Level 56
call a specific GET-Route within my Laravel app, do the permission checks and then return response()->download($pathToFile); ?
Would be the solution if files were stored locally. With S3 I don't know, not used it enough.
Sep 16, 2015
5
Level 6
Protected Downloads
Hi everyone,
in the near future I might have to build a new shop for my company. We develop games, so we'll probably want so sell digital goods there: our games, soundtracks and various pre-order packages for future games.
Implementing a shop system with articles, carts and stuff sound pretty straightforward in my head. But I'm still looking for an approach to securely deliver the digital goods.
So let's say customer XY is buying a DRM-free version of our latest game. The payment goes through using Stripe or PayPal, the shop gets the API response and adds the product to the customer.
Now how can he download the game? Do I put the Installer up on an Amazon S3 Bucket with a cryptic name that no one can ever figure out and then call a specific GET-Route within my Laravel app, do the permission checks and then return response()->download($pathToFile); ?
I can imagine that there are more things to consider here. Any ideas / heads-ups?
Level 88
This is really simple example but it should get you started here: http://www.sitepoint.com/selling-downloads-stripe-laravel/
The process you described is probably the best way to go. Depending on security, you can make that as difficult as you want. It's recommended to always check if the user is authenticated before showing any kind of download page at all!
Level 6
Thanks for the link. I just checked the docs, it looks like I can simply use the Laravels Storage-Facade to recieve files from S3 and a user would not be able to simply copy&paste the download link to a friend.
Level 56
Be careful because the download should be streamlined. You dont want the server to first download all the file from s3 then serve it to the user.
Please or to participate in this conversation.