Support reading / writing cookies in API

Update my API type and handler types to reflect which handlers read and write
cookies.

TODO:
- Actually read from and write to Set-Cookie header
- Returning `pure NoContent` breaks my types, so I'm returning `undefined` now

1 files changed, 12 insertions, 1 deletions

diff --git a/src/API.hs b/src/API.hs
index c84da5aef917..50263bb3e69c 100644
--- a/src/API.hs
+++ b/src/API.hs
@@ -5,10 +5,14 @@ module API where
 --------------------------------------------------------------------------------
 import Data.Text
 import Servant.API
+import Web.Cookie
 
 import qualified Types as T
 --------------------------------------------------------------------------------
 
+-- | Once authenticated, users receive a SessionCookie.
+type SessionCookie = Header' '[Required] "Set-Cookie" T.SessionCookie
+
 type API =
       -- accounts: Create
            "accounts"
@@ -18,20 +22,24 @@ type API =
       -- accounts: Update
       -- accounts: Delete
       :<|> "accounts"
+           :> SessionCookie
            :> QueryParam' '[Required] "username" Text
            :> Delete '[JSON] NoContent
       -- accounts: List
       :<|> "accounts"
+           :> SessionCookie
            :> Get '[JSON] [T.User]
 
       -- trips: Create
       :<|> "trips"
+           :> SessionCookie
            :> ReqBody '[JSON] T.Trip
            :> Post '[JSON] NoContent
       -- trips: Read
       -- trips: Update
       -- trips: Delete
       :<|> "trips"
+           :> SessionCookie
            :> ReqBody '[JSON] T.TripPK
            :> Delete '[JSON] NoContent
       -- trips: List
@@ -41,4 +49,7 @@ type API =
       -- Miscellaneous
       :<|> "login"
            :> ReqBody '[JSON] T.AccountCredentials
-           :> Post '[JSON] NoContent
+           :> Post '[JSON] (Headers '[Header "Set-Cookie" SetCookie] NoContent)
+      :<|> "logout"
+           :> SessionCookie
+           :> Get '[JSON] (Headers '[Header "Set-Cookie" SetCookie] NoContent)