Feature #6312

Updated by Tom Clegg over 6 years ago

May require additional work on the download server to support whatever authentication mechanism is needed.
* One possibility is to "decode a Workbench cookie":http://big-elephants.com/2014-01/handling-rails-4-sessions-with-go/ with configured rails-secret-token (suitable if nginx is mapping a namespace under workbench onto the downloader, or using a cookie domain[1] to tell the browser to send the cookie to the downloader host as well)

Workbench needs a config knob for "base uri for downloads" (use built-in if not configured) if not relying on nginx mapping a namespace

Workbench needs to set a more permissive cookie domain or (if not relying on nginx mapping) use JS tricks for download links

fn1. Or a route that copies Authorization to an encrypted cookie?