The whole idea behind ASP.NET, as well as all other server-side Web technology, is that you generate content in HTTP response dynamically, by processing HTTP request on the server side and doing required computations before sending the response. Essentially, this is all ASP.NET does.
This response can be anything, not only HTML. It can be any file generated dynamically. For example, if you deliver PNG file, its "Content-type" should be "image/png", which is one of HTTP headers. Instead of referencing the file directly in a
<img>
element in
src
attribute, you can reference ASP.NET page which code behind reads the file and writes it in HTTP response with proper headers. Please see:
https://msdn.microsoft.com/en-us/library/System.Web.HttpResponse%28v=vs.110%29.aspx[
^].
And then, in the middle, you check up the user's data, including authentication. You can store all the time stamps per each downloaded resources, compare with current time, and then decide if you want to deliver that file, or, instead appropriate
response message explaining the problem, or even on of the error status codes 4??, (such as 417, see the last link below :-)).
See also:
https://en.wikipedia.org/wiki/Internet_media_type[
^],
https://www.iana.org/assignments/media-types/media-types.xhtml[
^],
https://en.wikipedia.org/wiki/Hypertext_Transfer_Protocol#Response_message[
^],
https://en.wikipedia.org/wiki/List_of_HTTP_status_codes[
^].
—SA