Last Updated: February 25, 2016
·
2.561K
· xtagon

Restrict access to your Rails staging environment

#rails
#heroku

Need a quick and dirty way to restrict access to your Rails app? Perhaps you don't want just anyone to access your staging environment, and you haven't implemented user authentication yet.

First, put something like this in config/initializers/staging_auth.rb

YourRailsApp::Application.configure do
    # Restrict access with HTTP Basic Auth for staging environments
    unless ENV['STAGING_AUTH'].blank?
        config.middleware.use '::Rack::Auth::Basic' do |username, password|
            ENV['STAGING_AUTH'].split(';').any? do |pair|
                [username, password] == pair.split(':')
            end
        end
    end
end

Then, set the environment variable STAGING_AUTH for any deploy that you want to lock down with HTTP Basic Auth. The format is:

STAGING_AUTH="user:pass"

or, if you want multiple user credentials, separate them with a semicolon

STAGING_AUTH="user1:pass1;user2:pass2"

Here's an example if you're deploying to Heroku:

heroku config:set STAGING_AUTH="foobar:hunter2"

#rails
#heroku

Written by Justin Workman

Say Thanks
Respond

Related protips

Avoid Heroku idling with New Relic pings

59.88K
16

1600% faster app requests with Rails on Heroku

36.35K
7

Free background jobs on heroku

27.78K
17

1 Response
Add your response

hungor

Thank you!

over 1 year ago ·

Have a fresh tip? Share with Coderwall community!

Post
Post a tip
Best #Rails Authors
sebastialonso
223.8K
#rails
#CSS
#JavaScript
sergiotapia
141.3K
#rails
#Ruby
#Elixir
jamesdullaghan
90.45K
#rails
#JavaScript
#Ruby
edokun_
87.62K
#rails
#Ruby
#Python
rorykoehler
78.89K
#rails
#Postgres
#Coffeescript
Related Tags
#rails
#heroku
Sponsored by
#native_company#
#native_desc#
#native_cta#
Filed Under
Ruby on Rails Development Tips
Awesome Job
See All Jobs
Post a job for only $299
Thanks to our sponsor
Sponsored by #native_company# — Learn More
#native_title# #native_desc#
#native_cta#