Black Friday sale is now on! 50% off Laravel: The Modular Way. Learn more

Laravel download files from a route

David Carr

Laravel Framework PHP & MySQL Tutorials

    Laravel makes downloading a server file very easy, in this post I'm going to show a way to download files but only let authenticated users. 

    First, a route group is used to set up the auth middleware:

    Route::group(['middleware' => 'auth'], function () {
    Next create a dedicated download route:
    Route::get('download', function () {

    Collect a request:

    $path = request('f');

    Detect the file extension

    $extension = pathinfo($path, PATHINFO_EXTENSION);

    Create a blocked list array, this is a list of all extensions we won't allow to be downloaded.

    $blocked = ['php', 'htaccess'];

    If the requested file is not in the blocked array then download it.

    if (! in_array($extension, $blocked)) {
        //download the file
        return response()->download($path);
    }
    

    Putting it all together:

    //only logged in users can download
    Route::group(['middleware' => 'auth'], function () {
        
        //respond to route /download?f=path
        Route::get('download', function () {
    
            //get the GET request
            $path = request('f');
    
            //look at the extension of the file being requested
            $extension = pathinfo($path, PATHINFO_EXTENSION);
    
            //create an array of items to reject being downloaded
            $blocked = ['php', 'htaccess'];
    
            //if the requested file is not in the blocked array
            if (! in_array($extension, $blocked)) {
                //download the file
                return response()->download($path);
            }
        });
    });
    

     

    Laravel Modules Book by David Carr

    Help support the blog so that I can continue creating new content!

    Subscribe to my newsletter

    Subscribe and get my books and product announcements.

    © 2009 - 2022 DC Blog. All code MIT license. All rights reserved.