Protect private pages hosted on Heroku by authenticating with Github using Flask-Dance. Also, attack rabbits.
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
Charles Reid a49a132c08 fix img location in readme 2 years ago
docs update docs 2 years ago
mkdocs-material @ ff95dcb846 add mkdocs submodule 2 years ago
.gitignore update gitignore 2 years ago
.gitmodules add mkdocs submodule 2 years ago
LICENSE init version of readme 2 years ago fix img location in readme 2 years ago
mkdocs.yml update logo to bunny 2 years ago


What’s this business all about, then?

This repository helps you protect your secret pages by (deep breath):

hosting your secret page of static and/or dynamic content using a free Heroku app
running a Python Flask server that uses Flask-Dance to authenticate visitors
with Github which allows you fine-grained access control over your pages based on
user attributes like organization or team membership or even things like how many
repositories a user has or how many vowels are in their username.

Also, did I mention the attack rabbits?

warning: attack rabbits ahead

Where is everything?

Final pages:

Two branches in this repo compose the github-heroku-attack-rabbits documentation:

Two branches illustrate github-heroku-attack-rabbits in practice:

  • The secret branch contains the files needed to create the secret page.
    This repository is public, so obviously these aren’t actually secret,
    but in practice this would be in a protected repository.

  • The heroku-pages branch
    contains the content that is actually pushed to Heroku - that is,
    the final Flask app.

Where do I start?

See the documentation
or docs/


This is released under the WTFPL.