This episode is for members only
Sign up to access "Build a File Marketplace with Laravel" right now.
Get started
Already a member? Sign in to continue
Playing
32. Displaying and downloading files
Episodes
01. Introduction and setting up
02. Onboarding with Stripe
03. Creating products
08. Setting up and listing products
10m 54s
0%
09. Installing Livewire
2m 49s
0%
10. Building the product creation form
15m 1s
0%
11. Automatically generating the slug from the product title
1m 28s
0%
12. Validating and creating a product
6m 23s
0%
13. Handling product file uploads
8m 14s
0%
14. Attaching files to a product
6m 45s
0%
04. Editing products
05. User subdomains
06. Product checkout
07. Storing sales
08. Accessing purchased files
Transcript
00:00
To get started securely downloading these files, let's create out an unordered list with some list items in here. And we'll go ahead and iterate through all of the files that exist for that particular product.
00:12
Then we'll go ahead and hook this up to a signed root, which means that it will have an expiry. So we're going to go ahead and save for each sale product files as file, and we'll iterate through each of them. So inside of here is going to be an anchor.
00:28
Let's create one out. And in here is, of course, going to be the file and the file name. So let's just go ahead and add in a class to this. We'll say text indigo 500.
00:40
And let's check this out. There we go. We can space things out here a little bit by adding in a space y6. And there we go.
00:49
Perfect. So the goal is to be able to click on this here, get a secure temporary link to a file download. How do we do that?
00:59
Well, we're going to have to go ahead and create out the root and controller to be able to download a file, first of all. So let's go ahead and say root get. And for this, we'll say slash files and then the file itself.
01:11
We can just do that by the ID if we want to. And of course, we're going to need a controller for this. So let's create out a really simple controller here to handle this. We'll call this file show controller.
01:24
And let's go ahead and just hook that up before we fill this stuff in. File show controller. And we're done. We'll just add a quick name onto this.
01:32
Of course, that's going to be files.show. OK, so the file show controller then, if we invoke this here, is basically going to download the file that we have given into here by its ID. So to do this, we're going to go ahead and return.
01:46
We're going to use the storage facade over in Laravel. And we're just going to say download. For this, we're going to pass in the file path. That's the path to this on our file system.
01:58
But then we want to give the name of the file in here as well. So that's just going to be the original file name. So let's hook this up. And then we'll look at securing it with a signed download URL.
02:10
So over in show here, let's hook this up to the route that we've just created, files and show. And of course, we're going to pass the file into there. So that on its own will work.
02:22
You can see that that will download that file that we've created. But now technically, anyone can guess this slash files slash. We just head over to our route here and the ID just here. So what we're going to do over in our show page here
02:37
is instead of just generating out a normal route, we're going to generate out a temporary signed route. How do we do this? Well, to do this, we use the URL facade.
02:48
Let's pull that in here. And we say temporary signed URL or in our case route, because this links through to a route. The route is file show and we just pass through the file as normal.
03:03
In the middle of here, though, we need to give an expiry. So we can use Laravel's now helper, which returns a carbon instance. And we can add an expiry onto this in minutes, in hours, whatever we want to do. For our case, let's just say 10 minutes.
03:18
So we want this link to be valid for 10 minutes. But of course, you can do something like add hours if you want to. OK, now we've done this. Let's just check out the difference.
03:27
If I click on this and we actually just copy the link address. Let's paste this into here. And you can see that we've got file slash five. But this time we've got an expiry and we've got a signature in here as well.
03:40
Now, at the moment, this is not making any difference. I'll show you this if we just paste this in here and we go over to file slash five. That will download the file, even if we don't contain the expiry and the signature in the URL in the query string.
03:55
Now, to actually get this to work, we need to manually abort this if these do not match and if it's not valid. Now, this is pretty easy to do because the request that we get through into here actually has a method on it called has valid signature.
04:13
So what we can do is we can take this and we can say abort unless this has a valid signature and we'll abort with a 401. So now if we head over to the page that we just looked at, so let's just copy the link address and go over to slash five.
04:32
That's not going to work unless we have the signature in there, which we generate for each file. So now no one can download these files unless they have access to this specific sale page, which we know that we're securing with this token and the user's email address.
34 episodes•3 hrs 32 mins•2 years ago
Overview
Build a marketplace where sellers can list and sell files, while we take a cut of each sale using Stripe Connect.
We'll cover onboarding users with Stripe Connect, creating products and uploading files, payments, and delivering purchased files to your customers.
Here's everything we'll cover:
- The Stripe Connect onboarding flow
- Effortlessly creating products (and uploading files) with Livewire forms
- Subdomains for your user's marketplace
- Stripe Checkout for a beautiful, secure payment flow
- Securely delivering files with Signed URLs in Laravel
- Showing sales stats on a dashboard
Alex Garrett-Smith
Hey, I'm the founder of Codecourse!
Episode discussion
No comments, yet. Be the first!