aidan is proud to present you this little tip:

Recipe for authenticated downloads

Tags: authenticate download nitro

def download(filename)   
    redirect_if_not_logged_in # put whatever redirection mechanism you like in here
    approved_files = ['file1.zip', 'file2.tbz']
    if approved_files.include?(filename)
      response.content_type = 'application/octet-stream'
      response.headers['Content-Length'] = File.size(filename)
      print IO.read(filename)
    end
  end

This can then be referenced as http://example.com/download/file1.zip - the approved_files array prevents arbitrary downloads of your files.