diff --git a/application/controllers/Invite.php b/application/controllers/Invite.php
index 9c98621..064bd45 100644
--- a/application/controllers/Invite.php
+++ b/application/controllers/Invite.php
@@ -20,13 +20,6 @@
         $file_html = $file_name.'.html';
         if ($this->is_valid_file('views/page/', $file_html))
         {
-            /* Got to open a connection here as validation may require one */
-            if (!$this->load->database())
-                redirect(base_url('index.html'));
-
-            $this->load->helper(array('form', 'url'));
-            $this->load->library('form_validation');
-
             $this->form_validation->set_rules('username', 'Username',
                 'required|min_length[5]|max_length[12]|is_unique[users.username]',
                 array(
@@ -66,7 +59,11 @@
                 $stmt = "INSERT INTO users (username, email, password) VALUES (?, ?, ?)";
                 $data = $this->input->post(array('username', 'email'));
                 $password = $this->input->post('password');
-                $hash_password = password_hash($password, PASSWORD_DEFAULT);
+
+                $pepp = getenv('HOST_PEPPER');
+                $pepp_password = hash_hmac("sha256", $password, $pepp);
+                $hash_password = password_hash($pepp_password, PASSWORD_BCRYPT);
+
                 $data['password'] = $hash_password;
 
                 if (!$this->db->query($stmt, $data))
@@ -84,7 +81,6 @@
                 }
             }
 
-            $this->db->close();
             $this->load->view('page/'.$file_html);
         }
         else 
diff --git a/application/controllers/Login.php b/application/controllers/Login.php
index 91e1abe..9ff0c8c 100644
--- a/application/controllers/Login.php
+++ b/application/controllers/Login.php
@@ -28,38 +28,32 @@
         if (!$password || !$db_password)
             return false;
 
-        return verify_password($password, $db_password);
+        $pepp = getenv('HOST_PEPPER');
+        $pepp_password = hash_hmac("sha256", $password, $pepp);
+
+        return password_verify($pepp_password, $db_password);
     }
 
-    private function is_login_valid($db_username = NULL, $db_password = NULL)
+    private function is_login_valid($db_username = NULL, $username = NULL,
+                                    $db_password = NULL, $password = NULL)
     {
         if (!$db_username || !$db_password)
             return false;
 
-        $username = $this->input->post('username');
-        $password = $this->input->post('password');
-
         if (!$this->is_username_valid($username, $db_username))
             return false;
-
+        
         if (!$this->is_password_valid($password, $db_password))
             return false;
 
         return true;
     }
 
-    public function view($file_name = 'login')
+    private function view($file_name = 'login')
     {
         $file_html = $file_name.'.html';
         if ($this->is_valid_file('views/page/', $file_html))
         {
-            /* Got to open a connection here as validation may require one */
-            if (!$this->load->database())
-                redirect(base_url('index.html'));
-
-            $this->load->helper(array('form', 'url'));
-            $this->load->library('form_validation');
-
             $this->form_validation->set_rules('username', 'Username', 'required',
                 array('required' => 'You must provide a %s')
             );
@@ -70,38 +64,49 @@
 
             if ($this->is_post_valid())
             {
+                $username = $this->input->post('username');
+                $password = $this->input->post('password');
+
                 /* Add backticks on ientifiers */
                 $this->db->protect_identifiers('users', TRUE);
+                $this->db->protect_identifiers('username', TRUE);
+                $this->db->protect_identifiers('password', TRUE);
 
                 /* Always use query bindings as they are automatically escaped */
-                $stmt = "SELECT FROM users (username, password)";
-                $data = $this->db->query($stmt, $data);
+                $stmt = "SELECT username,password FROM users WHERE username = ?";
+                $db_data = $this->db->query($stmt, $username);
 
                 /* Return an array of row objects, empty array on failure */
-                $db_data = $data->result();
+                $db_data = $db_data->result();
                 if ($db_data && $db_data[0])
                 {
                     $db_username = $db_data[0]->username;
                     $db_password = $db_data[0]->password;
-                    if (is_login_valid($db_username, $db_passowrd))
+                    if ($this->is_login_valid($db_username, $username,
+                                              $db_password, $password))
                     {
                         /* Initialize session data */
                         $this->form_validation->set_string('Login successful');
+                        $_SESSION['username'] = $db_username;
                     }
                     else
                     {
-                        /* Debug:
-                         *
-                         * $error = $this->db->error();
-                         * var_dump($error);
-                         */
-                        $this->form_validation->set_message('submit_msg', 'Didn\'t work, :|');
+                        //Debug:
+
+                        //$error = $this->db->error();
+                        //var_dump($error);
+
+                        $this->form_validation->set_message(
+                            'submit_msg', 'Didn\'t work, :|');
                     }
                 }
+                else
+                {
+                    $this->form_validation->set_string('I am empty, -.-');
+                }
             }
 
