diff --git a/config/routes.rb b/config/routes.rb
index 920ece518ea..a98c0f8aa77 100644
--- a/config/routes.rb
+++ b/config/routes.rb
@@ -30,7 +30,7 @@ Gitlab::Application.routes.draw do
   end
 
   # Enable Grack support
-  mount Grack::Auth.new({}), at: '/', constraints: lambda { |request| /[-\/\w\.]+\.git\//.match(request.path_info) }, via: [:get, :post]
+  mount Grack::AuthSpawner, at: '/', constraints: lambda { |request| /[-\/\w\.]+\.git\//.match(request.path_info) }, via: [:get, :post]
 
   # Help
   get 'help'                  => 'help#index'
diff --git a/lib/gitlab/backend/grack_auth.rb b/lib/gitlab/backend/grack_auth.rb
index dc87aa52a3e..7ffc3226913 100644
--- a/lib/gitlab/backend/grack_auth.rb
+++ b/lib/gitlab/backend/grack_auth.rb
@@ -1,6 +1,14 @@
 require_relative 'shell_env'
 
 module Grack
+  class AuthSpawner
+    def self.call(env)
+      # Avoid issues with instance variables in Grack::Auth persisting across
+      # requests by creating a new instance for each request.
+      Auth.new({}).call(env)
+    end
+  end
+
   class Auth < Rack::Auth::Basic
 
     attr_accessor :user, :project, :env