From b27a7914993f5a5a87160dc33431a6fa1f4ad323 Mon Sep 17 00:00:00 2001
From: Joris Guyonvarch
Date: Sat, 18 Jul 2015 17:36:35 +0200
Subject: Securing the index page with the login session

---
 src/server/Secure.hs | 23 +++++++++++++++++++++++
 1 file changed, 23 insertions(+)
 create mode 100644 src/server/Secure.hs

(limited to 'src/server/Secure.hs')

diff --git a/src/server/Secure.hs b/src/server/Secure.hs
new file mode 100644
index 0000000..94ee8a9
--- /dev/null
+++ b/src/server/Secure.hs
@@ -0,0 +1,23 @@
+{-# LANGUAGE OverloadedStrings #-}
+
+module Secure
+  ( loggedAction
+  ) where
+
+import Web.Scotty
+
+import Network.HTTP.Types.Status (forbidden403)
+
+import Data.Text (Text)
+
+import qualified LoginSession
+
+loggedAction :: (Text -> ActionM ()) -> ActionM ()
+loggedAction action = do
+  maybeLogin <- LoginSession.get
+  case maybeLogin of
+    Just login ->
+      action login
+    Nothing -> do
+      status forbidden403
+      html "You need to be logged in to perform this action"
-- 
cgit v1.2.3