diff options
author | William Carroll <wpcarro@gmail.com> | 2020-07-31T17·28+0100 |
---|---|---|
committer | William Carroll <wpcarro@gmail.com> | 2020-07-31T17·30+0100 |
commit | 35b218c5436ec5ad8fdae3d45a8a949d06b0d920 (patch) | |
tree | 1d829b52ab9ddf8723057a7c189b033d99befb2f | |
parent | c8ed6e51fea30ea2f79cca058c4f161625ab6a85 (diff) |
Return a JSON Session on a successful POST /login
This will make the UX on a the client-side smoother.
-rw-r--r-- | src/API.hs | 2 | ||||
-rw-r--r-- | src/App.hs | 12 | ||||
-rw-r--r-- | src/Types.hs | 4 |
3 files changed, 12 insertions, 6 deletions
diff --git a/src/API.hs b/src/API.hs index 8bdb6bdfbb73..7b6ed9eae50f 100644 --- a/src/API.hs +++ b/src/API.hs @@ -58,7 +58,7 @@ type API = -- Miscellaneous :<|> "login" :> ReqBody '[JSON] T.AccountCredentials - :> Post '[JSON] (Headers '[Header "Set-Cookie" SetCookie] NoContent) + :> Post '[JSON] (Headers '[Header "Set-Cookie" SetCookie] T.Session) :<|> "logout" :> SessionCookie :> Get '[JSON] (Headers '[Header "Set-Cookie" SetCookie] NoContent) diff --git a/src/App.hs b/src/App.hs index ff292ff2cd16..e5b8de7e7e7f 100644 --- a/src/App.hs +++ b/src/App.hs @@ -153,7 +153,7 @@ server config@T.Config{..} = createAccount _ -> liftIO $ Trips.list dbFile accountUsername login :: T.AccountCredentials - -> Handler (Headers '[Header "Set-Cookie" SetCookie] NoContent) + -> Handler (Headers '[Header "Set-Cookie" SetCookie] T.Session) login (T.AccountCredentials username password) = do mAccount <- liftIO $ Accounts.lookup dbFile username case mAccount of @@ -163,7 +163,10 @@ server config@T.Config{..} = createAccount Nothing -> if T.passwordsMatch password accountPassword then do uuid <- liftIO $ Sessions.findOrCreate dbFile account - pure $ addHeader (Auth.mkCookie uuid) NoContent + pure $ addHeader (Auth.mkCookie uuid) + T.Session{ sessionUsername = accountUsername + , sessionRole = accountRole + } else do liftIO $ LoginAttempts.increment dbFile username throwError err401 { errBody = "Your credentials are invalid" } @@ -172,7 +175,10 @@ server config@T.Config{..} = createAccount throwError err429 else if T.passwordsMatch password accountPassword then do uuid <- liftIO $ Sessions.findOrCreate dbFile account - pure $ addHeader (Auth.mkCookie uuid) NoContent + pure $ addHeader (Auth.mkCookie uuid) + T.Session{ sessionUsername = accountUsername + , sessionRole = accountRole + } else do liftIO $ LoginAttempts.increment dbFile username throwError err401 { errBody = "Your credentials are invalid" } diff --git a/src/Types.hs b/src/Types.hs index f47e1419757a..5026b97383e6 100644 --- a/src/Types.hs +++ b/src/Types.hs @@ -174,8 +174,8 @@ instance FromRow Account where pure Account{..} data Session = Session - { username :: Username - , role :: Role + { sessionUsername :: Username + , sessionRole :: Role } deriving (Eq, Show) instance ToJSON Session where |