Copyright(c) digitally induced GmbH 2020
Safe HaskellNone





newSessionAction :: forall record action. (?theAction :: action, ?context :: ControllerContext, HasNewSessionUrl record, ?modelContext :: ModelContext, Typeable record, View (NewView record), Data action, Record record, HasPath action, SessionsControllerConfig record) => IO () Source #

Displays the login form.

In case the user is already logged in, redirects to the home page (afterLoginRedirectPath).

createSessionAction :: forall record action passwordField. (?theAction :: action, ?context :: ControllerContext, ?modelContext :: ModelContext, Data action, HasField "email" record Text, HasPath action, HasField "id" record (Id record), HasField "passwordHash" record Text, SessionsControllerConfig record, UpdateField "lockedAt" record record (Maybe UTCTime) (Maybe UTCTime), HasField "failedLoginAttempts" record Int, SetField "failedLoginAttempts" record Int, CanUpdate record, Show (PrimaryKey (GetTableName record)), record ~ GetModelByTableName (GetTableName record)) => IO () Source #

Logs in a user when a valid email and password is given

After 10 failed attempts, the user is locked for an hours. See maxFailedLoginAttemps to customize this.

After a successful login, the user is redirect to afterLoginRedirectPath.

deleteSessionAction :: forall record action id. (?theAction :: action, ?context :: ControllerContext, ?modelContext :: ModelContext, Data action, HasPath action, Show id, HasField "id" record id, SessionsControllerConfig record) => IO () Source #

Logs out the user and redirect back to the login page

class (Typeable record, Show record, KnownSymbol (GetModelName record), HasNewSessionUrl record, KnownSymbol (GetTableName record), FromRow record) => SessionsControllerConfig record where Source #

Configuration for the session controller actions

Minimal complete definition



afterLoginRedirectPath :: Text Source #

Your home page, where the user is redirect after login

maxFailedLoginAttemps :: record -> Int Source #

After 10 failed login attempts the user will be locked for an hour

beforeLogin :: (?context :: ControllerContext, ?modelContext :: ModelContext) => record -> IO () Source #

Callback that is executed just before the user is logged

This is called only after checking that the password is correct. When a wrong password is given this callback is not executed.

Example: Disallow login until user is confirmed

beforeLogin user = do
    unless (get #isConfirmed user) do
        setErrorMessage "Please click the confirmation link we sent to your email before you can use IHP Cloud"
        redirectTo NewSessionAction