Support POST /unfreeze

Allow admins and managers to unfreeze accounts that we froze for security
reasons.

1 files changed, 9 insertions, 0 deletions

diff --git a/src/App.hs b/src/App.hs
index df70910510e0..e3806610aa5b 100644
--- a/src/App.hs
+++ b/src/App.hs
@@ -67,6 +67,7 @@ server T.Config{..} = createAccount
                  :<|> listTrips
                  :<|> login
                  :<|> logout
+                 :<|> unfreezeAccount
   where
     -- Admit Admins + whatever the predicate `p` passes.
     adminsAnd cookie p = Auth.assert dbFile cookie (\acct@T.Account{..} -> accountRole == T.Admin || p acct)
@@ -188,6 +189,14 @@ server T.Config{..} = createAccount
           liftIO $ Sessions.delete dbFile uuid
           pure $ addHeader Auth.emptyCookie NoContent
 
+    unfreezeAccount :: T.SessionCookie
+                    -> T.UnfreezeAccountRequest
+                    -> Handler NoContent
+    unfreezeAccount cookie T.UnfreezeAccountRequest{..} =
+      adminsAnd cookie (\T.Account{..} -> accountRole == T.Manager) $ do
+        liftIO $ LoginAttempts.reset dbFile unfreezeAccountRequestUsername
+        pure NoContent
+
 run :: T.Config -> IO ()
 run config =
   Warp.run 3000 (serve (Proxy @ API) $ server config)