I need to be able to limit access to certain directories. I can do this by chmod or using mod_rewrite, but I also need access to be granted if a user has a password.

These directories cannot be moved from one directory to another and must stay in the same place. The only thing that must change is whether they can be accessed publically or via logging in.

So for instance, the contents of http://example.com/stuff/ must not be accessible publically, but if I have a password they can. However, I, the owner of the website, must be able to change this on a whim - i.e. remove the restriction, or add it.

How do I go about doing this? I'd like to avoid server-stuff (htaccess things, chmod, etc) as much as possible.