Store the sign in token instead of the login in the session cookie

author: Joris 2015-11-01 19:47:24 +0100
committer: Joris 2015-11-01 19:47:24 +0100
commit: 51d1ff2273315ad1270794499d0c49e8fb99aba5 (patch)
tree: 8a3027d9fe2865731e0111989bc84eaea1591270 /src/server/Controller/SignIn.hs
parent: f76aaedd794f15d9f049f53a081710b9565fb8b1 (diff)
download: budget-51d1ff2273315ad1270794499d0c49e8fb99aba5.tar.gz
budget-51d1ff2273315ad1270794499d0c49e8fb99aba5.tar.bz2
budget-51d1ff2273315ad1270794499d0c49e8fb99aba5.zip
1 files changed, 8 insertions, 14 deletions
diff --git a/src/server/Controller/SignIn.hs b/src/server/Controller/SignIn.hs
index 3bbb9ff..5306ee1 100644
--- a/src/server/Controller/SignIn.hs
+++ b/src/server/Controller/SignIn.hs
@@ -7,7 +7,7 @@ module Controller.SignIn
 
 import Web.Scotty
 
-import Network.HTTP.Types.Status (ok200, badRequest400)
+import Network.HTTP.Types.Status (ok200)
 
 import Database.Persist
 
@@ -18,7 +18,6 @@ import qualified Data.Text as T
 import qualified Data.Text.Lazy as TL
 import qualified Data.Text.Encoding as TE
 import Data.Time.Clock (getCurrentTime, diffUTCTime)
-import qualified Data.Aeson.Types as Json
 
 import qualified LoginSession
 
@@ -26,7 +25,7 @@ import Config
 
 import SendMail
 
-import Text.Email.Validate (isValid)
+import Text.Email.Validate as Email
 
 import Model.Database
 import Model.User
@@ -34,13 +33,13 @@ import Model.SignIn
 import Model.Message.Key
 import Model.Message (getMessage)
 
-import Json (jsonObject)
+import Json (jsonError)
 
 import qualified View.Mail.SignIn as SignIn
 
 signIn :: Config -> Text -> ActionM ()
 signIn config login =
-  if isValid (TE.encodeUtf8 login)
+  if Email.isValid (TE.encodeUtf8 login)
     then do
       maybeUser <- liftIO . runDb $ getUser login
       case maybeUser of
@@ -52,16 +51,11 @@ signIn config login =
             Right _ ->
               status ok200
             Left _ ->
-              errorResponse (getMessage SendEmailFail)
+              jsonError (getMessage SendEmailFail)
         Nothing ->
-            errorResponse (getMessage Unauthorized)
+            jsonError (getMessage Unauthorized)
     else
-      errorResponse (getMessage EnterValidEmail)
-
-errorResponse :: Text -> ActionM ()
-errorResponse msg = do
-  status badRequest400
-  jsonObject [("error", Json.String msg)]
+      jsonError (getMessage EnterValidEmail)
 
 validateSignIn :: Config -> Text -> ActionM ()
 validateSignIn config textToken = do
@@ -78,7 +72,7 @@ validateSignIn config textToken = do
                 then
                   redirectError (getMessage SignInExpired)
                 else do
-                  LoginSession.put (signInEmail . entityVal $ token)
+                  LoginSession.put (signInToken . entityVal $ token)
                   liftIO . runDb . signInTokenToUsed . entityKey $ token
                   redirect "/"
     Nothing ->
author	Joris	2015-11-01 19:47:24 +0100
committer	Joris	2015-11-01 19:47:24 +0100
commit	51d1ff2273315ad1270794499d0c49e8fb99aba5 (patch)
tree	8a3027d9fe2865731e0111989bc84eaea1591270 /src/server/Controller/SignIn.hs
parent	f76aaedd794f15d9f049f53a081710b9565fb8b1 (diff)
download	budget-51d1ff2273315ad1270794499d0c49e8fb99aba5.tar.gz budget-51d1ff2273315ad1270794499d0c49e8fb99aba5.tar.bz2 budget-51d1ff2273315ad1270794499d0c49e8fb99aba5.zip