Need a quick and dirty way to restrict access to your Rails app? Perhaps you don't want just anyone to access your staging environment, and you haven't implemented user authentication yet.
First, put something like this in
YourRailsApp::Application.configure do # Restrict access with HTTP Basic Auth for staging environments unless ENV['STAGING_AUTH'].blank? config.middleware.use '::Rack::Auth::Basic' do |username, password| ENV['STAGING_AUTH'].split(';').any? do |pair| [username, password] == pair.split(':') end end end end
Then, set the environment variable
STAGING_AUTH for any deploy that you want to lock down with HTTP Basic Auth. The format is:
or, if you want multiple user credentials, separate them with a semicolon
Here's an example if you're deploying to Heroku:
heroku config:set STAGING_AUTH="foobar:hunter2"