A simple gem to more elegantly place a staging server or other in-progress rails application behind a basic codeword. It’s easy to implement, share with clients/collaborators, and more beautiful than the typical password-protection sheet.
“Can I come into your fort?”
“…what's the codeword?”
(currently used in production with Rails 3.X and nonimally tested—seems to work—in Rails 4)
-
Add this line to your application's Gemfile:
gem 'lockup' -
Define a codeword (see Usage below).
-
That's it!**
**If you're passing parameters right at your root (i.e. somedomain.com/:parameter), you'll want to place this mount statement in your routes.rb file, before your other route statements:
mount Lockup::Engine, at: '/lockup'
To set a codeword, define LOCKUP_CODEWORD in your environments/your_environment.rb file like so:
ENV["LOCKUP_CODEWORD"] = 'secret'
If you think you might need a hint:
ENV["LOCKUP_HINT"] = 'Something that you do not tell everyone.'
If you're using Figaro, set your lockup codeword and hint (optional) in your application.yml file:
LOCKUP_CODEWORD: "love"
LOCKUP_HINT: "Pepé Le Pew"
Codewords are not case-sensitive, by design. Keep it simple.
** You can just use lockup around a specific action**
-
Add this line to your application's Gemfile:
gem 'lockup' -
Define a codeword (see Usage above).
-
In your controller which would you would like to restrict
before_action :check_for_lockup, only: [:edit, :update, :new, :destroy, :create]
http://somedomain.com/or_path/?lockup_codeword=love
The visitor is redirected and the cookie is set without them ever seeing the Lockup splash page.
(Lockup also makes a rudimentary attempt based on user agent to block major search engine bots/crawlers from following this link and indexing the site, just in case it ever gets out into the wild.)