diff options
Diffstat (limited to 'Biz/Auth.hs')
| -rw-r--r-- | Biz/Auth.hs | 17 |
1 files changed, 17 insertions, 0 deletions
diff --git a/Biz/Auth.hs b/Biz/Auth.hs index 1c3e45c..14f67ec 100644 --- a/Biz/Auth.hs +++ b/Biz/Auth.hs @@ -18,6 +18,8 @@ module Biz.Auth -- * Servant Helpers SetCookies, + liveCookieSettings, + testCookieSettings, ) where @@ -38,6 +40,21 @@ notset = "notset" type SetCookies ret = (Headers '[Header "Set-Cookie" Auth.SetCookie, Header "Set-Cookie" Auth.SetCookie] ret) +liveCookieSettings :: Auth.CookieSettings +liveCookieSettings = + Auth.defaultCookieSettings + { Auth.cookieIsSecure = Auth.Secure, + -- disable XSRF protection because we don't use any javascript + Auth.cookieXsrfSetting = Nothing + } + +testCookieSettings :: Auth.CookieSettings +testCookieSettings = + Auth.defaultCookieSettings + { Auth.cookieIsSecure = Auth.NotSecure, + Auth.cookieXsrfSetting = Nothing + } + -- | These are arguments that a 3rd-party OAuth provider needs in order for us -- to authenticate a user. data OAuthArgs = OAuthArgs |