def index
end

def authenticate
authenticate_or_request_with_http_basic do |username, password|
username == 'login' && password == 'password'
end
end
end


and it works for this page but if I type
localhost:3000/assets/myFile.csv
I can access it and download it without being asked for authentication.

Is there a way to add an authentication on that url or to block it ?

Thanks

Answer Source

If you need them to be blocked, then it's better to move them to a different folder. The intention of that folder is to hold publicly accessible static files.

Recommended from our users: Dynamic Network Monitoring from WhatsUp Gold from IPSwitch. Free Download