When pushing changes to your website you want to test them in an environment similar to your production one – without the fear of breaking something for your customers: voilà, staging.
There exists some confusing information on how to implement password protection for your staging environment. I found the following config suitable: Use your production env for staging and configure the required password with an env-variable.
Add to your
config.middleware.insert_after(::Rack::Runtime, "::Rack::Auth::Basic", "Staging") do |u, p|
[u, p] == ['staging', ENV['STAGING_PASSWORD']]