Check passwords in /login

TL;DR: - Since POST /login is more rigorous, our accounts.csv needs to contain validly hashed passwords; you can use tests/create-accounts.sh to create dummy accounts I still need to test the login flow and support: - Tracking failed attempts (three maximum) - Verifying accounts by sending emails to the users
2020-07-28 18:48:38 +01:00 · 2020-07-28 18:48:38 +01:00 · f051b0be0b
commit f051b0be0b
parent 90a521c78f
5 changed files with 45 additions and 18 deletions
--- a/src/API.hs
+++ b/src/API.hs
@ -41,4 +41,4 @@ type API =
      -- Miscellaneous
      :<|> "login"
           :> ReqBody '[JSON] T.AccountCredentials
-           :> Post '[JSON] (Maybe T.Session)
+           :> Post '[JSON] NoContent