Protect private pages hosted on Heroku by authenticating with Github using Flask-Dance. Also, attack rabbits.
Charles Reid a49a132c08 fix img location in readme 8 months ago
docs update docs 8 months ago
mkdocs-material @ ff95dcb846 add mkdocs submodule 9 months ago
.gitignore update gitignore 9 months ago
.gitmodules add mkdocs submodule 9 months ago
LICENSE init version of readme 9 months ago fix img location in readme 8 months ago
mkdocs.yml update logo to bunny 9 months ago


What’s this business all about, then?

This repository helps you protect your secret pages by (deep breath):

hosting your secret page of static and/or dynamic content using a free Heroku app running a Python Flask server that uses Flask-Dance to authenticate visitors with Github which allows you fine-grained access control over your pages based on user attributes like organization or team membership or even things like how many repositories a user has or how many vowels are in their username.

Also, did I mention the attack rabbits?

Where is everything?

Final pages:

Two branches in this repo compose the github-heroku-attack-rabbits documentation:

Two branches illustrate github-heroku-attack-rabbits in practice:

  • The secret branch contains the files needed to create the secret page. This repository is public, so obviously these aren’t actually secret, but in practice this would be in a protected repository.

  • The heroku-pages branch contains the content that is actually pushed to Heroku - that is, the final Flask app.

Where do I start?

See the documentation or docs/


This is released under the WTFPL.