diff --git a/app.js b/app.js
index 1ca1c83d86..16e1826771 100644
--- a/app.js
+++ b/app.js
@@ -29,9 +29,14 @@
ghost.app().use(I18n.load(ghost));
ghost.app().use(express.bodyParser());
ghost.app().use(express.cookieParser('try-ghost'));
- ghost.app().use(express.session({ cookie: { maxAge: 60000 }}));
- ghost.app().use(flash());
+ ghost.app().use(express.cookieSession({ cookie: { maxAge: 60000 }}));
ghost.app().use(ghost.initTheme(ghost.app()));
+ ghost.app().use(flash());
+ // bind locals - options which appear in every view - perhaps this should be admin only
+ ghost.app().use(function (req, res, next) {
+ res.locals.messages = req.flash();
+ next();
+ });
});
/**
@@ -40,7 +45,14 @@
*
* @type {*}
*/
- auth = express.basicAuth('ghostadmin', 'Wh0YouGonnaCall?');
+ auth = function (req, res, next) {
+ if (!req.session.user) {
+ req.flash('warn', "Please login");
+ res.redirect('/ghost/login/?redirect=' + encodeURIComponent(req.path));
+ } else {
+ next();
+ }
+ };
helpers.loadCoreHelpers(ghost);
@@ -59,6 +71,10 @@
* Admin routes..
* @todo put these somewhere in admin
*/
+
+ ghost.app().get(/^\/logout\/?$/, admin.logout);
+ ghost.app().get('/ghost/login/', admin.login);
+ ghost.app().post('/ghost/login/', admin.auth);
ghost.app().get('/ghost/editor/:id', auth, admin.editor);
ghost.app().get('/ghost/editor', auth, admin.editor);
ghost.app().get('/ghost/blog', auth, admin.blog);
@@ -82,9 +98,4 @@
ghost.app().listen(3333, function () {
console.log("Express server listening on port " + 3333);
});
-// }, function (e) {
-// console.log(e.toString());
-// }).then(null, function (e) {
-// console.log(e.stack);
-// });
}());
\ No newline at end of file
diff --git a/core/admin/controllers/index.js b/core/admin/controllers/index.js
index c8b9decd43..857485a341 100644
--- a/core/admin/controllers/index.js
+++ b/core/admin/controllers/index.js
@@ -53,6 +53,26 @@
}
adminControllers = {
+ 'login': function (req, res) {
+ res.render('login', {
+ bodyClass: 'ghost-login',
+ hideNavbar: true,
+ adminNav: setSelected(adminNavbar, 'login')
+ });
+ },
+ 'auth': function (req, res) {
+ if (req.body.email === 'ghostadmin' && req.body.password === 'Wh0YouGonnaCall?') {
+ req.session.user = "ghostadmin";
+ res.redirect(req.query.redirect || '/ghost/');
+ } else {
+ res.redirect('/ghost/login/');
+ }
+ },
+ 'logout': function (req, res) {
+ delete req.session.user;
+ req.flash('success', "You were successfully logged out");
+ res.redirect('/ghost/login/');
+ },
'index': function (req, res) {
res.render('dashboard', {
bodyClass: 'dashboard',
@@ -97,9 +117,7 @@
index: function (req, res) {
res.render('debug', {
bodyClass: 'settings',
- adminNav: setSelected(adminNavbar, 'settings'),
- messages: req.flash(),
- test: 'Hello world'
+ adminNav: setSelected(adminNavbar, 'settings')
});
},
'dbdelete': function (req, res) {
diff --git a/core/admin/views/default.hbs b/core/admin/views/default.hbs
index 5c82cbf8f0..05deea33ed 100644
--- a/core/admin/views/default.hbs
+++ b/core/admin/views/default.hbs
@@ -16,7 +16,6 @@
-
@@ -32,7 +31,9 @@
{{{block "headScripts"}}}
- {{> navbar}}
+ {{#unless hideNavbar}}
+ {{> navbar}}
+ {{/unless}}
{{> flashes}}
diff --git a/core/admin/views/login.hbs b/core/admin/views/login.hbs
new file mode 100644
index 0000000000..2c53fac71c
--- /dev/null
+++ b/core/admin/views/login.hbs
@@ -0,0 +1,11 @@
+{{!< default}}
+
+
\ No newline at end of file