IHP Api Reference
Copyright(c) digitally induced GmbH 2020
Safe HaskellSafe-Inferred

IHP.AuthSupport.Controller.Sessions

Description

 
Synopsis

Documentation

newSessionAction :: forall record action. (?theAction :: action, ?context :: ControllerContext, HasNewSessionUrl record, ?modelContext :: ModelContext, Typeable record, View (NewView record), Data action, Record record, HasPath action, SessionsControllerConfig record) => IO () Source #

Displays the login form.

In case the user is already logged in, redirects to the home page (afterLoginRedirectPath).

createSessionAction :: forall record action. (?theAction :: action, ?context :: ControllerContext, ?modelContext :: ModelContext, Data action, HasField "email" record Text, HasPath action, HasField "id" record (Id record), HasField "passwordHash" record Text, SessionsControllerConfig record, UpdateField "lockedAt" record record (Maybe UTCTime) (Maybe UTCTime), HasField "failedLoginAttempts" record Int, SetField "failedLoginAttempts" record Int, CanUpdate record, Show (PrimaryKey (GetTableName record)), record ~ GetModelByTableName (GetTableName record), Table record) => IO () Source #

Logs in a user when a valid email and password is given

After 10 failed attempts, the user is locked for an hours. See maxFailedLoginAttempts to customize this.

After a successful login, the user is redirect to afterLoginRedirectPath.

deleteSessionAction :: forall record action id. (?theAction :: action, ?context :: ControllerContext, ?modelContext :: ModelContext, Data action, HasPath action, Show id, HasField "id" record id, SessionsControllerConfig record) => IO () Source #

Logs out the user and redirects to afterLogoutRedirectPath or login page by default

class (Typeable record, Show record, KnownSymbol (GetModelName record), HasNewSessionUrl record, KnownSymbol (GetTableName record), FromRow record) => SessionsControllerConfig record where Source #

Configuration for the session controller actions

Minimal complete definition

Nothing

Methods

afterLoginRedirectPath :: Text Source #

Your home page, where the user is redirect after login, by default it's /

afterLogoutRedirectPath :: forall action. (?theAction :: action, Data action, HasPath action) => Text Source #

Where the user is redirected after logout, by default it's /NewSession

maxFailedLoginAttempts :: record -> Int Source #

After 10 failed login attempts the user will be locked for an hour

beforeLogin :: (?context :: ControllerContext, ?modelContext :: ModelContext) => record -> IO () Source #

Callback that is executed just before the user is logged in

This is called only after checking that the password is correct. When a wrong password is given this callback is not executed.

Example: Disallow login until user is confirmed

beforeLogin user = do
    unless (user.isConfirmed) do
        setErrorMessage "Please click the confirmation link we sent to your email before you can use the App"
        redirectTo NewSessionAction

beforeLogout :: (?context :: ControllerContext, ?modelContext :: ModelContext) => record -> IO () Source #

Callback that is executed just before the user is logged out

This is called only if user session exists

usersQueryBuilder :: (GetModelByTableName (GetTableName record) ~ record, Table record) => QueryBuilder (GetTableName record) Source #

Return's the query @User used by the controller. Customize this to e.g. exclude guest users from logging in.

Example: Exclude guest users from login

usersQueryBuilder = query @User |> filterWhere (#isGuest, False)