You could if you don't wish to have a login scenario, you could have a database that is used to store hash keys.
The person rolls up to your website and is asked to provide an email address and if you want a pin number to access the file.
Your system generates a hash key, stores it with the email in the database.
You then have a script generate a URL using the hash key and that then gets emailed to the user.
They then get an email with the URL to the file, that download script than asks the user to validate their email and supply a pin if generated.
The download then starts.
You then have the hash tag and email deleted from the database which then renders that link useless and the person then has to provide email to get a hash key which can be as simple as the users email address + the PHP time() functions value.