playbooks

home / skills / noartem / skills / laravel-filesystem-uploads-and-urls

laravel-filesystem-uploads-and-urls skill

/skills/laravel-filesystem-uploads-and-urls

This skill helps manage Laravel file uploads via Storage, generate URLs, enforce visibility, and stream securely across disks.

npx playbooks add skill noartem/skills --skill laravel-filesystem-uploads-and-urls

Review the files below or copy the command above to add this skill to your agents.

Files (1)
SKILL.md
803 B
---
name: laravel-filesystem-uploads
description: Store and serve files via Storage; set visibility, generate URLs, and handle streaming safely
---

# Filesystem Uploads and URLs

Use the Storage facade consistently; abstract away the backend (local, S3, etc.).

## Commands

```
$path = Storage::disk('public')->putFile('avatars', $request->file('avatar'));

// Temporary URLs (S3, etc.)
$url = Storage::disk('s3')->temporaryUrl($path, now()->addMinutes(10));

// Streams
return Storage::disk('backups')->download('db.sql.gz');
```

## Patterns

- Keep user uploads under a dedicated disk with explicit `visibility`
- Avoid assuming local paths; always go through Storage
- For public assets, run `storage:link` and serve via web server / CDN
- Validate mime/types and size limits at upload boundaries

Overview

This skill provides a practical set of helpers and patterns to store, serve, and stream files using Laravel's Storage abstraction. I focus on consistent use of disks, safe streaming, visibility settings, and URL generation so uploads work across local, S3, and other drivers. The goal is predictable file handling and secure public access when needed.

How this skill works

I standardize file interactions through the Storage facade: saving files to named disks, setting explicit visibility, and avoiding direct filesystem paths. The skill includes examples for creating temporary signed URLs on cloud drivers, returning streamed downloads from disks, and ensuring public assets are served via storage symlinks or CDN. Validation and mime checks are applied at upload boundaries.

When to use it

  • Handling user uploads that must work across local and cloud disks
  • Serving files as downloads or streamed responses (large backups, user exports)
  • Generating temporary or permanent URLs for public assets
  • Enforcing visibility rules for private vs public files
  • Replacing direct filesystem access with Storage abstraction for portability

Best practices

  • Always use Storage::disk(...) rather than hardcoded paths to support multiple drivers
  • Store uploads on a dedicated disk and set explicit visibility (public/private)
  • Validate mime types and file size before storing to prevent malicious uploads
  • Use temporaryUrl for time-limited public access on cloud drivers; use signed routes for local drivers
  • Create storage:link and serve public disk assets via web server or CDN rather than exposing raw storage paths

Example use cases

  • Save a user avatar to the public disk and return a CDN-ready URL
  • Generate a 10-minute temporary download link for a sensitive S3 object
  • Stream a large database backup from the backups disk as a streamed download response
  • Enforce private visibility for invoices and only provide signed links to authorized users
  • Migrate file storage from local to S3 without changing code that uses Storage

FAQ

How do I serve files publicly on local development?

Run php artisan storage:link and use the public disk; serve via webserver or a CDN for production.

When should I use temporaryUrl vs download stream?

Use temporaryUrl for short-lived external links (cloud drivers). Use streamed download responses when you must control headers or serve directly from the app.