eksa-framework 3.3.3 → 3.4.3

data/lib/eksa/cms_controller.rb

@@ -0,0 +1,110 @@
+module Eksa
+  class CmsController < Eksa::Controller
+    def index
+      return unless require_auth
+      
+      @posts = Eksa::MarkdownPost.all(include_unpublished: true)
+      render_internal 'cms/index'
+    end
+
+    def edit
+      return unless require_auth
+      
+      slug = params['slug']
+      @post = Eksa::MarkdownPost.find(slug)
+      
+      if @post
+        render_internal 'cms/edit'
+      else
+        redirect_to "/cms", notice: "Error: Postingan tidak ditemukan."
+      end
+    end
+
+    def update_post
+      return unless require_auth
+      
+      slug = params['slug']
+      post_path = File.join(Eksa::MarkdownPost::POSTS_DIR, "#{slug}.md")
+      
+      unless File.exist?(post_path)
+        return redirect_to "/cms", notice: "Error: Postingan tidak ditemukan."
+      end
+
+      # Existing metadata fetching to preserve unmodified keys like 'date' if not handling them
+      # We parse form params
+      title = params['title']
+      category = params['category']
+      author = params['author']
+      image = params['image']
+      content = params['content']
+      
+      # We'll re-read the original to preserve keys we aren't allowing to edit (like published status and date)
+      original_content = File.read(post_path, encoding: 'utf-8')
+      metadata = {}
+      
+      if original_content =~ /\A(---\s*\r?\n.*?\r?\n)^(---\s*\r?\n?)/m
+        metadata = YAML.safe_load($1, permitted_classes: [Time]) || {}
+      end
+      
+      # Update metadata with form values
+      metadata['title'] = title
+      metadata['category'] = category
+      metadata['author'] = author
+      metadata['image'] = image unless image.nil? || image.strip.empty?
+      
+      # Dump new YAML
+      new_yaml = YAML.dump(metadata)
+      
+      # Join with content
+      new_file_content = "#{new_yaml}---\n\n#{content}"
+      
+      # Write changes
+      File.write(post_path, new_file_content, encoding: 'utf-8')
+      
+      redirect_to "/cms", notice: "Postingan '#{title}' berhasil diperbarui."
+    end
+
+    def toggle_status
+      return unless require_auth
+      
+      slug = params['slug']
+      post_path = File.join(Eksa::MarkdownPost::POSTS_DIR, "#{slug}.md")
+      
+      if File.exist?(post_path)
+        content = File.read(post_path, encoding: 'utf-8')
+        
+        # Simple string replacement for published status in front matter
+        if content.match?(/^published:\s*false/m)
+          new_content = content.sub(/^published:\s*false/m, "published: true")
+          status = "diaktifkan"
+        elsif content.match?(/^published:\s*true/m)
+          new_content = content.sub(/^published:\s*true/m, "published: false")
+          status = "dinonaktifkan"
+        else
+          # If no published tag exists, it's implicitly true, so we set it to false
+          new_content = content.sub(/\A(---\r?\n)/) { "#{$1}published: false\n" }
+          status = "dinonaktifkan"
+        end
+        
+        File.write(post_path, new_content)
+        redirect_to "/cms", notice: "Postingan #{File.basename(post_path)} berhasil #{status}."
+      else
+        redirect_to "/cms", notice: "Error: Postingan tidak ditemukan."
+      end
+    end
+
+    def delete_post
+      return unless require_auth
+
+      slug = params['slug']
+      post_path = File.join(Eksa::MarkdownPost::POSTS_DIR, "#{slug}.md")
+
+      if File.exist?(post_path)
+        File.delete(post_path)
+        redirect_to "/cms", notice: "Postingan berhasil dihapus secara permanen."
+      else
+        redirect_to "/cms", notice: "Error: Postingan tidak ditemukan."
+      end
+    end
+  end
+end

data/lib/eksa/controller.rb

@@ -15,6 +15,23 @@ module Eksa
       @request.params
     end
 
+    def session
+      @request.session
+    end
+
+    def current_user
+      return @current_user if defined?(@current_user)
+      @current_user = session['user_id'] ? Eksa::User.find(session['user_id']) : nil
+    end
+
+    def require_auth
+      unless current_user
+        redirect_to "/auth/login", notice: "Anda harus login untuk mengakses halaman ini."
+        return false
+      end
+      true
+    end
+
     def stylesheet_tag(filename)
       "<link rel='stylesheet' href='/css/#{filename}.css'>"
     end
@@ -38,22 +55,31 @@ module Eksa
       variables.each { |k, v| instance_variable_set("@#{k}", v) }
 
