diff --git a/admin.rb b/admin.rb
index bec1f84..476f4dd 100644
--- a/admin.rb
+++ b/admin.rb
@@ -4,22 +4,61 @@ class Admin < Sinatra::Base
   use Rack::Flash, :accessorize => [:error, :warning, :notice]
   set :haml, :layout => :admin_layout
 
+  before %r{^(?!\/(login)?$)} do
+    if session_valid?
+      session[:last_updated] = Time.now
+      flash.notice = 'session is valid!'
+    else
+      flash.notice = 'something is wrong'
+      redirect '/admin'
+    end
+  end
+
   get '/' do
-    haml :admin_index
+    haml :admin_index_no_login
   end
 
   post '/login' do
     account = Account.authenticate(params['username'], params['password'])
     if account.nil?
       flash.warning = 'wrong username or password'
+      flash[:username] = params['username']
       redirect '/admin'
     else
       flash.notice = 'Login successful'
-      redirect '/admin'
+      session[:id] = account.id
+      session[:last_updated] = Time.now
+      redirect '/admin/index'
     end
   end
 
+  get '/index' do
+    haml :admin_index
+  end
+
+  get '/logout' do
+    session = nil
+    flash.notice = 'Logout complete'
+    redirect '/' 
+  end
+
   get '/stylesheet.css' do
     scss :admin_stylesheet
   end
+
+  helpers do
+    def session_valid?
+      if session.has_key?(:id) && session.has_key?(:last_updated)
+        account = Account.find(session[:id])
+        if account && Time.now - session[:last_updated] < 1800
+          @account = account
+          true
+        else
+          false
+        end
+      else
+        false
+      end
+    end
+  end
 end
diff --git a/views/admin_index.haml b/views/admin_index.haml
index 73505ed..d283c04 100644
--- a/views/admin_index.haml
+++ b/views/admin_index.haml
@@ -1 +1,2 @@
-h1
+%a{:href => '/admin/logout'}="Logout"
+%h1="Index"
diff --git a/views/admin_index_no_login.haml b/views/admin_index_no_login.haml
new file mode 100644
index 0000000..82604ac
--- /dev/null
+++ b/views/admin_index_no_login.haml
@@ -0,0 +1,12 @@
+%p="==> #{@path}"
+%h1="Login"
+%form{:action => '/admin/login', :method => 'post'}
+  .username
+    %label.block{:for => 'username'}='Username'
+    %input.block{:name => 'username', :placeholder => 'username', :value => flash[:username]}
+  .password
+    %label.block{:for => 'password'}='Password'
+    %input.block{:name => 'password', :placeholder => 'password', :type => :password}
+  .submit
+    %button{:type => 'submit'}="Login"
+    %button{:type => 'submit', :formmethod => :post, :formaction => '/'}="Back"