Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Exporting CookiedWrapperClass? #38

Closed
michalrus opened this issue Oct 20, 2017 · 2 comments
Closed

Exporting CookiedWrapperClass? #38

michalrus opened this issue Oct 20, 2017 · 2 comments

Comments

@michalrus
Copy link

michalrus commented Oct 20, 2017
edited

Hello!

Could you export CookiedWrapperClass? Or define it in an *.Internal module.

Use case: I need to derive AuthCookieSettings from some data received in the request. I’m defining my own cookied' similarly to:

{-# OPTIONS_GHC -fno-warn-missing-signatures #-}

-- FIXME: CookiedWrapperClass is not exported by https://github.com/zohl/servant-auth-cookie/issues/38

--cookied' :: CookiedWrapperClass f r UserSession => E.Env -> f -> Maybe Datum -> r
cookied' env f datum =
  cookied
    (authSettings env datum)
    (E.authRS env)
    (E.authKey env)
    (Proxy :: Proxy UserSession)
    f

type CookieProtect a = ExtractDatum :> AuthProtect "cookie-auth" :> a

The problem is obviously, that GHC is complaining about missing top-level signatures, and I can’t add one, because that CookiedWrapperClass class is not exported.

ExtractDatum is a Servant combinator, that extracts some data from Network.Wai.Request—that part is irrelevant.

And then using it like:

type SomeAPI
   = CookieProtect ("something" :> ReqBody '[ JSON] ReqSomething :> PostNoContent '[ JSON] (Cookied NoContent))

serveSomething :: E.Env -> Server SomeAPI
serveSomething env =
  cookied' env $ \UserSession {..} ReqSomething {..} -> do
    undefined

If you know of a better way to achieve that use case (depending on some value from Network.Wai.Request in AuthCookieSettings in all three places: cookied, addSession, removeSession), then I’ll happily switch to that solution!
@zohl
Copy link
Owner

zohl commented Oct 21, 2017

Hello again,

I've exported the class, so fell free to use it.

I expected AuthCookieSettings to be persistent, so (from my point of view) your approach seems a little bit strange. However, if I needed to customize sessions in a way you mentioned in two previous issues, I would do the same trick :)
This is why I'm considering moving "mutable" (i.e. session-specific) options to SessionSettings, so they can be stored right in the cookies.
So if it's possible to store your options inside cookies (e.g. they do not affect how to decrypt/verify cookies) and they are of general purpose (might be useful for any application, not a specific one), I can add them into SessionSettings.
If they aren't of general purpose, I'll try to consider parametrized SessionSettings record.

@michalrus
Copy link
Author

Thank you very much! ♥

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@michalrus @zohl