       content_path = File.expand_path("./app/views/#{template_name}.html.erb")
+      internal_content_path = File.expand_path("../../eksa/views/#{template_name}.html.erb", __FILE__)
+      
       layout_path  = File.expand_path("./app/views/layout.html.erb")
+      internal_layout_path  = File.expand_path("../../eksa/views/layout.html.erb", __FILE__)
+
+      actual_content_path = File.exist?(content_path) ? content_path : internal_content_path
+      actual_layout_path = File.exist?(layout_path) ? layout_path : internal_layout_path
 
-      if File.exist?(content_path)
-        @content = ERB.new(File.read(content_path)).result(binding)
-        if File.exist?(layout_path)
-          ERB.new(File.read(layout_path)).result(binding)
+      if File.exist?(actual_content_path)
+        @content = ERB.new(File.read(actual_content_path)).result(binding)
+        if File.exist?(actual_layout_path)
+          ERB.new(File.read(actual_layout_path)).result(binding)
         else
           @content
         end
       else
         "<div class='glass' style='padding: 2rem; border-radius: 1rem; color: #ff5555; background: rgba(255,0,0,0.1); backdrop-filter: blur(10px);'>
           <h2 style='margin-top:0;'>⚠️ View Error</h2>
-          <p>Template <strong>#{template_name}</strong> tidak ditemukan di:</p>
-          <code style='display:block; background:rgba(0,0,0,0.2); padding:0.5rem; border-radius:0.5rem;'>#{content_path}</code>
+          <p>Template <strong>#{template_name}</strong> tidak ditemukan di app/views atau internal eksa/views.</p>
         </div>"
       end
     end
+
+    def render_internal(template_name, variables = {})
+      render(template_name, variables)
+    end
   end
 end

data/lib/eksa/markdown_post.rb

@@ -10,16 +10,19 @@ module Eksa
 
     POSTS_DIR = "_posts"
 
-    def self.all
+    def self.all(include_unpublished: false)
       return [] unless Dir.exist?(POSTS_DIR)
       
-      Dir.glob(File.join(POSTS_DIR, "*.md")).map do |file|
+      posts = Dir.glob(File.join(POSTS_DIR, "*.md")).map do |file|
         new(file)
-      end.sort_by { |p| p.date }.reverse
+      end
+      
+      posts.reject! { |p| !p.published? } unless include_unpublished
+      posts.sort_by { |p| p.date }.reverse
     end
 
     def self.find(slug)
-      all.find { |p| p.slug == slug }
+      all(include_unpublished: true).find { |p| p.slug == slug && p.published? }
     end
 
     def initialize(file_path)
@@ -48,6 +51,10 @@ module Eksa
       @metadata['image'] || ""
     end
 
+    def published?
+      @metadata.key?('published') ? @metadata['published'] : true
+    end
+
     def body_html
       Kramdown::Document.new(@content, input: 'GFM').to_html
     end

data/lib/eksa/user.rb

@@ -0,0 +1,47 @@
+module Eksa
+  class User < Eksa::Model
+    require 'bcrypt'
+
+    def self.setup_schema
+      db.execute <<~SQL
+        CREATE TABLE IF NOT EXISTS eksa_users (
+          id INTEGER PRIMARY KEY AUTOINCREMENT,
+          username TEXT UNIQUE,
+          password_hash TEXT,
+          created_at DATETIME DEFAULT CURRENT_TIMESTAMP
+        )
+      SQL
+    end
+
+    def self.all
+      db.execute("SELECT id, username FROM eksa_users")
+    end
+
+    def self.create(username, password)
+      hash = BCrypt::Password.create(password)
+      db.execute("INSERT INTO eksa_users (username, password_hash) VALUES (?, ?)", [username, hash])
+    end
+
+    def self.update_password(username, new_password)
+      hash = BCrypt::Password.create(new_password)
+      db.execute("UPDATE eksa_users SET password_hash = ? WHERE username = ?", [hash, username])
+    end
+
+    def self.authenticate(username, password)
+      user_data = db.execute("SELECT id, username, password_hash FROM eksa_users WHERE username = ? LIMIT 1", [username]).first
+      return nil unless user_data
+
+      stored_hash = BCrypt::Password.new(user_data[2])
+      if stored_hash == password
+        { id: user_data[0], username: user_data[1] }
+      else
+        nil
+      end
+    end
+
+    def self.find(id)
+      user_data = db.execute("SELECT id, username FROM eksa_users WHERE id = ? LIMIT 1", [id]).first
+      user_data ? { id: user_data[0], username: user_data[1] } : nil
+    end
+  end
+end

