Skip to content

Commit 970b04b

Browse files
author
Jon Kristensen
committed
Add 0.0.0.7
1 parent 968c2de commit 970b04b

File tree

4 files changed

+21
-5
lines changed

4 files changed

+21
-5
lines changed

src/Api.hs

Lines changed: 3 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -9,11 +9,11 @@ module Api where
99
import Backend
1010
import Control.Monad.Trans
1111
import Control.Monad.Trans.Either
12-
import Data.Traversable
13-
import qualified Data.Traversable as Traversable
1412
import Data.Monoid
1513
import Data.Text (Text)
1614
import qualified Data.Text as Text
15+
import Data.Traversable
16+
import qualified Data.Traversable as Traversable
1717
import Database.Persist.Sql
1818
import Network.Wai
1919
import Servant
@@ -26,6 +26,7 @@ type LoginAPI = "login"
2626
:> ReqBody '[JSON] Login
2727
:> Post '[JSON] (Headers '[Header "X-Token" B64Token] ReturnLogin)
2828

29+
-- Will be transformed into X-Token header and token cookie by the nginx
2930
serveLogin :: ConnectionPool -> Config -> Server LoginAPI
3031
serveLogin pool conf loginReq = loginHandler
3132
where

src/Backend.hs

Lines changed: 2 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -161,7 +161,8 @@ login Login{ loginUser = userEmail
161161
Just p -> do
162162
createOTP twilioConf p userId
163163
return $ Left LoginErrorOTPRequired
164-
Just otp -> do
164+
Just (Password otpC) -> do
165+
let otp = Password $ Text.toUpper otpC
165166
otpTime <- fromIntegral . negate <$> getConfig oTPTimeoutSeconds
166167
now <- liftIO getCurrentTime
167168
let cutoff = otpTime `addUTCTime` now

src/Config.hs

Lines changed: 15 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -1,5 +1,6 @@
11
-- Copyright © 2015-2016 Nejla AB. All rights reserved.
22

3+
{-# LANGUAGE NoMonomorphismRestriction #-}
34
{-# LANGUAGE TemplateHaskell #-}
45
{-# LANGUAGE OverloadedStrings #-}
56

@@ -10,6 +11,7 @@ import Control.Monad.Logger
1011
import Control.Monad.Trans
1112
import Data.ByteString (ByteString)
1213
import qualified Data.ByteString as BS
14+
import Data.Char
1315
import qualified Data.Configurator as Conf
1416
import qualified Data.Configurator.Types as Conf
1517
import Data.Maybe (catMaybes)
@@ -96,6 +98,18 @@ getConf :: (MonadLogger m, MonadIO m) =>
9698
String -> Conf.Name -> Either Text Text -> Conf.Config -> m Text
9799
getConf = getConfGeneric (Just . Text.pack)
98100

101+
getConfBool :: (MonadIO m, MonadLogger m) =>
102+
String
103+
-> Conf.Name
104+
-> Either Text Bool
105+
-> Conf.Config
106+
-> m Bool
107+
getConfBool = getConfGeneric parseBool
108+
where
109+
parseBool str | (map toLower $ str) == "true" = Just True
110+
| (map toLower $ str) == "false" = Just False
111+
| otherwise = Nothing
112+
99113
loadConf :: MonadIO m => m Conf.Config
100114
loadConf = liftIO $ do
101115
mbConfPath <- lookupEnv "CONF_PATH"
@@ -146,7 +160,7 @@ getTwilioConfig conf = do
146160
liftIO Exit.exitFailure
147161

148162
get2FAConf conf = do
149-
tfaRequired <- getConf' "TFA_REQUIRED" "tfa.required" (Right False) conf
163+
tfaRequired <- getConfBool "TFA_REQUIRED" "tfa.required" (Right False) conf
150164
twilioConf <- getTwilioConfig conf
151165
case (tfaRequired, twilioConf) of
152166
(True, Nothing) -> do

web/nginx.conf.m4

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -64,7 +64,7 @@ http {
6464
location = /login {
6565
proxy_pass http://AUTH_SERVICE/login/;
6666
proxy_set_header X-Original-URI $request_uri;
67-
add_header Set-Cookie "token=$upstream_http_x_token; Path=/";
67+
add_header Set-Cookie "token=$upstream_http_x_token; Path=/; Expires=Fri, 01-Jan-2038 00:00:01 GMT";
6868
}
6969

7070
location = /logout {

0 commit comments

Comments
 (0)