| Age | Commit message (Collapse) | Author | Files | Lines |
|---|
|
Update my API type and handler types to reflect which handlers read and write
cookies.
TODO:
- Actually read from and write to Set-Cookie header
- Returning `pure NoContent` breaks my types, so I'm returning `undefined` now
|
|
I'm not resetting the failed LoginAttempt count, which is a low priority for
now, but necessary eventually.
|
|
TL;DR:
- Since POST /login is more rigorous, our accounts.csv needs to contain validly
hashed passwords; you can use tests/create-accounts.sh to create dummy
accounts
I still need to test the login flow and support:
- Tracking failed attempts (three maximum)
- Verifying accounts by sending emails to the users
|
|
For the past 3-4 Haskell projects on which I've worked, I've tried to habituate
the usage of the (&) operator, but I find that -- as petty as it may sound -- I
don't like the way that it looks, and I end up avoiding using it as a result.
This time around, I'm aliasing it to (|>) (i.e. Elixir style), and I'm hoping to
use it more.
|
|
Create modules for each Table in our SQL database. This cleans up the handler
bodies at the expense of introducing more files and indirection.
|
|
Support basic authentication.
Note the TODOs that this commit introduces to track some of the remaining work.
|
|
TL;DR:
- introduce the Cryptonite library
- Remove the redundant language extensions, imports, deps from Persistent
- Prefer NoContent return type for POST /accounts
- Define custom {To,From}JSON instances for Role
|
|
Additionally: supporting more CRUDL methods for the Accounts and Trips tables.
|
|
Allow a user to delete a trip entry from the Trips table using the Primary
Key. While this type-checks and compiles, it doesn't appear to be working as
intended. Perhaps I should use an auto-incrementing integer as the Primary
Key. I'm not sure how I want to handle this, so I'm punting for now.
|
|
In the spirit of support CRUDL, I added a GET /trips, which lists all of the
trips in the Trips table.
|
|
When I first wrote this handler I wasn't aware of the NoContent response
option.
|
|
Next up:
- list trips
- update existing trip entries
- delete existing trip entries
|
|
In the spirit of walking crawling before I walk, I'm preferring the less
powerful SQLite.Simple library to the more powerful (but mystifying) Persistent
library.
|
|
Attempting to abide by the Principle of Least Power. Also: the smaller the
headers in each module are, the happier I am.
|
|
Remove unnecessary fields:
- name
- age
Add domain-specific fields:
- username
- password
- email
- role
|
|
Next I'll need to add / remove fields from the Account type.
|
|
Define the Session type and return it for the POST /user endpoint
|
|
Query my SQLite database from within my Servant handlers. Nothing I've written
is domain-specific to the business logic yet -- I'm just making sure everything
integrates.
|
