I have some images under /public/images/ in a RoR application. I am
accesing the images from view templates using standard html tags. Since the images are under a public directory they can
be accessed by anyone (not coming through my application).
What is the best way to keep my images accesible only to authorized users?
I cannot keep them in a non public dir because will not work then.
Keep the images out of the public dir (say RAILS_ROOT/assets/images)
and then write an ImagesController that will serve up the images by
setting the appropriate content-type and using send_data/Ruby IO.