Created
November 22, 2011 00:45
-
-
Save amscotti/1384524 to your computer and use it in GitHub Desktop.
Sample of Sinatra authentication
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| require 'rubygems' | |
| require 'bcrypt' | |
| require 'haml' | |
| require 'sinatra' | |
| enable :sessions | |
| userTable = {} | |
| helpers do | |
| def login? | |
| if session[:username].nil? | |
| return false | |
| else | |
| return true | |
| end | |
| end | |
| def username | |
| return session[:username] | |
| end | |
| end | |
| get "/" do | |
| haml :index | |
| end | |
| get "/signup" do | |
| haml :signup | |
| end | |
| post "/signup" do | |
| password_salt = BCrypt::Engine.generate_salt | |
| password_hash = BCrypt::Engine.hash_secret(params[:password], password_salt) | |
| #ideally this would be saved into a database, hash used just for sample | |
| userTable[params[:username]] = { | |
| :salt => password_salt, | |
| :passwordhash => password_hash | |
| } | |
| session[:username] = params[:username] | |
| redirect "/" | |
| end | |
| post "/login" do | |
| if userTable.has_key?(params[:username]) | |
| user = userTable[params[:username]] | |
| if user[:passwordhash] == BCrypt::Engine.hash_secret(params[:password], user[:salt]) | |
| session[:username] = params[:username] | |
| redirect "/" | |
| end | |
| end | |
| haml :error | |
| end | |
| get "/logout" do | |
| session[:username] = nil | |
| redirect "/" | |
| end | |
| __END__ | |
| @@layout | |
| !!! 5 | |
| %html | |
| %head | |
| %title Sinatra Authentication | |
| %body | |
| =yield | |
| @@index | |
| -if login? | |
| %h1= "Welcome #{username}!" | |
| %a{:href => "/logout"} Logout | |
| -else | |
| %form(action="/login" method="post") | |
| %div | |
| %label(for="username")Username: | |
| %input#username(type="text" name="username") | |
| %div | |
| %label(for="password")Password: | |
| %input#password(type="password" name="password") | |
| %div | |
| %input(type="submit" value="Login") | |
| %input(type="reset" value="Clear") | |
| %p | |
| %a{:href => "/signup"} Signup | |
| @@signup | |
| %p Enter the username and password! | |
| %form(action="/signup" method="post") | |
| %div | |
| %label(for="username")Username: | |
| %input#username(type="text" name="username") | |
| %div | |
| %label(for="password")Password: | |
| %input#password(type="password" name="password") | |
| %div | |
| %label(for="checkpassword")Password: | |
| %input#password(type="password" name="checkpassword") | |
| %div | |
| %input(type="submit" value="Sign Up") | |
| %input(type="reset" value="Clear") | |
| @@error | |
| %p Wrong username or password | |
| %p Please try again! |
@rafalchmiel: You could just use !!session[:username]. nil evaluates to false, so by negating it twice you force it to a bool. If there is a username in there, you will force the value to true.
If you want to use your code, !session[:username].nil? would do the job as well.
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
For lines 12 to 18 you could write something like
session[:username].nil? ? false : trueinstead, right? Also, no need for all thereturns.