A single shared password in front of your entire Netlify site — static assets, SPA bundle, and serverless functions — using a Netlify Edge Function. This replaces Netlify's paid "Password protection / Basic protection" and works on the free tier.
It uses HTTP Basic Auth: the browser shows its native login dialog, the submitted password is SHA-256-hashed and compared (constant-time) against a hash stored in an env var. Only the hash is stored — the plaintext password lives nowhere.