fetch cookies
check if authorized
if yes, redirect
if no, 
   check for params
   if param
      check for credentials
      if credentials are good
        set authorized cookie
        redirect to default page
      else
       authorization failed
display form to login