ebook-manager/backend/src/API/Users.hs

{-# Language DataKinds #-}
{-# Language TypeFamilies #-}
{-# Language OverloadedStrings #-}
{-# Language NoImplicitPrelude #-}
{-# Language TypeOperators #-}
{-# Language DuplicateRecordFields #-}
{-# Language TypeApplications #-}
module API.Users  where

import           ClassyPrelude
import           Control.Monad.Catch (throwM, MonadThrow)
import           Data.Aeson
import           Database (runDB)
import           Database.Schema
import           Database.User
import           Servant
import           Servant.Auth as SA
import           Servant.Auth.Server as SAS
import qualified Servant.Docs as Docs
import           Server.Auth
import           Types
import           Web.FormUrlEncoded


data RegisterForm = RegisterForm { username :: Username
                                 , email :: Email
                                 , password :: PlainPassword
                                 , passwordAgain :: PlainPassword }
                  deriving (Generic, Show)

instance Docs.ToSample RegisterForm

data LoginStatus = LoginStatus ( Maybe SafeUser ) deriving Generic

data RegisterStatus = RegisterStatus deriving Generic

instance Docs.ToSample RegisterStatus

instance ToJSON LoginStatus
instance FromJSON LoginStatus
instance Docs.ToSample LoginStatus

instance FromJSON RegisterForm
instance ToJSON RegisterForm
instance ToJSON RegisterStatus
instance FromJSON RegisterStatus
instance FromForm RegisterForm
instance ToForm RegisterForm


type API = Auth '[SA.BasicAuth, SA.JWT] SafeUser :> "login" :> Get '[JSON] LoginStatus
      :<|> "register" :> ReqBody '[JSON, FormUrlEncoded] RegisterForm :> Post '[JSON] RegisterStatus

handler :: ServerT API AppM
handler = loginHandler :<|> registerHandler

loginHandler :: AuthResult SafeUser -> AppM LoginStatus
loginHandler (Authenticated u) = return (LoginStatus (Just u))
loginHandler _ = return (LoginStatus Nothing)

registerHandler :: RegisterForm -> AppM RegisterStatus
registerHandler RegisterForm{..} =
  case () of
       () | password /= passwordAgain -> noMatch
          | otherwise ->
              either (const alreadyExists) (const (pure RegisterStatus)) =<< runDB (insertUser username email password)
  where
    noMatch = throwM err403{errBody = "passwords don't match"}
    alreadyExists = throwM err403{errBody = "User already exists"}
Register new users 2018-08-03 23:36:38 +03:00			`{-# Language DataKinds #-}`
			`{-# Language TypeFamilies #-}`
			`{-# Language OverloadedStrings #-}`
			`{-# Language NoImplicitPrelude #-}`
			`{-# Language TypeOperators #-}`
			`{-# Language DuplicateRecordFields #-}`
Modify types, create instances 2018-08-04 22:05:41 +03:00			`{-# Language TypeApplications #-}`
			`module API.Users where`
Register new users 2018-08-03 23:36:38 +03:00
Docs support 2018-11-12 21:32:42 +02:00			`import ClassyPrelude`
			`import Control.Monad.Catch (throwM, MonadThrow)`
			`import Data.Aeson`
			`import Database (runDB)`
			`import Database.Schema`
			`import Database.User`
			`import Servant`
			`import Servant.Auth as SA`
			`import Servant.Auth.Server as SAS`
			`import qualified Servant.Docs as Docs`
			`import Server.Auth`
			`import Types`
			`import Web.FormUrlEncoded`
Register new users 2018-08-03 23:36:38 +03:00

Modify types, create instances 2018-08-04 22:05:41 +03:00			`data RegisterForm = RegisterForm { username :: Username`
			`, email :: Email`
			`, password :: PlainPassword`
			`, passwordAgain :: PlainPassword }`
Register new users 2018-08-03 23:36:38 +03:00			`deriving (Generic, Show)`

Docs support 2018-11-12 21:32:42 +02:00			`instance Docs.ToSample RegisterForm`

Modify types, create instances 2018-08-04 22:05:41 +03:00			`data LoginStatus = LoginStatus ( Maybe SafeUser ) deriving Generic`
Register new users 2018-08-03 23:36:38 +03:00
			`data RegisterStatus = RegisterStatus deriving Generic`

Docs support 2018-11-12 21:32:42 +02:00			`instance Docs.ToSample RegisterStatus`

Register new users 2018-08-03 23:36:38 +03:00			`instance ToJSON LoginStatus`
			`instance FromJSON LoginStatus`
Docs support 2018-11-12 21:32:42 +02:00			`instance Docs.ToSample LoginStatus`
Register new users 2018-08-03 23:36:38 +03:00
			`instance FromJSON RegisterForm`
			`instance ToJSON RegisterForm`
			`instance ToJSON RegisterStatus`
			`instance FromJSON RegisterStatus`
			`instance FromForm RegisterForm`
			`instance ToForm RegisterForm`

Authentication 2018-08-04 23:43:26 +03:00
Channels API 2018-08-05 23:13:49 +03:00			`type API = Auth '[SA.BasicAuth, SA.JWT] SafeUser :> "login" :> Get '[JSON] LoginStatus`
Register new users 2018-08-03 23:36:38 +03:00			`:<\|> "register" :> ReqBody '[JSON, FormUrlEncoded] RegisterForm :> Post '[JSON] RegisterStatus`

			`handler :: ServerT API AppM`
			`handler = loginHandler :<\|> registerHandler`

Authentication 2018-08-04 23:43:26 +03:00			`loginHandler :: AuthResult SafeUser -> AppM LoginStatus`
			`loginHandler (Authenticated u) = return (LoginStatus (Just u))`
			`loginHandler _ = return (LoginStatus Nothing)`
Register new users 2018-08-03 23:36:38 +03:00
			`registerHandler :: RegisterForm -> AppM RegisterStatus`
			`registerHandler RegisterForm{..} =`
			`case () of`
			`() \| password /= passwordAgain -> noMatch`
			`\| otherwise ->`
Modify types, create instances 2018-08-04 22:05:41 +03:00			`either (const alreadyExists) (const (pure RegisterStatus)) =<< runDB (insertUser username email password)`
Register new users 2018-08-03 23:36:38 +03:00			`where`
			`noMatch = throwM err403{errBody = "passwords don't match"}`
			`alreadyExists = throwM err403{errBody = "User already exists"}`