Remove my own session encryption, since Rack::Session::Cookie already…

… takes care of it.

Gemfile

@@ -5,4 +5,3 @@ gem 'dm-core'
 gem 'dm-migrations'
 gem 'dm-postgres-adapter'
 gem 'dm-validations'
-gem 'encryptor'

Gemfile.lock

@@ -19,7 +19,6 @@ GEM
       dm-core (~> 1.0.2)
     do_postgres (0.10.2)
       data_objects (= 0.10.2)
-    encryptor (1.1.1)
     extlib (0.9.15)
     rack (1.2.1)
     sinatra (1.0)
@@ -33,5 +32,4 @@ DEPENDENCIES
   dm-migrations
   dm-postgres-adapter
   dm-validations
-  encryptor
   sinatra

shortener.rb

@@ -6,7 +6,6 @@
 require 'dm-postgres-adapter'
 require 'dm-migrations'
 require 'dm-validations'
-require 'encryptor'
 
 DataMapper.setup(:default, ENV['DATABASE_URL'])
 
@@ -15,13 +14,12 @@
 DataMapper.finalize
 DataMapper.auto_upgrade!
 
-enable :sessions
+# Set the secret to the DATABASE_URL, since that's something that isn't shared
+use Rack::Session::Cookie, :secret =>  ENV['DATABASE_URL']                          
 
 def logged_in?
-  return true  if ENV['ADMIN_USERNAME'].nil? || ENV['ADMIN_PASSWORD'].nil?
-  return false if session['key'].nil?
-
-  Encryptor.decrypt(:value => session['key'], :key => ENV['DATABASE_URL']) == request.ip
+  return true if ENV['ADMIN_USERNAME'].nil? || ENV['ADMIN_PASSWORD'].nil?
+  session['logged_in'] == 1
 end
 
 def require_log_in
@@ -33,7 +31,7 @@ def require_log_in
 end
 
 # Admin section
-get '/-/?' do
+get '/-/?' do  
   require_log_in
 
   @links = Link.all(:order => [:id.desc])
@@ -52,15 +50,15 @@ def require_log_in
 end
 
 get '/-/logout' do
-  session['key'] = nil
+  session['logged_in'] = nil
   redirect "/-/login"
 end
 
 post '/-/login' do
   redirect '/-/login' if params[:password] != ENV['ADMIN_PASSWORD'] ||
                          params[:username] != ENV['ADMIN_USERNAME']
 
-  session['key'] = Encryptor.encrypt(:value => request.ip, :key => ENV['DATABASE_URL'])
+  session['logged_in'] = 1
   redirect '/-/'
 end