--- a/mouchak/classes/field.py
+++ b/mouchak/classes/field.py
@@ -8,8 +8,8 @@
 
     def __init__(self):
         """@todo: to be defined1 """
-       self.id = object.id
-       self.tags = object.tags
-       self.type = object.type
-       self.body = object.body
+        self.id = object.id
+        self.tags = object.tags
+        self.type = object.type
+        self.body = object.body
--- a/mouchak/sampleConf.py
+++ b/mouchak/sampleConf.py
@@ -7,4 +7,7 @@
 '''
 HOST = '0.0.0.0'
 PORT = 5000
+SECRET_KEY = 'a-uuid-string-see-python-uuid'
+ADMIN_USERNAME = 'youradminusername'
+ADMIN_PASSWORD = 'youradminpassword'
--- a/mouchak/server.py
+++ b/mouchak/server.py
@@ -49,8 +49,12 @@
 
 @app.route('/edit', methods=['GET'])
 def edit():
-    return flask.render_template('editor.html', content=getContent(),
-                                 title=conf.SITE_TITLE)
+    if "logged_in" in flask.session:
+        flask.session['key'] = conf.SECRET_KEY
+        return flask.render_template('editor.html', content=getContent(),
+                                     title=conf.SITE_TITLE)
+    else:
+        return flask.redirect(flask.url_for('login'))
 
 
 @app.route('/page', methods=['POST'])
@@ -104,6 +108,7 @@
 def updateMenu(_id):
     if flask.request.method == 'PUT':
         changedMenu = flask.request.json
+        print "changed menu:"
         print changedMenu
         res = siteMenu.update({'_id': bson.ObjId(_id)}, changedMenu)
         print res
@@ -117,6 +122,36 @@
     #    return flask.jsonify(status='deleted')
 
 
+# Basic login for one single admin user whose credentials are in conf.py
+@app.route('/login', methods=['GET', 'POST'])
+def login():
+    error = None
+    if flask.request.method == 'POST':
+        print flask.request.form
+        if flask.request.form['username'] != conf.ADMIN_USERNAME:
+            error = 'Invalid username'
+        elif flask.request.form['password'] != conf.ADMIN_PASSWORD:
+            error = 'Invaid password'
+        else:
+            flask.session['logged_in'] = True
+            flask.session['key'] = conf.SECRET_KEY
+            flask.flash('You were logged in')
+            return flask.redirect(flask.url_for('edit'))
+    return flask.render_template('login.html', error=error)
+
+@app.route('/logout')
+def logout():
+    flask.session.pop('logged_in', None)
+    flask.flash('You were logged out')
+    return flask.redirect(flask.url_for('login'))
+
+@app.route('/robots.txt')
+@app.route('/crossdomain.xml')
+def static_from_root():
+    return flask.send_from_directory(app.static_folder, request.path[1:])
+
+
+app.config.from_object(conf)
 
 if __name__ == "__main__":
     app.run(debug=True, host=conf.HOST, port=conf.PORT)
--- a/mouchak/templates/editor.html
+++ b/mouchak/templates/editor.html
@@ -23,8 +23,14 @@
     <![endif]-->
 
     <div class="container" id="container">
-      <div id="header"><div id="notifications"></div></div>
-      <div id="content-container"></div>
+      <div id="header">
+        <div id="hud">
+          <span class="pull-right">Howdy! | <a href="/logout">Logout</a></span>
+        </div>
+        <div id="notifications"></div>
+      </div>
+      <div id="content-container">
+      </div>
       <div id="footer">
       </div>
     </div>
--- /dev/null
+++ b/mouchak/templates/login.html
@@ -1 +1,65 @@
+<!DOCTYPE html>
+<!--[if lt IE 7]>      <html class="no-js lt-ie9 lt-ie8 lt-ie7"> <![endif]-->
+<!--[if IE 7]>         <html class="no-js lt-ie9 lt-ie8"> <![endif]-->
+<!--[if IE 8]>         <html class="no-js lt-ie9"> <![endif]-->
+<!--[if gt IE 8]><!--> <html class="no-js"> <!--<![endif]-->
+  <head>
+    <meta charset="utf-8">
+    <meta http-equiv="X-UA-Compatible" content="IE=edge,chrome=1">
+    <title> Mouchak | Login</title>
+    <meta name="description" content="">
+    <meta name="viewport" content="width=device-width">
+
+    <!-- Place favicon.ico in the root directory -->
+
+    <link rel="stylesheet" href="/static/css/normalize.css">
+    <link rel="stylesheet" href="/static/css/bootstrap.css">
+    <style type="text/css">
+      .form-wrapper {
+        height: 300px;
+        width: 500px;
+        margin: 100px auto;
+        padding: 30px;
+      }
+    </style>
+  </head>
+  <body>
+    <!--[if lt IE 7]>
+    <p class="chromeframe">You are using an outdated browser. <a href="http://browsehappy.com/">Upgrade your browser today</a> or <a href="http://www.google.com/chromeframe/?redirect=true">install Google Chrome Frame</a> to better experience this site.</p>
+    <![endif]-->
+
+    <div class="container" id="container">
+      <div class="form-wrapper well">
+        {% if error %}
+        <div class="alert alert-error"><b>Error:</b> {{ error }} </div>
+        {% endif %}
+        <h3> Mouchak Login </h3>
+        <p class="lead"> Please enter admin credentials to login</p>
+        <form class="form-horizontal" action="{{ url_for('login') }}" method="POST">
+          <div class="control-group">
+            <label class="control-label" for="inputUsername">Username</label>
+            <div class="controls">
+              <input type="text" id="inputUsername" name="username" placeholder="Username">
+            </div>
+          </div>
+          <div class="control-group">
+            <label class="control-label" for="inputPassword">Password</label>
+            <div class="controls">
+              <input type="password" id="inputPassword" name="password" placeholder="Password">
+            </div>
+          </div>
+          <div class="control-group">
+            <div class="controls">
+              <!--label class="checkbox">
+                <input type="checkbox"> Remember me
+              </label-->
+              <button type="submit" class="btn btn-primary">Login</button>
+            </div>
+          </div>
+          <div class="clearfix"></div>
+        </form>
+      </div>
+    </div>
+  </body>
+</html>