Currently seeking new career opportunities in web development, particularly with Laravel, Hire Me

Laravel download files from a route

David Carr

Laravel Framework Tutorials PHP & MySQL

Laravel makes downloading a server file very easy, in this post I'm going to show a way to download files but only let authenticated users. 

First, a route group is used to set up the auth middleware:

Route::group(['middleware' => 'auth'], function () {
Next create a dedicated download route:
Route::get('download', function () {

Collect a request:

$path = request('f');

Detect the file extension

$extension = pathinfo($path, PATHINFO_EXTENSION);

Create a blocked list array, this is a list of all extensions we won't allow to be downloaded.

$blocked = ['php', 'htaccess'];

If the requested file is not in the blocked array then download it.

if (! in_array($extension, $blocked)) {
    //download the file
    return response()->download($path);
}

Putting it all together:

//only logged in users can download
Route::group(['middleware' => 'auth'], function () {
    
    //respond to route /download?f=path
    Route::get('download', function () {

        //get the GET request
        $path = request('f');

        //look at the extension of the file being requested
        $extension = pathinfo($path, PATHINFO_EXTENSION);

        //create an array of items to reject being downloaded
        $blocked = ['php', 'htaccess'];

        //if the requested file is not in the blocked array
        if (! in_array($extension, $blocked)) {
            //download the file
            return response()->download($path);
        }
    });
});

 

Laravel Modules Your Logo Your Logo Your Logo

Become a sponsor

Help support the blog so that I can continue creating new content!

Sponsor

My Latest Book

Modular Laravel Book - Laravel: The Modular way

Learn how to build modular applications with Laravel Find out more

Subscribe to my newsletter

Subscribe and get my books and product announcements.

Learn Laravel with Laracasts

Faster Laravel Hosting

© 2006 - 2024 DC Blog. All code MIT license. All rights reserved.