Users in my app have the possibility to upload files which are stored in a folder called documents in wwwroot.
Normally I restrict access to the app by setting [Authorize] on my controllers when needed. But how can I restrict users, especially not registered request outisde the app, to
access this folder? If I log out of my app, I can still look at files in my folder if I know the exact address like app.com/documents/budget.pdf
Any ideas?