How to do HTTP authentication with Goliath/Heroku?

431 views Asked by At

I'm using Goliath as my app server, and I am trying to convert "Ruby – Secure staging environment of your public app from users and bots" so it applies to my Goliath application.

I am trying to use Rack::Static but I'm not sure how to write the code. I was trying something like:

class Application < Goliath::API
  use(Rack::Lock)

But I am not really sure how to translate the link I posted.

I'm open to other alternatives, I just need my whole site password protected.

1

There are 1 answers

0
dj2 On

Are you trying to use Rack::Static to serve static files, or Rack::Basic::Auth to handle the authentication?

There should be nothing stopping you from putting a

use Rack::Auth::Basic, "Restricted Area" do |username, password|
  [username, password] == ['admin', 'admin']
end

in your Goliath app. Rack::Basic::Auth should work fine in the async environment as it does nothing on the return path, so we can safely 'skip' the middleware on the way back out of the handler.

If you're looking to setup Rack::Static, take a look at the 'template.rb' example in the Goliath examples directory.