dec8890190
Lots of changes here: - Add the GET /verify endpoint - Email users a secret using MailGun - Create a PendingAccounts table and record type - Prefer do-notation for FromRow instances (and in general) instead of the <*> or a liftA2 style. Using instances using `<*>` makes the instances depend on the order in which the record's fields were defined. When combined with a "SELECT *", which returns the columns in whichever order the schema defines them (or depending on the DB implementation), produces runtime parse errors at best and silent errors at worst. - Delete bill from accounts.csv to free up the wpcarro@gmail.com when testing the /verify route.
49 lines
2 KiB
Haskell
49 lines
2 KiB
Haskell
{-# LANGUAGE RecordWildCards #-}
|
|
{-# LANGUAGE OverloadedStrings #-}
|
|
--------------------------------------------------------------------------------
|
|
module Accounts where
|
|
--------------------------------------------------------------------------------
|
|
import Database.SQLite.Simple
|
|
|
|
import qualified PendingAccounts
|
|
import qualified Types as T
|
|
--------------------------------------------------------------------------------
|
|
|
|
-- | Delete the account in PendingAccounts and create on in Accounts.
|
|
transferFromPending :: FilePath -> T.PendingAccount -> IO ()
|
|
transferFromPending dbFile T.PendingAccount{..} = withConnection dbFile $
|
|
\conn -> withTransaction conn $ do
|
|
PendingAccounts.delete dbFile pendingAccountUsername
|
|
execute conn "INSERT INTO Accounts (username,password,email,role) VALUES (?,?,?,?)"
|
|
( pendingAccountUsername
|
|
, pendingAccountPassword
|
|
, pendingAccountEmail
|
|
, pendingAccountRole
|
|
)
|
|
|
|
-- | Create a new account in the Accounts table.
|
|
create :: FilePath -> T.Username -> T.ClearTextPassword -> T.Email -> T.Role -> IO ()
|
|
create dbFile username password email role = withConnection dbFile $ \conn -> do
|
|
hashed <- T.hashPassword password
|
|
execute conn "INSERT INTO Accounts (username,password,email,role) VALUES (?,?,?,?)"
|
|
(username, hashed, email, role)
|
|
|
|
-- | Delete `username` from `dbFile`.
|
|
delete :: FilePath -> T.Username -> IO ()
|
|
delete dbFile username = withConnection dbFile $ \conn -> do
|
|
execute conn "DELETE FROM Accounts WHERE username = ?"
|
|
(Only username)
|
|
|
|
-- | Attempt to find `username` in the Account table of `dbFile`.
|
|
lookup :: FilePath -> T.Username -> IO (Maybe T.Account)
|
|
lookup dbFile username = withConnection dbFile $ \conn -> do
|
|
res <- query conn "SELECT * FROM Accounts WHERE username = ?" (Only username)
|
|
case res of
|
|
[x] -> pure (Just x)
|
|
_ -> pure Nothing
|
|
|
|
-- | Return a list of accounts with the sensitive data removed.
|
|
list :: FilePath -> IO [T.User]
|
|
list dbFile = withConnection dbFile $ \conn -> do
|
|
accounts <- query_ conn "SELECT * FROM Accounts"
|
|
pure $ T.userFromAccount <$> accounts
|