In our project we need to provide a ‘file sharing’ and ‘file downloads’ functionality. Like, authorized users (who are owners of files) wants to share file for their anonymous friends. The access is short-lived – say, 5-15 minutes or so. Ideally, the number of downloads should also be controlled, say, no more than three times.
We use CFS packages for file storage.
We thought that the ideal way for doing this is to generate token, save it to mongo, and embed this token into sharing link. BUT, in the ‘download’ allow/deny handler in CFS there is no access to request parameters – only userId and fileDoc.
We definitely want it to be meteor-centric solution (i mean, saving these tokens to nginx configs or whatever is not a good way). What can we do? Should we try to add new package to CFS ecosystem (that overrides/extends allow/deny handlers logic) or is there a one already?