my $onlyLoggedIn = $r->under('/admin' => \&loggedIn);
$onlyLoggedIn->post('uploadFile')->to('files#insert');
$onlyLoggedIn->delete('files')->to('files#delete');

sub loggedIn {
    my $c = shift;
    if ($c->session('login')) {
        return 1;
    }
    $c->render(
        template => 'login',
        title => 'website title',
        status => 401,
    );
    return 0;
};

# elsewhere

sub login {
	my $self = shift;
	my $name = $self->param('user');
	my $password = $self->param('password');
	my $responseCode = 401;

        # Pretty sure this hashes the param and checks it against the hashed database entry
	if (Something::Model::Users::login($name,$password)) {
		# $self->signed_cookie(loggedIn => 1);
		$self->session(expiration => 60*60*10);
		$self->session(login => $name);
		$responseCode = 200;
		$self->app->log->warn("$name logged in.");
	} else {
		$self->app->log->warn("Invalid login - '$name'");
	}
	$self->render(data => '',status => $responseCode);
}