data/lib/eksa/version.rb

@@ -1,3 +1,3 @@
 module Eksa
-  VERSION = "3.3.3"
+  VERSION = "3.4.3"
 end

data/lib/eksa/views/auth/login.html.erb

@@ -0,0 +1,44 @@
+<div class="glass max-w-md mx-auto rounded-3xl p-8 animate__animated animate__fadeIn relative overflow-hidden">
+  <div class="absolute inset-0 bg-indigo-500/10 blur-3xl rounded-full translate-x-1/2 -translate-y-1/2"></div>
+  
+  <div class="relative z-10 text-center mb-8">
+    <div class="w-16 h-16 bg-white/10 rounded-2xl flex items-center justify-center mx-auto mb-4 border border-white/20 shadow-xl">
+      <i data-lucide="lock" class="w-8 h-8 text-indigo-300"></i>
+    </div>
+    <h1 class="text-3xl font-extrabold text-white tracking-tight mb-2">Masuk CMS</h1>
+    <p class="text-white/50 text-sm">Masuk untuk mengelola postingan blog Anda.</p>
+  </div>
+
+  <% if @flash && @flash[:notice] %>
+    <div class="relative z-10 mb-6 p-4 rounded-xl bg-red-500/20 border border-red-500/30 text-red-200 text-sm text-center font-medium animate__animated animate__shakeX">
+      <i data-lucide="alert-circle" class="w-4 h-4 inline-block mr-1 -mt-0.5"></i>
+      <%= @flash[:notice] %>
+    </div>
+  <% end %>
+
+  <form action="/auth/process_login" method="post" class="relative z-10 space-y-4">
+    <div>
+      <label class="block text-xs font-bold text-indigo-300 uppercase tracking-widest mb-2">Username</label>
+      <input type="text" name="username" required 
+             class="w-full bg-black/40 border border-white/10 rounded-xl px-4 py-3 text-white focus:outline-none focus:border-indigo-500 focus:ring-1 focus:ring-indigo-500 transition placeholder-white/20"
+             placeholder="Masukkan username...">
+    </div>
+    
+    <div>
+      <label class="block text-xs font-bold text-indigo-300 uppercase tracking-widest mb-2">Password</label>
+      <input type="password" name="password" required 
+             class="w-full bg-black/40 border border-white/10 rounded-xl px-4 py-3 text-white focus:outline-none focus:border-indigo-500 focus:ring-1 focus:ring-indigo-500 transition placeholder-white/20"
+             placeholder="••••••••">
+    </div>
+
+    <button type="submit" class="w-full mt-4 bg-indigo-600 hover:bg-indigo-500 text-white font-bold py-3 px-4 rounded-xl transition duration-300 shadow-lg shadow-indigo-600/30 flex items-center justify-center gap-2">
+      <i data-lucide="log-in" class="w-4 h-4"></i> Sign In
+    </button>
+  </form>
+
+  <div class="relative z-10 mt-6 text-center">
+    <p class="text-white/40 text-xs">Belum punya akun admin? 
+      <a href="/auth/register" class="text-indigo-400 hover:text-white transition font-medium">Register di sini</a>
+    </p>
+  </div>
+</div>

