This repository helps you put access control into place to protect your secret pages by (deep breath):
hosting your secret page of static and/or dynamic content by using a free Heroku app
running a Python Flask server that uses Flask-Dance to authenticate visitors
with Github using OAuth which allows you fine-grained access control for your pages
using user attributes like organization or team membership or even things like how many
vowels a user has in their username.
Also, did I mention the attack rabbits?
The finished product (pages on Heroku protected by attack rabbits)
is at github-heroku-attack-rabbits.herokuapp.com
The documentation is at pages.charlesreid1.com/github-heroku-attack-rabbits
Two branches in this repo compose the github-heroku-attack-rabbits documentation:
Two branches illustrate github-heroku-attack-rabbits in practice:
The secret branch contains the files needed to create the secret page.
This repository is public, so obviously these aren’t actually secret,
but in practice this would be in a protected repository.
The heroku-pages branch
contains the content that is actually pushed to Heroku - that is,
the final Flask app.
An overview of the steps:
Python software used:
This is released under the WTFPL.