From fe9586bc29795e3b7bf0f95046c6ce3ae1c95244 Mon Sep 17 00:00:00 2001
From: rgarcia <voodoorai2000@gmail.com>
Date: Fri, 28 Aug 2015 17:27:14 +0200
Subject: [PATCH] adds password protection for staging and production servers

---
 app/controllers/application_controller.rb | 9 +++++++++
 1 file changed, 9 insertions(+)

diff --git a/app/controllers/application_controller.rb b/app/controllers/application_controller.rb
index 4b9e75c56..9df8c4874 100644
--- a/app/controllers/application_controller.rb
+++ b/app/controllers/application_controller.rb
@@ -1,6 +1,7 @@
 require "application_responder"
 
 class ApplicationController < ActionController::Base
+  before_filter :authenticate
   check_authorization unless: :devise_controller?
   include SimpleCaptcha::ControllerHelpers
   self.responder = ApplicationResponder
@@ -15,6 +16,14 @@ class ApplicationController < ActionController::Base
 
   before_action :ensure_signup_complete
 
+  def authenticate
+    if Rails.env.staging? || Rails.env.production?
+      authenticate_or_request_with_http_basic do |username, password|
+        username == Rails.application.secrets.username && password == Rails.application.secrets.password
+      end
+    end
+  end
+
   rescue_from CanCan::AccessDenied do |exception|
     redirect_to main_app.root_url, alert: exception.message
   end