app.rb: Add basic session handling

When logging in with the correct credentials, set a session variable and redirect to the login page. Custom display for a user who is logged in. Add a logout method to delete the session variable, thus logging out the user. Use Rack's built-in session cookies to facilitate session management.
author: Teddy Wing 2015-12-08 00:51:14 -0500
committer: Teddy Wing 2015-12-08 00:51:14 -0500
commit: 6b352f5a238524f9031c499191a476debecbc9fb (patch)
tree: e5741f32f27c0ac5d98bbedfe3af2f85d54be728
parent: 28770a5143bb5b48389d5ad4ce235625c12f1056 (diff)
download: Ruby-Web-Sessions-Exercise-6b352f5a238524f9031c499191a476debecbc9fb.tar.bz2
1 files changed, 19 insertions, 2 deletions
diff --git a/app.rb b/app.rb
index ec53617..b4630e3 100644
--- a/app.rb
+++ b/app.rb
@@ -1,10 +1,27 @@
 require 'sinatra'
 
 
+use Rack::Session::Cookie, :secret => "My session secret which shouldn't be committed to the repo in real life"
+
 get '/' do
-  erb :index
+  if session[:user]
+    "Logged in with user id #{session[:user]}"
+  else
+    erb :index
+  end
 end
 
 post '/' do
-  'POST works'
+  if params[:username] == 'hubertfarnsworth' &&
+     params[:password] == 'secret'
+    session[:user] = 1
+    redirect '/'
+  else
+    'POST works'
+  end
+end
+
+get '/logout' do
+  session[:user] = nil
+  redirect '/'
 end
author	Teddy Wing	2015-12-08 00:51:14 -0500
committer	Teddy Wing	2015-12-08 00:51:14 -0500
commit	6b352f5a238524f9031c499191a476debecbc9fb (patch)
tree	e5741f32f27c0ac5d98bbedfe3af2f85d54be728
parent	28770a5143bb5b48389d5ad4ce235625c12f1056 (diff)
download	Ruby-Web-Sessions-Exercise-6b352f5a238524f9031c499191a476debecbc9fb.tar.bz2