I need some help with access of the storage public folder.
I have a file upload system and the files stores in my storage/public/$user->id/ folder.
Every users has an own folder for their files.
In my show blade file i display their own files by an i frame:
Your best bet is to store the files not in the public folder, nothing should be stored there that you don't want anyone to access.
So instead, store them in something like storage/users/$user->id and then create a route that grabs the file and initializes a download only if the user is the one authenticated:
Route::get('/storage/users/{user}', function(Request $request, User $user) {
if ($request->user()->id === $user->id) {
$file = getFile(); // or however you'd want to retrieve the file
return Storage::download('storage/users/' . $user->id . '/' . $file->file_path);
}
return abort(404);
}