apiary-clientsession 0.16.0 → 0.17.0
raw patch · 3 files changed
+21/−24 lines, 3 filesdep ~apiarydep ~apiary-cookiedep ~timePVP ok
version bump matches the API change (PVP)
Dependency ranges changed: apiary, apiary-cookie, time
API changes (from Hackage documentation)
Files
- apiary-clientsession.cabal +4/−4
- src/Web/Apiary/ClientSession.hs +3/−8
- src/Web/Apiary/ClientSession/Internal.hs +14/−12
apiary-clientsession.cabal view
@@ -1,5 +1,5 @@ name: apiary-clientsession-version: 0.16.0+version: 0.17.0 synopsis: clientsession support for apiary web framework. description: examples:@@ -28,8 +28,8 @@ build-depends: base >=4.6 && <4.8 , template-haskell , clientsession >=0.9 && <0.10- , apiary >=0.16 && <0.17- , apiary-cookie >=0.16 && <0.17+ , apiary >=0.17 && <0.18+ , apiary-cookie >=0.17 && <0.18 , directory >=1.2 && <1.3 , crypto-random >=0.0 && <0.1@@ -38,7 +38,7 @@ , binary >=0.7 && <0.8 , bytestring >=0.10 && <0.11 , base64-bytestring >=1.0 && <1.1- , time >=1.4 && <1.5+ , time >=1.4 && <1.6 , data-default-class >=0.0 && <0.1 , http-types >=0.8 && <0.9 , blaze-html >=0.7 && <0.8
src/Web/Apiary/ClientSession.hs view
@@ -38,7 +38,7 @@ import Control.Monad.Apiary.Filter.Internal.Strategy initSession :: MonadIO m => I.SessionConfig -> Initializer' m I.Session-initSession c = initializer $ I.withSession c return+initSession c = initializer' $ I.makeSession c setSession :: (Has I.Session exts, MonadIO m) => S.ByteString -> S.ByteString@@ -65,9 +65,7 @@ => S.ByteString -> w a -> ApiaryT exts (SNext w prms a) actM m () -> ApiaryT exts prms actM m ()-session k w m = do- sess <- apiaryExt (Proxy :: Proxy I.Session)- I.session sess k w m+session k w m = I.session k w m -- | create crypto random (generate random by AES CTR(cprng-aes package) and encode by base64), --@@ -80,7 +78,4 @@ -- | check csrf token. since 0.9.0.0. checkToken :: (Has I.Session exts, MonadIO actM) => ApiaryT exts prms actM m () -> ApiaryT exts prms actM m ()-checkToken m = do- sess <- apiaryExt (Proxy :: Proxy I.Session)- I.checkToken sess m-+checkToken m = I.checkToken m
src/Web/Apiary/ClientSession/Internal.hs view
@@ -29,6 +29,7 @@ import Web.ClientSession import qualified Network.HTTP.Types as HTTP +import Data.Apiary.Proxy import Data.String import Data.Maybe import Data.Monoid@@ -118,14 +119,14 @@ (KeyFile defaultKeyFile) (24 * 60 * 60) Nothing Nothing True True defaultCheckTokenFailAction Nothing "_token" (Right "_token") 40 -withSession :: MonadIO m => SessionConfig -> (Session -> m b) -> m b-withSession cfg@SessionConfig{..} m = do+makeSession :: MonadIO m => SessionConfig -> m Session+makeSession cfg@SessionConfig{..} = do k <- liftIO $ case sessionKey of KeyFile f -> getKey f KeyByteString s -> either fail return $ initKey s p <- liftIO $ makeSystem >>= newIORef let sess = Session k p cfg- m sess+ return sess newtype BinUTCTime = BinUTCTime { getUTCTime :: UTCTime } @@ -184,20 +185,21 @@ , setCookieHttpOnly = False } -session :: (MonadIO actM, Strategy w, Query a) => Session- -> S.ByteString -> w a -> ApiaryT exts (SNext w prms a) actM m () -> ApiaryT exts prms actM m ()-session sess k p = focus (DocPrecondition $ toHtml (show k) <> " session cookie required") $ \l -> do- r <- getRequest- t <- liftIO getCurrentTime+session :: (MonadIO actM, Strategy w, Query a, Has Session exts)+ => S.ByteString -> w a -> ApiaryT exts (SNext w prms a) actM m () -> ApiaryT exts prms actM m ()+session k p = focus (DocPrecondition $ toHtml (show k) <> " session cookie required") $ \l -> do+ sess <- getExt (Proxy :: Proxy Session)+ r <- getRequest+ t <- liftIO getCurrentTime let mbr = readStrategy readQuery ((k ==) . fst) p (map (second $ getSessionValue sess t) $ cookie' r) l maybe mzero return mbr -checkToken :: MonadIO actM- => Session- -> ApiaryT exts prms actM m ()+checkToken :: (MonadIO actM, Has Session exts)+ => ApiaryT exts prms actM m () -> ApiaryT exts prms actM m ()-checkToken sess@Session{..} = focus (DocPrecondition "CSRF token required") $ \l -> do+checkToken = focus (DocPrecondition "CSRF token required") $ \l -> do+ sess@Session{..} <- getExt (Proxy :: Proxy Session) r <- getRequest p <- getReqParams