Is there a way to set up simple http authentication for a Ruby on Rails app on heroku?

Question

I want to set up a private staging server on heroku using simple http authentication. Is that possible?

Answer 1

A cleaner way is to just drop in a couple lines of Rack middleware into your staging environment config, leaving controller logic alone:

# config/environments/staging.rb MyApp::Application.configure do   config.middleware.insert_after(::Rack::Lock, "::Rack::Auth::Basic", "Staging") do |u, p|     [u, p] == ['username', 'password']   end    #... other config end 

This tip courtesy of Ole Morten Amundsen. More info plus Heroku password specification:

http://olemortenamundsen.wordpress.com/2011/04/05/ruby-secure-staging-environment-of-your-public-app-from-users-and-bots/

Answer 2

On Rails4, I got "No such middleware to insert after: Rack::Lock" error. Replace Adam's code to the below:

# config/environments/staging.rb MyApp::Application.configure do   config.middleware.use '::Rack::Auth::Basic' do |u, p|     [u, p] == ['username', 'password']   end   # ... end 

See: http://www.intridea.com/blog/2013/6/4/tips-and-tricks-for-deploying-rails-4-apps-on-heroku