Hello,
I have created a site that works with the oth authentication. I have a
media directory that contains medias that only authenticated users
should download.
I have created a controller wich read the directory (through the
Folder class) and a view that publish the file contents.
Now, how can
I think you should make your files hidden or not accessible by web
(with the help of .htaccess) and then make a controller that will
return the file's data (with a new layout of course)
which will return the file's mime and other good headers you like to
send.
the auth code should be on that