From 906db8d4ac24f65f38e1d31bfdaa47602a54d759 Mon Sep 17 00:00:00 2001
From: Ben Sima <ben@bsima.me>
Date: Mon, 9 Jan 2023 13:06:53 -0500
Subject: Reorganize some Auth/App stuff

---
 Biz/Auth.hs | 17 +++++++++++++++++
 1 file changed, 17 insertions(+)

(limited to 'Biz/Auth.hs')

diff --git a/Biz/Auth.hs b/Biz/Auth.hs
index 1c3e45c..14f67ec 100644
--- a/Biz/Auth.hs
+++ b/Biz/Auth.hs
@@ -18,6 +18,8 @@ module Biz.Auth
 
     -- * Servant Helpers
     SetCookies,
+    liveCookieSettings,
+    testCookieSettings,
   )
 where
 
@@ -38,6 +40,21 @@ notset = "notset"
 type SetCookies ret =
   (Headers '[Header "Set-Cookie" Auth.SetCookie, Header "Set-Cookie" Auth.SetCookie] ret)
 
+liveCookieSettings :: Auth.CookieSettings
+liveCookieSettings =
+  Auth.defaultCookieSettings
+    { Auth.cookieIsSecure = Auth.Secure,
+      -- disable XSRF protection because we don't use any javascript
+      Auth.cookieXsrfSetting = Nothing
+    }
+
+testCookieSettings :: Auth.CookieSettings
+testCookieSettings =
+  Auth.defaultCookieSettings
+    { Auth.cookieIsSecure = Auth.NotSecure,
+      Auth.cookieXsrfSetting = Nothing
+    }
+
 -- | These are arguments that a 3rd-party OAuth provider needs in order for us
 -- to authenticate a user.
 data OAuthArgs = OAuthArgs
-- 
cgit v1.2.3