Re: script to access private folder
by QuillMeantTen (Friar) on Jan 21, 2016 at 09:40 UTC
|
Update: spelling
Greetings
First if you need directions you are going to have to give us more informations:
When you say log in, what kind of login do you mean,
- Login with ssh?
- Login on a web service?
Those are the two kinds I can think of in your case, the approach will vary wildly depending on the kind of login.
In the ssh case it could be as simple as displaying in the terminal a list of files and one time download links or just copy the selected files in the user's home folder...
If you want a web service then you are going to need to set up a server that will give content to users, a database for the login to take place.
If the files in question should not be modified by the users , catalyst as a plugin, Static::Simple iirc that can be used just for that. Type the url, the file name and voila it will start downloading
A precise answer to a vague question requires mind reading, I have not upgraded my brain to that stage yet ;)
| [reply] |
|
Thanks for your reply. Sorry to hear that your brain is not properly equipped for my needs! (Actually, thanks for taking the time to answer my poorly phrased question in a sensible fashion!).
I replied to jonadab as he rather hit the nail on the head regarding public accessibility of the files. I'd be grateful if you would take a look and let me know what you think about my idea as a workaround, and perhaps see if there is a better way of doing it?
| [reply] |
Re: script to access private folder
by Corion (Patriarch) on Jan 21, 2016 at 12:08 UTC
|
If you are talking about a web(dav) folder on a webserver, I've used TinyAuth with good effect as a minimalistic access control.
My plan to leverage the idea of TinyAuth and to combine it with OAUTH 2 so that people can "log in with Facebook" (etc.) failed because one would have to register every instance of the TinyAuth application with Facebook and all the other suppliers one would want to support. I did not find a convenient way to automate registering an application with all those providers.
| [reply] |
Re: script to access private folder
by jonadab (Parson) on Jan 21, 2016 at 12:04 UTC
|
What would stop the user from bypassing the authentication by simply not using your Perl interface at all, accessing the files directly with some other software? I'm assuming you have something in mind for this, but I don't know what it is. Are the files encrypted? Owned by root and chmod ugo-rwx? Not stored at all except in process memory? Your Perl interface will need to take this stuff into account and might need to be completely different depending on the answer. One person who already replied is assuming that the data are on a remote server. That would lead to a completely different Perl interface than most of the other cases. We can't really advise you very well on how to do what you want without knowing more about what exactly it is that you want to do.
| [reply] |
|
Thanks, this is a great reply. I'm sorry the question was badly phrased and I'm grateful for the thoughtfulness of most of the responses.
The files are on a remote server and this is for users of a web site. The files are industry specific and not of interest to most of society, but should be kept confidential. Therefore I think a level of obfuscation would be sufficient, rather than a need for high level out and out security.
I have the login and file listing part of the service, and what I'm thinking about doing is creating a cron which periodically creates a new name for the folder, and records it in a db. The loading script uses that record to create the link, and there is a web page or ajax refresh of the links to keep them updated on the page.
I think this would be quite efficient in terms of preventing the file links from being shared between interested parties, however I'm sure that there are probably more efficient processes I could use. I would be interested in knowing yours and other thoughts on this?
| [reply] |
|
| [reply] |
|
Re: script to access private folder
by Anonymous Monk on Jan 21, 2016 at 08:50 UTC
|
In general terms, what is the best way of doing this please? Just do it
| [reply] |
|
I suppose you work for Nike?
| [reply] |
|
I suppose you work for Nike? No, I work for you. In general terms the best way to do something is to always just do it. Now you know.
| [reply] |
|
|
|