diff --git a/Gemfile b/Gemfile index d9a3401..c86d881 100644 --- a/Gemfile +++ b/Gemfile @@ -5,4 +5,3 @@ gem 'dm-core' gem 'dm-migrations' gem 'dm-postgres-adapter' gem 'dm-validations' -gem 'encryptor' diff --git a/Gemfile.lock b/Gemfile.lock index ad43326..8f7699e 100644 --- a/Gemfile.lock +++ b/Gemfile.lock @@ -19,7 +19,6 @@ GEM dm-core (~> 1.0.2) do_postgres (0.10.2) data_objects (= 0.10.2) - encryptor (1.1.1) extlib (0.9.15) rack (1.2.1) sinatra (1.0) @@ -33,5 +32,4 @@ DEPENDENCIES dm-migrations dm-postgres-adapter dm-validations - encryptor sinatra diff --git a/shortener.rb b/shortener.rb index 812f9be..a242166 100644 --- a/shortener.rb +++ b/shortener.rb @@ -6,7 +6,6 @@ require 'dm-postgres-adapter' require 'dm-migrations' require 'dm-validations' -require 'encryptor' DataMapper.setup(:default, ENV['DATABASE_URL']) @@ -15,13 +14,12 @@ DataMapper.finalize DataMapper.auto_upgrade! -enable :sessions +# Set the secret to the DATABASE_URL, since that's something that isn't shared +use Rack::Session::Cookie, :secret => ENV['DATABASE_URL'] def logged_in? - return true if ENV['ADMIN_USERNAME'].nil? || ENV['ADMIN_PASSWORD'].nil? - return false if session['key'].nil? - - Encryptor.decrypt(:value => session['key'], :key => ENV['DATABASE_URL']) == request.ip + return true if ENV['ADMIN_USERNAME'].nil? || ENV['ADMIN_PASSWORD'].nil? + session['logged_in'] == 1 end def require_log_in @@ -33,7 +31,7 @@ def require_log_in end # Admin section -get '/-/?' do +get '/-/?' do require_log_in @links = Link.all(:order => [:id.desc]) @@ -52,7 +50,7 @@ def require_log_in end get '/-/logout' do - session['key'] = nil + session['logged_in'] = nil redirect "/-/login" end @@ -60,7 +58,7 @@ def require_log_in redirect '/-/login' if params[:password] != ENV['ADMIN_PASSWORD'] || params[:username] != ENV['ADMIN_USERNAME'] - session['key'] = Encryptor.encrypt(:value => request.ip, :key => ENV['DATABASE_URL']) + session['logged_in'] = 1 redirect '/-/' end