How do you protect files in RoR

I'm mostly interested in mp3 files. I'm supposed to build a music store
app. Where should you keep files (s3?). And what's more important how do
you protect other people from using the same link? I guess you have to
generate it dynamically. Is there any other solution or maybe any plugin
available?

Something like X-Send-File (apache) or X-Accel-Redirect (nginx) allows
you to use apache/nginx to do the actual heavy work of transferring a
large file to the client, while still letting your rails app control
access. These both assume the file is on the same server as the one
running your instance of apache/nginx

Fred

Frederick Cheung wrote:

I'm mostly interested in mp3 files. I'm supposed to build a music store
app. Where should you keep files (s3?). And what's more important how do
you protect other people from using the same link? I guess you have to
generate it dynamically. Is there any other solution or maybe any plugin
available?

Something like X-Send-File (apache) or X-Accel-Redirect (nginx) allows
you to use apache/nginx to do the actual heavy work of transferring a
large file to the client, while still letting your rails app control
access. These both assume the file is on the same server as the one
running your instance of apache/nginx

Use Paperclip, and put the files on a shared mount that all of your servers can see. (If you cluster.)

Put the files in a folder named after a hash of today's date + a salt - a password. Concatenate the date to the password and hash the whole thing, then write a cron that renames the folder every day.

Paperclip has an option to set the filesystem path dynamically, like routes.rb. Put the hash into this path, and serve the files freely. Nobody can hot-link them because the hash will change daily.