We are considering moving our services from AWS to Railway. We currently use Cognito to ensure that only internal users with appropriate permissions can access our preview and staging environments that are deployed with public URLs. Is there a way to get similar functionality with Railway, or would we need to implement a custom solution ourselves?

Essentially, when somebody visits the staging.oursite.com url, they are presented with a screen requiring them to sign in with their Google SSO. If they are on our allowlist after signing in, they can then access the deployed application. This is what we want to replicate.