data/lib/eksa/views/auth/register.html.erb

@@ -0,0 +1,53 @@
+<div class="glass max-w-md mx-auto rounded-3xl p-8 animate__animated animate__fadeIn relative overflow-hidden">
+  <div class="absolute inset-0 bg-emerald-500/10 blur-3xl rounded-full translate-x-1/2 -translate-y-1/2"></div>
+  
+  <div class="relative z-10 text-center mb-8">
+    <div class="w-16 h-16 bg-white/10 rounded-2xl flex items-center justify-center mx-auto mb-4 border border-white/20 shadow-xl">
+      <i data-lucide="user-plus" class="w-8 h-8 text-emerald-300"></i>
+    </div>
+    <h1 class="text-3xl font-extrabold text-white tracking-tight mb-2">Registrasi Admin</h1>
+    <p class="text-white/50 text-sm">Buat akun untuk mengelola Eksa Framework.</p>
+  </div>
+
+  <% if @admin_exists %>
+    <div class="relative z-10 text-center bg-emerald-500/20 border border-emerald-500/30 rounded-xl p-6 text-emerald-200">
+      <i data-lucide="badge-check" class="w-12 h-12 mx-auto mb-3 text-emerald-400"></i>
+      <h2 class="text-lg font-bold mb-2 text-white">Akun Admin Sudah Dibuat</h2>
+      <p class="text-sm opacity-80 text-white/70">Hanya satu akun admin yang diizinkan untuk keamanan CMS.</p>
+    </div>
+  <% else %>
+  
+    <% if @flash && @flash[:notice] %>
+      <div class="relative z-10 mb-6 p-4 rounded-xl bg-red-500/20 border border-red-500/30 text-red-200 text-sm text-center font-medium animate__animated animate__shakeX">
+        <i data-lucide="alert-circle" class="w-4 h-4 inline-block mr-1 -mt-0.5"></i>
+        <%= @flash[:notice] %>
+      </div>
+    <% end %>
+
+    <form action="/auth/process_register" method="post" class="relative z-10 space-y-4">
+      <div>
+        <label class="block text-xs font-bold text-emerald-300 uppercase tracking-widest mb-2">Username</label>
+        <input type="text" name="username" required 
+               class="w-full bg-black/40 border border-white/10 rounded-xl px-4 py-3 text-white focus:outline-none focus:border-emerald-500 focus:ring-1 focus:ring-emerald-500 transition placeholder-white/20"
+               placeholder="Pilih username...">
+      </div>
+      
+      <div>
+        <label class="block text-xs font-bold text-emerald-300 uppercase tracking-widest mb-2">Password</label>
+        <input type="password" name="password" required minlength="6"
+               class="w-full bg-black/40 border border-white/10 rounded-xl px-4 py-3 text-white focus:outline-none focus:border-emerald-500 focus:ring-1 focus:ring-emerald-500 transition placeholder-white/20"
+               placeholder="Minimal 6 karakter">
+      </div>
+
+      <button type="submit" class="w-full mt-4 bg-emerald-600 hover:bg-emerald-500 text-white font-bold py-3 px-4 rounded-xl transition duration-300 shadow-lg shadow-emerald-600/30 flex items-center justify-center gap-2">
+        <i data-lucide="shield-check" class="w-4 h-4"></i> Buat Akun
+      </button>
+    </form>
+  <% end %>
+
+  <div class="relative z-10 mt-6 text-center">
+    <p class="text-white/40 text-xs">Sudah punya akun? 
+      <a href="/auth/login" class="text-emerald-400 hover:text-white transition font-medium">Login sekarang</a>
+    </p>
+  </div>
+</div>