             /* Validation errors already set, if any */
-            $this->db->close();
             $this->load->view('page/'.$file_html);
         }
         else
@@ -109,4 +114,46 @@
             redirect(base_url('index.html'));
         }
     }
+
+    public function auth($param = NULL)
+    {
+        $username = isset($_POST['username']) ? $_POST['username'] : NULL;
+        $password = isset($_POST['password']) ? $_POST['password'] : NULL;
+        if (!$username || !$password)
+        {
+            $this->output->set_status_header(404);
+            return;
+        }
+
+        /* 1 for active user */
+        $status = 1;
+
+        /* Add backticks on ientifiers */
+        $this->db->protect_identifiers('users', TRUE);
+        $this->db->protect_identifiers('username', TRUE);
+        $this->db->protect_identifiers('password', TRUE);
+
+        /* Always use query bindings as they are automatically escaped */
+        $stmt = "SELECT username,password FROM users WHERE username = ? AND status = ?";
+        $db_data = $this->db->query($stmt, [$username, $status]);
+
+        /* Return an array of row objects, empty array on failure */
+        $db_data = $db_data->result();
+        if ($db_data && $db_data[0])
+        {
+            $db_username = $db_data[0]->username;
+            $db_password = $db_data[0]->password;
+            if ($this->is_login_valid($db_username, $username,
+                                      $db_password, $password))
+            {
+                /* Initialize session data */
+                $this->output->set_status_header(204);
+                $_SESSION['username'] = $db_username;
+
+                return;
+            }
+        }
+
+        $this->output->set_status_header(404);
+    }
 }
diff --git a/application/controllers/Pelican.php b/application/controllers/Pelican.php
index 35eeb2d..01ca772 100644
--- a/application/controllers/Pelican.php
+++ b/application/controllers/Pelican.php
@@ -1,42 +1,93 @@
 <?php
 
 class Pelican extends CI_Controller {
-    private function is_valid_file($rel_path = '/', $file_html = 'home.html')
+    private function is_valid_file($rel_path = '/', $file_html = 'index.html')
     {
         $abs_path = APPPATH.$rel_path.$file_html;
-        if (file_exists($abs_path))
-            return true;
-
-        return false;
+        return file_exists($abs_path);
     }
 
-    public function index()
+    public function public_author($file_name = 'index')
     {
-        $this->load->view('index.html');
+        $file_html = $file_name.'.html';
+        if ($this->is_valid_file('views/author/', $file_html))
+        {
+            $this->load->view('author/'.$file_html);
+        }
+        else
+        {
+            header('Location: https://'.$_SERVER['HTTP_HOST']);
+        }
     }
 
-    public function view($file_name = 'home')
+    public function public_blog($file_name = 'index')
     {
         $file_html = $file_name.'.html';
         if ($this->is_valid_file('views/blog/', $file_html))
         {
             $this->load->view('blog/'.$file_html);
         }
-        else if ($this->is_valid_file('views/category/', $file_html))
+        else
+        {
+            header('Location: https://'.$_SERVER['HTTP_HOST']);
+        }
+    }
+
+    public function public_category($file_name = 'index')
+    {
+        $file_html = $file_name.'.html';
+        if ($this->is_valid_file('views/category/', $file_html))
         {
             $this->load->view('category/'.$file_html);
         }
-        else if ($this->is_valid_file('views/page/', $file_html))
+        else
+        {
+            header('Location: https://'.$_SERVER['HTTP_HOST']);
+        }
+    }
+
+    public function public_draft($file_name = 'index')
+    {
+        $file_html = $file_name.'.html';
+        if ($this->is_valid_file('views/draft/blog', $file_html))
+        {
+            $this->load->view('draft/blog/'.$file_html);
+        }
+        else
+        {
+            header('Location: https://'.$_SERVER['HTTP_HOST']);
+        }
+    }
+
+    public function public_gitles()
+    {
+        $gerrit_gitles = '/gerrit/plugins/gitiles/';
+        header('Location: https://'.$_SERVER['HTTP_HOST'].$gerrit_gitles);
+    }
+
+    public function public_page($file_name = 'index')
+    {
+        $file_html = $file_name.'.html';
+        if ($this->is_valid_file('views/page/', $file_html))
         {
             $this->load->view('page/'.$file_html);
         }
-        else if ($this->is_valid_file('views/', $file_html))
+        else
+        {
+            header('Location: https://'.$_SERVER['HTTP_HOST']);
+        }
+    }
+
+    public function public_root($file_name = 'index')
+    {
+        $file_html = $file_name.'.html';
+        if ($this->is_valid_file('views/', $file_html))
         {
             $this->load->view($file_html);
         }
         else
         {
-            $this->index();
+            header('Location: https://'.$_SERVER['HTTP_HOST']);
         }
     }
 }