Route downloads through controller; file IDs as hash to prevent guessing; download count; download list on airport page

app/Http/Controllers/Admin/FilesController.php

@@ -57,7 +57,7 @@ class FilesController extends Controller
         $asset->description = $attrs['file_description'];
         $asset->disk = config('filesystems.public_files');
         $asset->path = $file_path;
-        $asset->public = true;
+        $asset->public = false;  // need to be logged in to see. default (for now)
         $asset->ref_model = $attrs['ref_model'];
         $asset->ref_model_id = $attrs['ref_model_id'];
 

app/Http/Controllers/Frontend/FileController.php

@@ -0,0 +1,47 @@
+<?php
+
+namespace App\Http\Controllers\Frontend;
+
+use App\Interfaces\Controller;
+use App\Models\File;
+use Auth;
+use Flash;
+use Illuminate\Support\Facades\Storage;
+
+/**
+ * Class FileController
+ * @package App\Http\Controllers\Frontend
+ */
+class FileController extends Controller
+{
+    /**
+     * Show the application dashboard.
+     */
+    public function show($id)
+    {
+        /**
+         * @var File $file
+         */
+        $file = File::find($id);
+        if (!$file) {
+            Flash::error('File doesn\'t exist');
+            return redirect()->back();
+        }
+
+        // Allowed to download? If not, direct to login
+        if (!$file->public && !Auth::check()) {
+            return redirect(config('app.login_redirect'));
+        }
+
+        ++$file->download_count;
+        $file->save();
+
+        if($file->disk === 'public') {
+            $storage = Storage::disk('public');
+            return $storage->download($file->path, $file->filename);
+        }
+
+        // TODO: Config for streamed response?
+        return redirect()->to($file->url);
+    }
+}