data/lib/eksa/views/cms/edit.html.erb

@@ -0,0 +1,63 @@
+<div class="glass max-w-4xl mx-auto rounded-3xl p-10 text-white animate__animated animate__zoomIn animate__faster relative overflow-hidden">
+  <div class="absolute inset-0 bg-yellow-500/10 blur-3xl rounded-full translate-x-1/2 -translate-y-1/2"></div>
+  
+  <div class="relative z-10 flex items-center justify-between mb-8 pb-6 border-b border-white/10">
+    <div class="flex items-center gap-4">
+      <div class="w-14 h-14 bg-yellow-500/20 rounded-2xl flex items-center justify-center border border-yellow-500/30 shadow-xl shadow-yellow-500/20">
+        <i data-lucide="edit-3" class="w-7 h-7 text-yellow-300"></i>
+      </div>
+      <div>
+        <h1 class="text-3xl font-extrabold tracking-tight">Edit <span class="text-yellow-300">Post</span></h1>
+        <p class="text-white/50 text-sm mt-1">Mengedit <%= @post.filename %></p>
+      </div>
+    </div>
+    <a href="/cms" class="px-4 py-2 bg-white/5 hover:bg-white/10 rounded-xl transition border border-white/10 text-sm font-medium flex items-center gap-2">
+      <i data-lucide="arrow-left" class="w-4 h-4"></i> Kembali
+    </a>
+  </div>
+
+  <form action="/cms/update/<%= @post.slug %>" method="post" class="relative z-10 space-y-6">
+    <div class="grid grid-cols-1 md:grid-cols-2 gap-6">
+      <div class="space-y-2">
+        <label class="block text-xs font-bold text-yellow-300 uppercase tracking-widest">Judul Postingan</label>
+        <input type="text" name="title" value="<%= @post.title %>" required
+               class="w-full bg-black/40 border border-white/10 rounded-xl px-4 py-3 text-white focus:outline-none focus:border-yellow-500 focus:ring-1 focus:ring-yellow-500 transition">
+      </div>
+      
+      <div class="space-y-2">
+        <label class="block text-xs font-bold text-yellow-300 uppercase tracking-widest">Kategori</label>
+        <input type="text" name="category" value="<%= @post.category %>" required
+               class="w-full bg-black/40 border border-white/10 rounded-xl px-4 py-3 text-white focus:outline-none focus:border-yellow-500 focus:ring-1 focus:ring-yellow-500 transition">
+      </div>
+
+      <div class="space-y-2">
+        <label class="block text-xs font-bold text-yellow-300 uppercase tracking-widest">Penulis (Author)</label>
+        <input type="text" name="author" value="<%= @post.author %>" required
+               class="w-full bg-black/40 border border-white/10 rounded-xl px-4 py-3 text-white focus:outline-none focus:border-yellow-500 focus:ring-1 focus:ring-yellow-500 transition">
+      </div>
+
+      <div class="space-y-2">
+        <label class="block text-xs font-bold text-yellow-300 uppercase tracking-widest">Image Thumbnail URL</label>
+        <input type="text" name="image" value="<%= @post.image %>"
+               class="w-full bg-black/40 border border-white/10 rounded-xl px-4 py-3 text-white focus:outline-none focus:border-yellow-500 focus:ring-1 focus:ring-yellow-500 transition"
+               placeholder="Contoh: header.jpg atau kosongkan">
+      </div>
+    </div>
+
+    <div class="space-y-2 pt-4">
+      <label class="block text-xs font-bold text-yellow-300 uppercase tracking-widest">Konten (Markdown)</label>
+      <div class="relative group">
+        <textarea name="content" required rows="15"
+                  class="w-full bg-black/40 border border-white/10 rounded-xl px-5 py-4 text-white focus:outline-none focus:border-yellow-500 focus:ring-1 focus:ring-yellow-500 font-mono text-sm leading-relaxed transition"><%= @post.content.strip %></textarea>
+        <!-- Decorative subtle icon -->
+        <i data-lucide="file-text" class="absolute bottom-4 right-4 w-12 h-12 text-white/5 pointer-events-none transition group-hover:text-yellow-500/10"></i>
+      </div>
+    </div>
+
+    <div class="pt-6 border-t border-white/5 flex justify-end">
+      <button type="submit" class="bg-yellow-500 hover:bg-yellow-400 text-yellow-950 font-bold py-3 px-8 rounded-xl transition duration-300 shadow-xl shadow-yellow-500/20 flex items-center gap-2">
+        <i data-lucide="save" class="w-5 h-5"></i> Simpan Perubahan
+      </button>
+    </div>
+  </form>
+</div>

