diff options
Diffstat (limited to 'src/server/Controller')
-rw-r--r-- | src/server/Controller/SignIn.hs | 49 |
1 files changed, 33 insertions, 16 deletions
diff --git a/src/server/Controller/SignIn.hs b/src/server/Controller/SignIn.hs index 5306ee1..31cd510 100644 --- a/src/server/Controller/SignIn.hs +++ b/src/server/Controller/SignIn.hs @@ -18,6 +18,7 @@ import qualified Data.Text as T import qualified Data.Text.Lazy as TL import qualified Data.Text.Encoding as TE import Data.Time.Clock (getCurrentTime, diffUTCTime) +import Data.Maybe (isJust) import qualified LoginSession @@ -35,6 +36,8 @@ import Model.Message (getMessage) import Json (jsonError) +import Secure (getUserFromToken) + import qualified View.Mail.SignIn as SignIn signIn :: Config -> Text -> ActionM () @@ -59,24 +62,38 @@ signIn config login = validateSignIn :: Config -> Text -> ActionM () validateSignIn config textToken = do - mbToken <- liftIO . runDb $ getSignInToken textToken - now <- liftIO getCurrentTime + alreadySigned <- isAlreadySigned + if alreadySigned + then + redirect "/" + else do + mbSignIn <- liftIO . runDb $ getSignInToken textToken + now <- liftIO getCurrentTime + case mbSignIn of + Just signIn -> + if signInIsUsed . entityVal $ signIn + then + redirectError (getMessage SignInUsed) + else + let diffTime = now `diffUTCTime` (signInCreation . entityVal $ signIn) + in if diffTime > (fromIntegral $ (signInExpirationMn config) * 60) + then + redirectError (getMessage SignInExpired) + else do + LoginSession.put (signInToken . entityVal $ signIn) + liftIO . runDb . signInTokenToUsed . entityKey $ signIn + redirect "/" + Nothing -> + redirectError (getMessage SignInInvalid) + +isAlreadySigned :: ActionM Bool +isAlreadySigned = do + mbToken <- LoginSession.get case mbToken of - Just token -> - if signInIsUsed . entityVal $ token - then - redirectError (getMessage SignInUsed) - else - let diffTime = now `diffUTCTime` (signInCreation . entityVal $ token) - in if diffTime > (fromIntegral $ (signInExpirationMn config) * 60) - then - redirectError (getMessage SignInExpired) - else do - LoginSession.put (signInToken . entityVal $ token) - liftIO . runDb . signInTokenToUsed . entityKey $ token - redirect "/" Nothing -> - redirectError (getMessage SignInInvalid) + return False + Just token -> do + liftIO . runDb . fmap isJust $ getUserFromToken token redirectError :: Text -> ActionM () redirectError msg = |