Example app that shows how to use Rack::SSL and Rack::Auth::Basic to forward all requests to SSL, then password protect them.
Latest commit be04fda Jul 14, 2011 @look add readme
Failed to load latest commit information.
Gemfile example app Jul 13, 2011
Gemfile.lock example app Jul 13, 2011
Procfile example app Jul 13, 2011
README.markdown add readme Jul 13, 2011
app.rb example app Jul 13, 2011



This sample Sinatra application demonstrates how to chain Rack middleware to force requests to SSL and then require a HTTP Basic password for all requests. It uses Rack::SSL to redirect to SSL and Rack::Auth::Basic for HTTP Basic auth.

This is useful because Rack::Auth::Basic only works for all requests, otherwise you need to write a helper. So if your root action is responsible for redirecting to SSL and you only want passwords sent over SSL, you can't use Rack::Auth::Basic. Also, the approach of chaining middleware is much cleaner.

This code is written for the Heroku Cedar stack. To see a demo, visit http://ssl-http-basic.herokuapp.com

Local development

For local development it can be convenient to skip SSL. You can do that with code like this:

use Rack::SSL, :exclude => lambda { |env| ENV['RACK_ENV'] != 'production' }


This is a trivial amount of code. Do what ever you want with it.