data/lib/eksa/views/cms/index.html.erb

@@ -0,0 +1,83 @@
+<div class="glass rounded-3xl p-10 text-white animate__animated animate__fadeIn">
+  <div class="flex items-center justify-between mb-10 pb-6 border-b border-white/10">
+    <div class="flex items-center gap-4">
+      <div class="p-4 bg-indigo-500 rounded-2xl shadow-xl">
+        <i data-lucide="layout-dashboard" class="w-8 h-8"></i>
+      </div>
+      <div>
+        <h1 class="text-4xl font-extrabold tracking-tight">CMS <span class="text-indigo-300">Dashboard</span></h1>
+        <p class="text-white/50">Kelola visibilitas postingan blog Anda</p>
+      </div>
+    </div>
+    <div class="flex items-center gap-4">
+      <span class="px-4 py-2 bg-white/5 rounded-xl border border-white/10 text-sm font-medium text-white/80">
+        <i data-lucide="user" class="w-4 h-4 inline-block mr-1"></i> Admin
+      </span>
+      <a href="/auth/logout" class="px-4 py-2 bg-red-500/20 hover:bg-red-500/40 text-red-300 rounded-xl border border-red-500/30 transition shadow-lg text-sm font-bold flex items-center gap-2">
+        <i data-lucide="log-out" class="w-4 h-4"></i> Logout
+      </a>
+    </div>
+  </div>
+
+  <div class="overflow-hidden rounded-2xl border border-white/10 bg-black/20">
+    <table class="w-full text-left border-collapse">
+      <thead>
+        <tr class="bg-white/5 text-indigo-200 text-xs uppercase tracking-widest">
+          <th class="p-4 font-bold border-b border-white/10">Postingan</th>
+          <th class="p-4 font-bold border-b border-white/10">Kategori</th>
+          <th class="p-4 font-bold border-b border-white/10">Status</th>
+          <th class="p-4 font-bold border-b border-white/10 text-right">Aksi</th>
+        </tr>
+      </thead>
+      <tbody class="divide-y divide-white/5">
+        <% if @posts.empty? %>
+          <tr>
+            <td colspan="4" class="p-8 text-center text-white/40">
+              <i data-lucide="folder-open" class="w-8 h-8 mx-auto mb-2 opacity-50"></i>
+              Belum ada postingan markdown di _posts/
+            </td>
+          </tr>
+        <% else %>
+          <% @posts.each do |post| %>
+            <tr class="hover:bg-white/5 transition">
+              <td class="p-4">
+                <p class="font-bold text-lg"><%= post.title %></p>
+                <p class="text-xs text-white/40 font-mono"><%= post.filename %></p>
+              </td>
+              <td class="p-4">
+                <span class="text-[10px] font-bold text-indigo-300 uppercase tracking-widest px-2 py-1 bg-indigo-500/20 rounded-md border border-indigo-500/30">
+                  <%= post.category %>
+                </span>
+              </td>
+              <td class="p-4">
+                <% if post.published? %>
+                  <span class="inline-flex items-center gap-1.5 px-3 py-1 rounded-full text-xs font-bold bg-emerald-500/20 text-emerald-300 border border-emerald-500/30">
+                    <span class="w-2 h-2 rounded-full bg-emerald-400"></span> Aktif
+                  </span>
+                <% else %>
+                  <span class="inline-flex items-center gap-1.5 px-3 py-1 rounded-full text-xs font-bold bg-gray-500/20 text-gray-400 border border-gray-500/30">
+                    <span class="w-2 h-2 rounded-full bg-gray-400"></span> Draft
+                  </span>
+                <% end %>
+              </td>
+              <td class="p-4 text-right space-x-2">
+                <a href="/cms/edit/<%= post.slug %>" class="inline-flex items-center justify-center p-2 rounded-lg bg-yellow-500/20 hover:bg-yellow-500/40 text-yellow-300 transition border border-yellow-500/30" title="Edit Post">
+                  <i data-lucide="edit" class="w-4 h-4"></i>
+                </a>
+                <a href="/posts/<%= post.slug %>" target="_blank" class="inline-flex items-center justify-center p-2 rounded-lg bg-white/5 hover:bg-white/10 text-white/70 transition border border-white/10" title="Lihat Post">
+                  <i data-lucide="external-link" class="w-4 h-4"></i>
+                </a>
+                <a href="/cms/toggle/<%= post.slug %>" class="inline-flex items-center justify-center p-2 rounded-lg bg-indigo-500/20 hover:bg-indigo-500/40 text-indigo-300 transition border border-indigo-500/30" title="Toggle Status">
+                  <i data-lucide="<%= post.published? ? 'eye-off' : 'eye' %>" class="w-4 h-4"></i>
+                </a>
+                <a href="/cms/delete/<%= post.slug %>" onclick="return confirm('Yakin ingin menghapus postingan ini selamanya?')" class="inline-flex items-center justify-center p-2 rounded-lg bg-red-500/20 hover:bg-red-500/40 text-red-300 transition border border-red-500/30" title="Hapus Permanen">
+                  <i data-lucide="trash-2" class="w-4 h-4"></i>
+                </a>
+              </td>
+            </tr>
+          <% end %>
+        <% end %>
+      </tbody>
+    </table>
+  </div>
+</div>

data/lib/eksa.rb

@@ -1,19 +1,25 @@
 require 'rack'
+require 'rack/session'
 require 'json'
 require_relative 'eksa/version'
 require_relative 'eksa/controller'
 require_relative 'eksa/model'
 require_relative 'eksa/markdown_post'
+require_relative 'eksa/user'
+require_relative 'eksa/auth_controller'
+require_relative 'eksa/cms_controller'
 
