I'm attempting to implement a way to stop hotlinking and/or un-authorised access to resources within my app.

The method I'm trying to add is something I've used before in PHP apps. Basically a session is set when the page is first called. The images are added to the page via the image tag with the session value as a parameter:

<img src="/files/image/[handle]?session=12345" />

When the image is requested the script checks to see if the session is set and matches the provided value. If the condition is not met the serving page returns null. Right at the end to the code I unset the session so further requests from outside the scope of the page will return null.

What would be the best implementation of this method within the lift framework?

Thanks in advance for any help, much appreciated :)