2 files changed, 20 insertions, 4 deletions

diff --git a/server/auth/index.js b/server/auth/index.js
index 4a0e9d2..e5cb2ea 100644
--- a/server/auth/index.js
+++ b/server/auth/index.js
@@ -22,9 +22,19 @@ var auth = module.exports = {
 	},
 
 	login: function (req, res, next) {
+		if (req.isAuthenticated()) {
+			console.log(req.user)
+			return User.findAll({ where: { access: 2 }, attributes: ['id','name'] }).success(function(hosts){
+				res.json({
+					status: "OK",
+					user: req.user,
+					hosts: hosts
+				})
+			})
+		}
 		passport.authenticate("local", function(err, user, info){
 			if (err || ! user) {
-				return res.json({ error: err });
+				return res.json({ error: err || "no user" });
 			}
 			
 			req.logIn(user, function(err) {
@@ -42,6 +52,7 @@ var auth = module.exports = {
 
 	logout: function (req, res) {
 		req.logout();
+		req.session.destroy()
 		res.redirect('/');
 	},
 
@@ -51,7 +62,7 @@ var auth = module.exports = {
 
 	deserializeUser: function (id, done) {
 		if (id == "guest") {
-			return auth.guestUser
+			done(null, auth.guestUser)
 		}
 		User.find({ id: id }, function (err, user) {
 			done(err, user)
diff --git a/server/index.js b/server/index.js
index e85d395..542363d 100644
--- a/server/index.js
+++ b/server/index.js
@@ -55,9 +55,14 @@ site.setup = function(){
   app.use(session({
       key: config.name + '.sid',
       secret: config.secret,
-      cookie: { domain: '.' + config.host, maxAge: 60*60*24*365 },
+      cookie: {
+      	domain: '.' + config.host,
+      	maxAge: 365*24*60*60*1000,
+      	httpOnly: false,
+      	secure: false
+      },
       resave: true,
-      saveUninitialized: false,
+      saveUninitialized: true,
 //      store: SessionStore
   }));
   app.use(bodyParser());