From 6b352f5a238524f9031c499191a476debecbc9fb Mon Sep 17 00:00:00 2001
From: Teddy Wing
Date: Tue, 8 Dec 2015 00:51:14 -0500
Subject: app.rb: Add basic session handling

When logging in with the correct credentials, set a session variable and
redirect to the login page. Custom display for a user who is logged in.

Add a logout method to delete the session variable, thus logging out the
user.

Use Rack's built-in session cookies to facilitate session management.
---
 app.rb | 21 +++++++++++++++++++--
 1 file changed, 19 insertions(+), 2 deletions(-)

diff --git a/app.rb b/app.rb
index ec53617..b4630e3 100644
--- a/app.rb
+++ b/app.rb
@@ -1,10 +1,27 @@
 require 'sinatra'
 
 
+use Rack::Session::Cookie, :secret => "My session secret which shouldn't be committed to the repo in real life"
+
 get '/' do
-  erb :index
+  if session[:user]
+    "Logged in with user id #{session[:user]}"
+  else
+    erb :index
+  end
 end
 
 post '/' do
-  'POST works'
+  if params[:username] == 'hubertfarnsworth' &&
+     params[:password] == 'secret'
+    session[:user] = 1
+    redirect '/'
+  else
+    'POST works'
+  end
+end
+
+get '/logout' do
+  session[:user] = nil
+  redirect '/'
 end
-- 
cgit v1.2.3