Hide the staging site behind a basic password.
We can add the Lockup gem only for the staging environment, and place the password into secrets.yml + config.yml.
How to test:
Visit any staging links and enter the password, expect to be redirected to where you were heading.
Check that the password is not case-sensitive.
Visit any staging links with ?lockup_codeword=secret, expect to bypass the password prompt.