Warden::Manager.serialize_into_session{|user| user.id }
Warden::Manager.serialize_from_session{|id| User.get(id) }
 
Warden::Manager.before_failure do |env,opts|
  # Sinatra is very sensitive to the request method
  # since authentication could fail on any type of method, we need
  # to set it for the failure app so it is routed to the correct block
  env['REQUEST_METHOD'] = "POST"
end
 
Warden::Strategies.add(:password) do
  def valid?
    params["email"] || params["password"]
  end
 
  def authenticate!
    u = User.authenticate(params["email"], params["password"])
    u.nil? ? fail!("Could not log in") : success!(u)
  end
end

require 'login_management'
 
use Rack::Session::Cookie
use Warden::Manager do |manager|
  manager.default_strategies :password
  manager.failure_app = LoginManager
end
 
run LoginManager

class LoginManager < Sinatra::Base
  get "/" do
    haml :welcome
  end
 
  post '/unauthenticated/?' do
    status 401
    haml :login
  end
 
  get '/login/?' do
    haml :login
  end
  
  post '/login/?' do
    env['warden'].authenticate!
    redirect "/"
  end
  
  get '/logout/?' do
    env['warden'].logout
    redirect '/'
  end
end