From bb31be8f6072e4dd72c8630c019f7ab5e0bc9fa9 Mon Sep 17 00:00:00 2001
From: Igor Pashev <pashev.igor@gmail.com>
Date: Wed, 26 Jul 2017 21:09:57 +0300
Subject: [WIP] State in OAuth2 callback should be short-lived

---
 src/Sproxy/Application/Cookie.hs | 33 ++++++++++++---------------------
 1 file changed, 12 insertions(+), 21 deletions(-)

(limited to 'src/Sproxy/Application/Cookie.hs')

diff --git a/src/Sproxy/Application/Cookie.hs b/src/Sproxy/Application/Cookie.hs
index a86f42a..5bd15ef 100644
--- a/src/Sproxy/Application/Cookie.hs
+++ b/src/Sproxy/Application/Cookie.hs
@@ -1,7 +1,6 @@
 {-# LANGUAGE OverloadedStrings #-}
 module Sproxy.Application.Cookie (
-  AuthCookie(..)
-, AuthUser
+  AuthUser
 , cookieDecode
 , cookieEncode
 , getEmail
@@ -16,7 +15,7 @@ module Sproxy.Application.Cookie (
 import Data.ByteString (ByteString)
 import Data.Text (Text, toLower, strip)
 import Data.Text.Encoding (decodeUtf8, encodeUtf8)
-import Foreign.C.Types (CTime(..))
+import Foreign.C.Types (CTime)
 import qualified Data.Serialize as DS
 
 import qualified Sproxy.Application.State as State
@@ -27,28 +26,20 @@ data AuthUser = AuthUser {
 , auFamilyName :: ByteString
 }
 
-data AuthCookie = AuthCookie {
-  acUser   :: AuthUser
-, acExpiry :: CTime
-}
-
-instance DS.Serialize AuthCookie where
-  put c = DS.put (auEmail u, auGivenName u, auFamilyName u, x)
-          where u = acUser c
-                x = (\(CTime i) -> i) $ acExpiry c
+instance DS.Serialize AuthUser where
+  put u = DS.put (auEmail u, auGivenName u, auFamilyName u)
   get = do
-    (e, n, f, x) <- DS.get
-    return AuthCookie {
-        acUser = AuthUser { auEmail = e, auGivenName = n, auFamilyName = f }
-      , acExpiry = CTime x
-      }
+    (e, n, f) <- DS.get
+    return AuthUser { auEmail = e, auGivenName = n, auFamilyName = f }
 
 
-cookieDecode :: ByteString -> ByteString -> Either String AuthCookie
-cookieDecode key d = State.decode key d >>= DS.decode
+cookieDecode :: ByteString -> ByteString -> IO (Either String AuthUser)
+cookieDecode key d = do
+  c <- State.decode key d
+  return $ c >>= DS.decode
 
-cookieEncode :: ByteString -> AuthCookie -> ByteString
-cookieEncode key = State.encode key . DS.encode
+cookieEncode :: ByteString -> Int -> AuthUser -> IO (ByteString, CTime)
+cookieEncode key shelflife = State.encode key (fromIntegral shelflife) . DS.encode
 
 
 getEmail :: AuthUser -> Text
-- 
cgit v1.2.3