{-# LANGUAGE OverloadedStrings #-}

module Secure
  ( loggedAction
  ) where

import Web.Scotty

import Network.HTTP.Types.Status (forbidden403)

import Data.Text (Text)

import qualified LoginSession

loggedAction :: (Text -> ActionM ()) -> ActionM ()
loggedAction action = do
  maybeLogin <- LoginSession.get
  case maybeLogin of
    Just login ->
      action login
    Nothing -> do
      status forbidden403
      html "You need to be logged in to perform this action"