In my app, PDFs are generated with wicked_pdf and uploaded to Amazon S3 with the fog gem.
It works!
My current setup is to put the files in a folder generated by SecureRandom.urlsafe_base64(40). Hard to guess. Security through obscurity. I then save the public_url in the database.
However, I would like to protect the files so that they can only be downloaded from links in the app. How can this be done?
Set Fog public credential to false, if you are using carrier wave then it's easy
@report.report_attachment.url one more way is
create controller action like this
def download_report
@report = Report.find(params[:id])
# url to access private files on S3 expire in 10 sec
redirect_to @report.report_attachment.expiring_url(10)
end