diff --git a/app/controllers/application_controller.rb b/app/controllers/application_controller.rb
index d83690e..fae5698 100644
--- a/app/controllers/application_controller.rb
+++ b/app/controllers/application_controller.rb
@@ -2,4 +2,11 @@ class ApplicationController < ActionController::Base
   # Prevent CSRF attacks by raising an exception.
   # For APIs, you may want to use :null_session instead.
   protect_from_forgery with: :exception
+
+  protected
+    def authenticate
+      authenticate_or_request_with_http_basic do |username, password|
+        username == ENV['BASIC_AUTH_USERNAME'] && password == ENV['BASIC_AUTH_PASSWORD']
+      end
+    end
 end
diff --git a/app/controllers/articles_controller.rb b/app/controllers/articles_controller.rb
index c7f624b..9122b52 100644
--- a/app/controllers/articles_controller.rb
+++ b/app/controllers/articles_controller.rb
@@ -1,4 +1,6 @@
 class ArticlesController < ApplicationController
+  before_filter :authenticate, :except => [:index, :show]
+
   def index
     @articles = Article.all.order("created_at DESC")
   end
diff --git a/app/helpers/application_helper.rb b/app/helpers/application_helper.rb
index de6be79..30d8529 100644
--- a/app/helpers/application_helper.rb
+++ b/app/helpers/application_helper.rb
@@ -1,2 +1,5 @@
 module ApplicationHelper
+  def logged_in?
+    not request.authorization.nil?
+  end
 end
diff --git a/app/views/articles/index.html.erb b/app/views/articles/index.html.erb
index 705a24d..4f57da5 100644
--- a/app/views/articles/index.html.erb
+++ b/app/views/articles/index.html.erb
@@ -8,10 +8,10 @@
     <ul>
     <% @articles.each_with_index do |article, i| %>
       <li>
-        <a href="<%= article_path(article) %>"><%= article.title %> <span><%= article.created_at.strftime('%B %e, %Y') %></span></a>
-        (<%= link_to 'Edit', edit_article_path(article) %> or <%= link_to 'Destroy', article_path(article),
-        method: :delete,
-        data: { confirm: 'Are you sure?' } %>)
+        <a href="<%= article_path(article) %>">
+          <%= article.title %>
+          <span><%= article.created_at.strftime('%B %e, %Y') %></span>
+        </a>
       </li>
     <% end %>
     </ul>
diff --git a/app/views/articles/show.html.erb b/app/views/articles/show.html.erb
index 5910650..4c65018 100644
--- a/app/views/articles/show.html.erb
+++ b/app/views/articles/show.html.erb
@@ -13,3 +13,11 @@
     </article>
   </div>
 </main>
+<% if logged_in? %>
+  <div class="Container Container--mainColumn">
+    <div class="Container-inner">
+      <%= link_to 'Edit', edit_article_path(@article) %>
+      <%= link_to 'Destroy', article_path(@article), method: :delete, data: { confirm: 'Are you sure?' } %>
+    </div>
+  </div>
+<% end %>
diff --git a/app/views/layouts/application.html.erb b/app/views/layouts/application.html.erb
index 4c3da6e..ffc2e90 100644
--- a/app/views/layouts/application.html.erb
+++ b/app/views/layouts/application.html.erb
@@ -22,6 +22,9 @@
             <div class="Masthead-navigation">
               <nav class="Navigation" role="navigation">
                 <ul class="Navigation-list">
+                  <% if logged_in? %>
+                    <li class="Navigation-listItem"><%= link_to 'New', new_article_path, class: "Navigation-listItemLink" %></li>
+                  <% end %>
                   <li class="Navigation-listItem"><a href="<%= articles_path -%>" class="Navigation-listItemLink">Writing</a></li>
                   <li class="Navigation-listItem"><a href="#" class="Navigation-listItemLink">About</a></li>
                 </ul>