require 'sinatra/base'require 'rack/flash'require 'warden'require 'slim'requ

1. require 'sinatra/base'
2. require 'rack/flash'
3. require 'warden'
4. require 'slim'
5. require 'sequel'
6. require 'sqlite3'
7.  
8. DB = Sequel.sqlite
9. DB.create_table :users do
10. primary_key :id
11. String :name
12. String :password # don't do this in production!
13. end
14.  
15. class User < Sequel::Model
16. def self.authenticate(name, password)
17. user = self.first(name: name)
18. user if user && user.password == password
19. end
20. end
21.  
22. User.create(name: 'abc', password: 'secret')
23.  
24. module App
25. class Session < Sinatra::Base
26.  
27. enable :inline_templates
28.  
29. get '/new' do
30. slim :new
31. end
32.  
33. post '/' do
34. env['warden'].authenticate!
35. flash.success = env['warden'].message
36. redirect session[:return_to]
37. end
38.  
39. delete '/' do
40. env['warden'].raw_session.inspect
41. env['warden'].logout
42. flash.success = 'Successfully logged out'
43. redirect '/'
44. end
45.  
46. post '/unauthenticated' do
47. session[:return_to] = env['warden.options'][:attempted_path]
48. flash.error = env['warden'].message
49. redirect to '/new'
50. end
51.  
52. not_found do
53. redirect '/' # catch redirects to GET '/session'
54. end
55. end
56.  
57. class Main < Sinatra::Base
58.  
59. enable :inline_templates
60.  
61. get '/' do
62. slim 'h1 Index'
63. end
64.  
65. get '/admin' do
66. env['warden'].authenticate!
67. slim 'h1 Admin'
68. end
69. end
70. end
71.  
72.  
73. builder = Rack::Builder.new do
74. Warden::Manager.serialize_into_session{|user| user.id }
75. Warden::Manager.serialize_from_session{|id| User[id] }
76.  
77. Warden::Manager.before_failure do |env,opts|
78. env['REQUEST_METHOD'] = 'POST'
79. end
80.  
81. Warden::Strategies.add(:password) do
82. def valid?
83. params['user'] && params['user']['name'] && params['user']['password']
84. end
85.  
86. def authenticate!
87. user = User.authenticate(
88. params['user']['name'],
89. params['user']['password']
90. )
91. user.nil? ? fail!('Could not log in') : success!(user, 'Successfully logged in')
92. end
93. end
94.  
95. use Rack::MethodOverride
96. use Rack::Session::Cookie
97. use Rack::Flash, accessorize: [:error, :success]
98. use Warden::Manager do |config|
99. config.scope_defaults :default,
100. strategies: [:password],
101. action: 'session/unauthenticated'
102. config.failure_app = self
103. end
104.  
105. map '/session' do
106. run App::Session
107. end
108.  
109. map '/' do
110. run App::Main
111. end
112. end
113.  
114. Rack::Handler::Thin.run builder
115.  
116. __END__
117. @@ layout
118. html
119. head
120. body
121. #flash
122. - [:error, :success].each do |name|
123. - if flash.has?(name)
124. .message class=name
125. p = flash[name]
126. nav
127. ul
128. - if env['warden'].authenticated?
129. li
130. form action='/session' method='post'
131. input type='hidden' name='_method' value='delete'
132. input type='submit' value='logout'
133. - else
134. li
135. a href='/session/new' login to your account
136. li
137. a href='/admin' admin
138. == yield
139. @@ new
140. form method='post' action=url('/')
141. input type='input' name='user[name]' placeholder='abc'
142. input type='input' name='user[password]' placeholder='secret'
143. input type='submit'