Using Activestorage how do I restrict a file that can only be accessed through links and not outside the website?

So if you copy the link of the rails blob and paste it ( incognito ) it basically downloads the file how is this remedied?

so if the link would be

https://p66.test:3000/rails/active_storage/blobs/eyJfcmFpbHMiOnsibWVzc2FnZSI6IkJBaHBEQT09IiwiZXhwIjpudWxsLCJwdXIiOiJibG9iX2lkIn19--490f8acaee978a2fea812761494b23b55702df37/users-2020-06-10.csv?disposition=attachment

how can I restrict a person from just using that link outside of the website?

I'd paypal $50 for the answer!

I think you can restrict the access by creating another controller route, which dynamically return data depending on request.referer.

So for example, you'd have DownloadsController with a users_csv action. You can then do

if URI(request.referer).host == 'myappdomain.com'
  send_data ...
else
  render json: { errors: ['Permission Denied'] }, status: 403
end

See last answer https://stackoverflow.com/questions/49808950/secure-active-storage-with-devise