Created

Embed URL

HTTPS clone URL

SSH clone URL

You can clone with HTTPS or SSH.

Download Gist

Sample of Sinatra authentication

View login.rb
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106
require 'rubygems'
require 'bcrypt'
require 'haml'
require 'sinatra'
 
enable :sessions
 
userTable = {}
 
helpers do
def login?
if session[:username].nil?
return false
else
return true
end
end
def username
return session[:username]
end
end
 
get "/" do
haml :index
end
 
get "/signup" do
haml :signup
end
 
post "/signup" do
password_salt = BCrypt::Engine.generate_salt
password_hash = BCrypt::Engine.hash_secret(params[:password], password_salt)
#ideally this would be saved into a database, hash used just for sample
userTable[params[:username]] = {
:salt => password_salt,
:passwordhash => password_hash
}
session[:username] = params[:username]
redirect "/"
end
 
post "/login" do
if userTable.has_key?(params[:username])
user = userTable[params[:username]]
if user[:passwordhash] == BCrypt::Engine.hash_secret(params[:password], user[:salt])
session[:username] = params[:username]
redirect "/"
end
end
haml :error
end
 
get "/logout" do
session[:username] = nil
redirect "/"
end
 
__END__
@@layout
!!! 5
%html
%head
%title Sinatra Authentication
%body
=yield
@@index
-if login?
%h1= "Welcome #{username}!"
%a{:href => "/logout"} Logout
-else
%form(action="/login" method="post")
%div
%label(for="username")Username:
%input#username(type="text" name="username")
%div
%label(for="password")Password:
%input#password(type="password" name="password")
%div
%input(type="submit" value="Login")
%input(type="reset" value="Clear")
%p
%a{:href => "/signup"} Signup
@@signup
%p Enter the username and password!
%form(action="/signup" method="post")
%div
%label(for="username")Username:
%input#username(type="text" name="username")
%div
%label(for="password")Password:
%input#password(type="password" name="password")
%div
%label(for="checkpassword")Password:
%input#password(type="password" name="checkpassword")
%div
%input(type="submit" value="Sign Up")
%input(type="reset" value="Clear")
@@error
%p Wrong username or password
%p Please try again!

For lines 12 to 18 you could write something like session[:username].nil? ? false : true instead, right? Also, no need for all the returns.

@rafalchmiel: You could just use !!session[:username]. nil evaluates to false, so by negating it twice you force it to a bool. If there is a username in there, you will force the value to true.

If you want to use your code, !session[:username].nil? would do the job as well.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Something went wrong with that request. Please try again.