Example app that shows how to use Rack::SSL and Rack::Auth::Basic to forward all requests to SSL, then password protect them.
Ruby
Fetching latest commit…
Cannot retrieve the latest commit at this time.
Failed to load latest commit information.
Gemfile
Gemfile.lock
Procfile
README.markdown
app.rb

README.markdown

ssl-http-basic

This sample Sinatra application demonstrates how to chain Rack middleware to force requests to SSL and then require a HTTP Basic password for all requests. It uses Rack::SSL to redirect to SSL and Rack::Auth::Basic for HTTP Basic auth.

This is useful because Rack::Auth::Basic only works for all requests, otherwise you need to write a helper. So if your root action is responsible for redirecting to SSL and you only want passwords sent over SSL, you can't use Rack::Auth::Basic. Also, the approach of chaining middleware is much cleaner.

This code is written for the Heroku Cedar stack. To see a demo, visit http://ssl-http-basic.herokuapp.com

Local development

For local development it can be convenient to skip SSL. You can do that with code like this:

use Rack::SSL, :exclude => lambda { |env| ENV['RACK_ENV'] != 'production' }

License

This is a trivial amount of code. Do what ever you want with it.