about summary refs log tree commit diff
diff options
context:
space:
mode:
authorWilliam Carroll <wpcarro@gmail.com>2020-07-31T17·28+0100
committerWilliam Carroll <wpcarro@gmail.com>2020-07-31T17·30+0100
commit35b218c5436ec5ad8fdae3d45a8a949d06b0d920 (patch)
tree1d829b52ab9ddf8723057a7c189b033d99befb2f
parentc8ed6e51fea30ea2f79cca058c4f161625ab6a85 (diff)
Return a JSON Session on a successful POST /login
This will make the UX on a the client-side smoother.
-rw-r--r--src/API.hs2
-rw-r--r--src/App.hs12
-rw-r--r--src/Types.hs4
3 files changed, 12 insertions, 6 deletions
diff --git a/src/API.hs b/src/API.hs
index 8bdb6bdfbb73..7b6ed9eae50f 100644
--- a/src/API.hs
+++ b/src/API.hs
@@ -58,7 +58,7 @@ type API =
       -- Miscellaneous
       :<|> "login"
            :> ReqBody '[JSON] T.AccountCredentials
-           :> Post '[JSON] (Headers '[Header "Set-Cookie" SetCookie] NoContent)
+           :> Post '[JSON] (Headers '[Header "Set-Cookie" SetCookie] T.Session)
       :<|> "logout"
            :> SessionCookie
            :> Get '[JSON] (Headers '[Header "Set-Cookie" SetCookie] NoContent)
diff --git a/src/App.hs b/src/App.hs
index ff292ff2cd16..e5b8de7e7e7f 100644
--- a/src/App.hs
+++ b/src/App.hs
@@ -153,7 +153,7 @@ server config@T.Config{..} = createAccount
             _ -> liftIO $ Trips.list dbFile accountUsername
 
     login :: T.AccountCredentials
-          -> Handler (Headers '[Header "Set-Cookie" SetCookie] NoContent)
+          -> Handler (Headers '[Header "Set-Cookie" SetCookie] T.Session)
     login (T.AccountCredentials username password) = do
       mAccount <- liftIO $ Accounts.lookup dbFile username
       case mAccount of
@@ -163,7 +163,10 @@ server config@T.Config{..} = createAccount
             Nothing ->
               if T.passwordsMatch password accountPassword then do
                 uuid <- liftIO $ Sessions.findOrCreate dbFile account
-                pure $ addHeader (Auth.mkCookie uuid) NoContent
+                pure $ addHeader (Auth.mkCookie uuid)
+                  T.Session{ sessionUsername = accountUsername
+                           , sessionRole = accountRole
+                           }
               else do
                 liftIO $ LoginAttempts.increment dbFile username
                 throwError err401 { errBody = "Your credentials are invalid" }
@@ -172,7 +175,10 @@ server config@T.Config{..} = createAccount
                 throwError err429
               else if T.passwordsMatch password accountPassword then do
                 uuid <- liftIO $ Sessions.findOrCreate dbFile account
-                pure $ addHeader (Auth.mkCookie uuid) NoContent
+                pure $ addHeader (Auth.mkCookie uuid)
+                  T.Session{ sessionUsername = accountUsername
+                           , sessionRole = accountRole
+                           }
               else do
                 liftIO $ LoginAttempts.increment dbFile username
                 throwError err401 { errBody = "Your credentials are invalid" }
diff --git a/src/Types.hs b/src/Types.hs
index f47e1419757a..5026b97383e6 100644
--- a/src/Types.hs
+++ b/src/Types.hs
@@ -174,8 +174,8 @@ instance FromRow Account where
     pure Account{..}
 
 data Session = Session
-  { username :: Username
-  , role :: Role
+  { sessionUsername :: Username
+  , sessionRole :: Role
   } deriving (Eq, Show)
 
 instance ToJSON Session where