 module Eksa
   class Application
-    attr_reader :config, :middlewares
+    attr_reader :config, :middlewares, :features
 
     def initialize
       @routes = {}
       @middlewares = []
+      @features = load_feature_flags
       @config = {
-        db_path: File.expand_path("./db/eksa_app.db")
+        db_path: File.expand_path("./db/eksa_app.db"),
+        session_secret: ENV['SESSION_SECRET'] || 'eksa_super_secret_key_change_me_in_production_make_it_sixty_four_bytes_or_more'
       }
       yield self if block_given?
       configure_framework
@@ -21,6 +27,40 @@ module Eksa
 
     def configure_framework
       Eksa::Model.database_path = @config[:db_path]
+      
+      # Setup Session Middleware for Authentication
+      use Rack::Session::Cookie, secret: @config[:session_secret], key: 'eksa.session'
+      
+      auto_mount_features
+    end
+
+    def load_feature_flags
+      config_path = File.expand_path('./.eksa.json')
+      if File.exist?(config_path)
+        JSON.parse(File.read(config_path))
+      else
+        { 'cms' => false, 'auth' => false }
+      end
+    rescue JSON::ParserError
+      { 'cms' => false, 'auth' => false }
+    end
+
+    def auto_mount_features
+      if @features['auth']
+        add_route "/auth/login", Eksa::AuthController, :login
+        add_route "/auth/register", Eksa::AuthController, :register
+        add_route "/auth/logout", Eksa::AuthController, :logout
+        add_route "/auth/process_login", Eksa::AuthController, :process_login
+        add_route "/auth/process_register", Eksa::AuthController, :process_register
+      end
+
+      if @features['cms']
+        add_route "/cms", Eksa::CmsController, :index
+        add_route "/cms/edit/:slug", Eksa::CmsController, :edit
+        add_route "/cms/update/:slug", Eksa::CmsController, :update_post
+        add_route "/cms/toggle/:slug", Eksa::CmsController, :toggle_status
+        add_route "/cms/delete/:slug", Eksa::CmsController, :delete_post
+      end
     end
 
     def add_route(path, controller_class, action)
@@ -82,6 +122,9 @@ module Eksa
         else
           response = Rack::Response.new
           if controller_instance.status == 302
+            if controller_instance.flash[:notice] && !controller_instance.flash[:notice].empty?
+              response.set_cookie('eksa_flash', value: controller_instance.flash[:notice], path: '/')
+            end
             response.redirect(controller_instance.redirect_url, 302)
           else
             response.write(response_data)
@@ -89,7 +132,9 @@ module Eksa
           end
         end
 
-        response.delete_cookie('eksa_flash') if flash_message
+        if flash_message && controller_instance.status != 302
+          response.delete_cookie('eksa_flash', path: '/')
+        end
         response.finish
       else
         html = <<~HTML

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: eksa-framework
 version: !ruby/object:Gem::Version
-  version: 3.3.3
+  version: 3.4.3
 platform: ruby
 authors:
 - IshikawaUta
@@ -93,6 +93,34 @@ dependencies:
     - - "~>"
       - !ruby/object:Gem::Version
         version: '1.1'
+- !ruby/object:Gem::Dependency
+  name: bcrypt
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '3.1'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '3.1'
+- !ruby/object:Gem::Dependency
+  name: rack-session
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '2.0'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '2.0'
 description: Framework MVC ringan dengan tema modern, sistem routing, dan auto-database
   SQLite.
 email:
@@ -102,6 +130,7 @@ executables:
 extensions: []
 extra_rdoc_files: []
 files:
+- ".eksa.json"
 - Gemfile
 - Gemfile.lock
 - LICENSE
@@ -123,10 +152,17 @@ files:
 - db/setup.rb
 - exe/eksa
 - lib/eksa.rb
+- lib/eksa/auth_controller.rb
+- lib/eksa/cms_controller.rb
 - lib/eksa/controller.rb
 - lib/eksa/markdown_post.rb
 - lib/eksa/model.rb
+- lib/eksa/user.rb
 - lib/eksa/version.rb
+- lib/eksa/views/auth/login.html.erb
+- lib/eksa/views/auth/register.html.erb
+- lib/eksa/views/cms/edit.html.erb
+- lib/eksa/views/cms/index.html.erb
 - public/css/style.css
 - public/img/favicon.ico
 - public/img/logo.jpg