Hi all,
I've created an application that uses an XML file to tailor to user's settings. The XML file is generated by rails and is unique to each user. Currently, I'm storing them as public/settings/# {user.login}.xml. However, these files must be private and only accessible by those users alone. I'm still new to rails, so the only real way I know how to authenticate is on controller actions. I've done some research on this issue, but most of the answers I've found were pertaining to file uploads.
How should I store these XML files to restrict them from the general public view?