zero-blog/admin.rb

class Admin < Sinatra::Base
  set $settings
  use Rack::Session::Pool, :expire_after => 1800
  use Rack::Flash, :accessorize => [:error, :warning, :notice]
  set :haml, :layout => :admin_layout

  before do
    @account = session_read
  end

  before %r{^(?!\/(login)?$)} do
    if @account.nil?
      flash.notice = 'something is wrong'
      redirect '/admin'
    else
      session[:last_updated] = Time.now
      flash.notice = 'session is valid!'
    end
  end

  get '/' do
    haml :admin_index_no_login
  end

  post '/login' do
    account = Account.authenticate(params['username'], params['password'])
    if account.nil?
      flash.warning = 'wrong username or password'
      flash[:username] = params['username']
      redirect '/admin'
    else
      flash.notice = 'Login successful'
      session[:id] = account.id
      session[:last_updated] = Time.now
      redirect '/admin/index'
    end
  end

  get '/index' do
    haml :admin_index
  end

  get '/logout' do
    session[:id] = nil
    session[:last_updated] = nil
    flash.notice = 'Logout complete'
    redirect '/' 
  end

  get '/stylesheet.css' do
    scss :admin_stylesheet
  end

  helpers do
    def session_read
      if (session.has_key?(:id) && session.has_key?(:last_updated) &&
          Time.now - session[:last_updated] < 1800)
        Account.get(session[:id])
      else
        nil
      end
    end
  end
end
initial page for the blog itself and the admin panel 2011-06-24 13:28:19 +02:00			`class Admin < Sinatra::Base`
added a settings hash to put into the sinatra instances 2011-06-24 14:29:59 +02:00			`set $settings`
use session pool, as it saves the data on the server side, not client side 2011-06-28 10:59:49 +02:00			`use Rack::Session::Pool, :expire_after => 1800`
added error message support for the admin panel 2011-06-27 09:19:28 +02:00			`use Rack::Flash, :accessorize => [:error, :warning, :notice]`
added an admin index and layout 2011-06-26 08:57:59 +02:00			`set :haml, :layout => :admin_layout`
added a settings hash to put into the sinatra instances 2011-06-24 14:29:59 +02:00
changed the way the session and account is read 2011-06-28 11:58:41 +02:00			`before do`
			`@account = session_read`
			`end`

added session handling for the admin panel 2011-06-28 10:29:44 +02:00			`before %r{^(?!\/(login)?$)} do`
changed the way the session and account is read 2011-06-28 11:58:41 +02:00			`if @account.nil?`
added session handling for the admin panel 2011-06-28 10:29:44 +02:00			`flash.notice = 'something is wrong'`
			`redirect '/admin'`
changed the way the session and account is read 2011-06-28 11:58:41 +02:00			`else`
			`session[:last_updated] = Time.now`
			`flash.notice = 'session is valid!'`
added session handling for the admin panel 2011-06-28 10:29:44 +02:00			`end`
			`end`

initial page for the blog itself and the admin panel 2011-06-24 13:28:19 +02:00			`get '/' do`
added session handling for the admin panel 2011-06-28 10:29:44 +02:00			`haml :admin_index_no_login`
initial page for the blog itself and the admin panel 2011-06-24 13:28:19 +02:00			`end`
added error message support for the admin panel 2011-06-27 09:19:28 +02:00
			`post '/login' do`
			`account = Account.authenticate(params['username'], params['password'])`
			`if account.nil?`
			`flash.warning = 'wrong username or password'`
added session handling for the admin panel 2011-06-28 10:29:44 +02:00			`flash[:username] = params['username']`
added error message support for the admin panel 2011-06-27 09:19:28 +02:00			`redirect '/admin'`
			`else`
			`flash.notice = 'Login successful'`
added session handling for the admin panel 2011-06-28 10:29:44 +02:00			`session[:id] = account.id`
			`session[:last_updated] = Time.now`
			`redirect '/admin/index'`
added error message support for the admin panel 2011-06-27 09:19:28 +02:00			`end`
			`end`

added session handling for the admin panel 2011-06-28 10:29:44 +02:00			`get '/index' do`
			`haml :admin_index`
			`end`

			`get '/logout' do`
invalidate the session as good as possible 2011-06-28 10:57:24 +02:00			`session[:id] = nil`
			`session[:last_updated] = nil`
added session handling for the admin panel 2011-06-28 10:29:44 +02:00			`flash.notice = 'Logout complete'`
			`redirect '/'`
			`end`

added error message support for the admin panel 2011-06-27 09:19:28 +02:00			`get '/stylesheet.css' do`
			`scss :admin_stylesheet`
			`end`
added session handling for the admin panel 2011-06-28 10:29:44 +02:00
			`helpers do`
changed the way the session and account is read 2011-06-28 11:58:41 +02:00			`def session_read`
			`if (session.has_key?(:id) && session.has_key?(:last_updated) &&`
			`Time.now - session[:last_updated] < 1800)`
			`Account.get(session[:id])`
added session handling for the admin panel 2011-06-28 10:29:44 +02:00			`else`
changed the way the session and account is read 2011-06-28 11:58:41 +02:00			`nil`
added session handling for the admin panel 2011-06-28 10:29:44 +02:00			`end`
			`end`
			`end`
initial page for the blog itself and the admin panel 2011-06-24 13:28:19 +02:00			`end`