There is a guide for adding basic auth to your Sinatra app. Password is hardcoded in the short example, but in production, you may want a securer way.
bcrypt is the gem for you.
gem "bcrypt" to your Gemfile. (Don't confuse it with bcrypt-ruby gem, which is its former name)
Then you can generate a password hash like this:
require "bcrypt" pass = BCrypt::Password.create("passw0rd") puts pass #=> $2a$10$fiCl.ng6uGr0ATcBi1OiA.KTvm2BlGdWWdBxdJqJ.mZMzKCoiSbc2
The result will be different each time you run, because bcrypt uses randomly generated salt.
Add this string to, say, your app's configuration file. Then you can check if user entered a correct password or not by using
correct_pass = BCrypt::Password.new("$2a$10$fiCl.ng6uGr0ATcBi1OiA.KTvm2BlGdWWdBxdJqJ.mZMzKCoiSbc2") p correct_pass.is_password?("passw0rd") #=> true
See the source of this blog for full example.