Rework sinatra cookie auth

Gemfile

@@ -1,27 +1,25 @@
 # frozen_string_literal: true
 
-source "https://rubygems.org"
+source 'https://rubygems.org'
 
-git_source(:github) {|repo_name| "https://github.com/#{repo_name}" }
+git_source(:github) { |repo_name| "https://github.com/#{repo_name}" }
 
 # gem "rails"
 
-gem "httparty", "~> 0.18.0"
+gem 'httparty', '~> 0.18.0'
 
-gem "nokogiri", "~> 1.10"
+gem 'nokogiri', '~> 1.10'
 
-gem "pg", "~> 1.2"
+gem 'pg', '~> 1.2'
 
-gem "sequel", "~> 5.30"
+gem 'sequel', '~> 5.30'
 
-gem "sinatra", "~> 2.0"
+gem 'sinatra', '~> 2.0'
 
-gem "dotenv", "~> 2.7"
+gem 'dotenv', '~> 2.7'
 
-gem "sassc", "~> 2.2"
+gem 'sassc', '~> 2.2'
 
-gem "rake", "~> 13.0"
+gem 'rake', '~> 13.0'
 
-gem "redis-rack", "~> 2.1"
-
-gem "rack", "~> 2.2"
+gem 'rack', '~> 2.2'

web/server.rb

@@ -6,7 +6,12 @@ require_relative '../lib/auth'
 require_relative '../lib/search'
 
 class VLVSearch < Sinatra::Base
-  enable :sessions
+  set :sessions,
+      key: ENV['SESSION_KEY'],
+      domain: ENV['SESSION_DOMAIN'],
+      path: '/',
+      expire_after: 14_400,
+      secret: ENV['SESSION_SECRET']
 
   get '/' do
     redirect '/login' unless signed_in?
@@ -44,13 +49,13 @@ class VLVSearch < Sinatra::Base
       erb :login,
           { layout: :layout, locals: { error_message: 'Invalid credentials' } }
     else
-      session[:user_id] = username
+      session['user_id'] = username
       redirect '/'
     end
   end
 
   post '/logout' do
-    session[:user_id] = nil
+    session['user_id'] = nil
     redirect '/'
   end
 
@@ -72,11 +77,11 @@ class VLVSearch < Sinatra::Base
     end
 
     def current_user
-      session[:user_id]
+      session['user_id']
     end
 
     def signed_in?
-      !!session[:user_id]
+      !!session['user_id']
     end
   end