== mongrel_send_file GemPlugin

This is a simple plugin to handle the sending of secure files from a rails app.  Here's the typical process:

- Rails app authorizes user to download file
- Rails app sets file info in the session, redirects to custom URL like /file/UNIQUE_HASH/filename
- Mongrel handler pulls the full filename path and content type from the session using the unique hash, sends it to the user

== Usage

After installing the gem, you'll need to setup the handler for your Rails app:

# config/mongrel_send_file.conf
uri "/file/", :handler => plugin("/handlers/sendfile", :session_key => '_my_session_id', :session_files_key => :files), :in_front => true

# rails action that sends the file
  def download
    # do whatever it is you do to find get the filename/content type
    @attachment = Attachment.find(params[:id])
    
    # this doesn't matter as long as it's unique
    filehash = Digest::SHA1.hexdigest( Time.now.to_s.split('//').sort_by { rand }.join )
    
    # initialize session.  Use the :session_files_key option here
    session[:files] ||= {}
    
    # set the value for this file with a 5 minute expiration time
    session[:files][filehash] = [5.minutes.from_now.to_i, @attachment.full_filename, @attachment.content_type]
    
    # redirect to the path served by mongrel_send_file
    redirect_to "/file/#{filehash}/#{@attachment.filename}"
  end
  
# startup mongrel with this command
mongrel_rails -S config/mongrel_send_file.conf

== Note

I wrote this for a couple Rails apps that use the SqlSessionStore plugin [1].  So, it's very opinionated about how
it gets the info from the session.  This app should work with any app that runs on Mongrel (not just rails), just monkey
patch the SendFile#find_session method.  Submit suggestions as patches if you have them too.

[1] - http://railsexpress.de/blog/articles/2006/09/15/sqlsessionstore-now-available-as-a-plugin