in Rails

Limit access to your staging environment in rails

There exists some confusing information on how to implement password protection for your staging environment. I found the following config suitable: Use your production env for staging and configure the required password with an env-variable.

Add to your config/deploy/production.rb:

  if ENV['STAGING_PASSWORD']
    config.middleware.insert_after(::Rack::Runtime, "::Rack::Auth::Basic", "Staging") do |u, p|
        [u, p] == ['staging', ENV['STAGING_PASSWORD']]
    end
  end

Webmentions

  • Beware of the staging environment – Entwicklerbier

    […] Staging should mirror production in most aspects, but some things just have to be different e.g. crash-reporting, limiting access […]