about summary refs log tree commit diff
path: root/src/App.hs
diff options
context:
space:
mode:
authorWilliam Carroll <wpcarro@gmail.com>2020-07-31T17·28+0100
committerWilliam Carroll <wpcarro@gmail.com>2020-07-31T17·30+0100
commit35b218c5436ec5ad8fdae3d45a8a949d06b0d920 (patch)
tree1d829b52ab9ddf8723057a7c189b033d99befb2f /src/App.hs
parentc8ed6e51fea30ea2f79cca058c4f161625ab6a85 (diff)
Return a JSON Session on a successful POST /login
This will make the UX on a the client-side smoother.
Diffstat (limited to 'src/App.hs')
-rw-r--r--src/App.hs12
1 files changed, 9 insertions, 3 deletions
diff --git a/src/App.hs b/src/App.hs
index ff292ff2cd16..e5b8de7e7e7f 100644
--- a/src/App.hs
+++ b/src/App.hs
@@ -153,7 +153,7 @@ server config@T.Config{..} = createAccount
             _ -> liftIO $ Trips.list dbFile accountUsername
 
     login :: T.AccountCredentials
-          -> Handler (Headers '[Header "Set-Cookie" SetCookie] NoContent)
+          -> Handler (Headers '[Header "Set-Cookie" SetCookie] T.Session)
     login (T.AccountCredentials username password) = do
       mAccount <- liftIO $ Accounts.lookup dbFile username
       case mAccount of
@@ -163,7 +163,10 @@ server config@T.Config{..} = createAccount
             Nothing ->
               if T.passwordsMatch password accountPassword then do
                 uuid <- liftIO $ Sessions.findOrCreate dbFile account
-                pure $ addHeader (Auth.mkCookie uuid) NoContent
+                pure $ addHeader (Auth.mkCookie uuid)
+                  T.Session{ sessionUsername = accountUsername
+                           , sessionRole = accountRole
+                           }
               else do
                 liftIO $ LoginAttempts.increment dbFile username
                 throwError err401 { errBody = "Your credentials are invalid" }
@@ -172,7 +175,10 @@ server config@T.Config{..} = createAccount
                 throwError err429
               else if T.passwordsMatch password accountPassword then do
                 uuid <- liftIO $ Sessions.findOrCreate dbFile account
-                pure $ addHeader (Auth.mkCookie uuid) NoContent
+                pure $ addHeader (Auth.mkCookie uuid)
+                  T.Session{ sessionUsername = accountUsername
+                           , sessionRole = accountRole
+                           }
               else do
                 liftIO $ LoginAttempts.increment dbFile username
                 throwError err401 { errBody = "Your credentials are invalid" }