This is really simple, but it took me a bit of digging to find it, so that's why I'm posting it here. I have a directory that I want to protect. To access it, you have to be either 1) an authenticated user, or 2) on my local LAN.

Step 1. Create an .htpasswd file as you normally would with the htpasswd command.
Step 2. Create an .htaccess file that looks like this.

AuthName "My private directory of stuff"
AuthType Basic
AuthUserFile /the/path/to/the/.htpasswd
AuthGroupFile /dev/null
require valid-user
Order allow,deny
Allow from 192.168.0
Satisfy Any