Logging out with Rake:Auth:Basic

Basic authentication doesn't support the concept of "logging out" -
see this Apache FAQ:


--Matt Jones

Go with the simplest solution - have a 'login' action that checks
against the hard-coded info, then sets a cookie. Check for that in
your protected actions (something like the code in protected! you
posted), and clear the cookie on logout.

(No idea what cookie handling looks like on Sinatra, but it should be

--Matt Jones

Thanks for the reply Matt!

I did something like this... I'd like to know what you and others think
of it as far as security goes. While it's not a bank or anything, I'd
like my app to be as hacker proof as possible. Any suggestions to make
it more secure are welcome!

Many thanks guys!