What is the "Meteor way" for password-protecting a staging version of a meteor app?

I am currently working on an app that I only want to make accessible to team members.

Normally, I would set up a simple .htaccess password protection and then send out the username and password. Not super secure and not a good solution for large teams, but great for quick and dirty protection from prying eyes.

However, as I understand it Meteor will basically ignore .htaccess. Is that correct?

What is “the meteor way” for quickly/easily password-protecting a staging version of your app?

Thanks for any tips and recommendations!

The Meteor way would be like the node way. Serve Meteor behind Nginx and password protect it in Nginx.

See https://www.digitalocean.com/community/tutorials/how-to-set-up-http-authentication-with-nginx-on-ubuntu-12-10 on how password protect a domain in Nginx