packages feed

thentos-cookie-session 0.9.0 → 0.9.1

raw patch · 2 files changed

+15/−3 lines, 2 files

Files

src/Thentos/CookieSession.hs view
@@ -12,6 +12,7 @@ module Thentos.CookieSession     ( serveFAction     , enterFAction+    , noopExtendClearanceOnSessionToken      -- * types     , SSession@@ -20,6 +21,7 @@     , FSessionStore     , FServantSession     , FSessionKey+    , ExtendClearanceOnSessionToken     ) where @@ -96,6 +98,12 @@  type ExtendClearanceOnSessionToken m = ThentosSessionToken -> m () +noopExtendClearanceOnSessionToken :: Monad m => ExtendClearanceOnSessionToken m+noopExtendClearanceOnSessionToken _ = pure ()++-- | The 'ExtendClearanceOnSessionToken' argument can be used in combination with the lio package to+-- write the access policy into the server monad state.  If your way of access restriction has no+-- need for that, simply pass @noopExtendClearanceOnSessionToken@. serveFAction :: forall api m s e v.         ( HasServer api '[]         , Enter (ServerT api m) (m :~> ExceptT ServantErr IO) (Server api)@@ -139,11 +147,15 @@         Just (lkup, ins) -> do             cookieToFSession ioNat (lkup ())             maybeSessionToken <- use getThentosSessionToken-            -- Update privileges and refresh the CSRF token if there is a session token++            -- update privileges             mapM_ extendClearanceOnSessionToken maybeSessionToken++            -- refresh the CSRF token if there is a session token             when (isJust maybeSessionToken) refreshCsrfToken+             fServer `finally` (do-                clearCsrfToken -- could be replaced by 'refreshCsrfToken'+                clearCsrfToken  -- could be replaced by 'refreshCsrfToken'                 cookieFromFSession ioNat (ins ()))  -- | Write 'FrontendSessionData' from the 'SSession' state to 'MonadFAction' state.  If there
@@ -1,5 +1,5 @@ name:                thentos-cookie-session-version:             0.9.0+version:             0.9.1 synopsis:            All-in-one session handling for servant-based frontends description:     Uses cookies to store session keys.