added session handling for the admin panel
This commit is contained in:
parent
3b4f5447e1
commit
07ece721f3
43
admin.rb
43
admin.rb
|
@ -4,22 +4,61 @@ class Admin < Sinatra::Base
|
|||
use Rack::Flash, :accessorize => [:error, :warning, :notice]
|
||||
set :haml, :layout => :admin_layout
|
||||
|
||||
before %r{^(?!\/(login)?$)} do
|
||||
if session_valid?
|
||||
session[:last_updated] = Time.now
|
||||
flash.notice = 'session is valid!'
|
||||
else
|
||||
flash.notice = 'something is wrong'
|
||||
redirect '/admin'
|
||||
end
|
||||
end
|
||||
|
||||
get '/' do
|
||||
haml :admin_index
|
||||
haml :admin_index_no_login
|
||||
end
|
||||
|
||||
post '/login' do
|
||||
account = Account.authenticate(params['username'], params['password'])
|
||||
if account.nil?
|
||||
flash.warning = 'wrong username or password'
|
||||
flash[:username] = params['username']
|
||||
redirect '/admin'
|
||||
else
|
||||
flash.notice = 'Login successful'
|
||||
redirect '/admin'
|
||||
session[:id] = account.id
|
||||
session[:last_updated] = Time.now
|
||||
redirect '/admin/index'
|
||||
end
|
||||
end
|
||||
|
||||
get '/index' do
|
||||
haml :admin_index
|
||||
end
|
||||
|
||||
get '/logout' do
|
||||
session = nil
|
||||
flash.notice = 'Logout complete'
|
||||
redirect '/'
|
||||
end
|
||||
|
||||
get '/stylesheet.css' do
|
||||
scss :admin_stylesheet
|
||||
end
|
||||
|
||||
helpers do
|
||||
def session_valid?
|
||||
if session.has_key?(:id) && session.has_key?(:last_updated)
|
||||
account = Account.find(session[:id])
|
||||
if account && Time.now - session[:last_updated] < 1800
|
||||
@account = account
|
||||
true
|
||||
else
|
||||
false
|
||||
end
|
||||
else
|
||||
false
|
||||
end
|
||||
end
|
||||
end
|
||||
end
|
||||
|
|
|
@ -1 +1,2 @@
|
|||
h1
|
||||
%a{:href => '/admin/logout'}="Logout"
|
||||
%h1="Index"
|
||||
|
|
|
@ -0,0 +1,12 @@
|
|||
%p="==> #{@path}"
|
||||
%h1="Login"
|
||||
%form{:action => '/admin/login', :method => 'post'}
|
||||
.username
|
||||
%label.block{:for => 'username'}='Username'
|
||||
%input.block{:name => 'username', :placeholder => 'username', :value => flash[:username]}
|
||||
.password
|
||||
%label.block{:for => 'password'}='Password'
|
||||
%input.block{:name => 'password', :placeholder => 'password', :type => :password}
|
||||
.submit
|
||||
%button{:type => 'submit'}="Login"
|
||||
%button{:type => 'submit', :formmethod => :post, :formaction => '/'}="Back"
|
Loading…
Reference in New Issue