putSession from ClientSessionT is not saving the session before the redirect happens
25 views
Skip to first unread message
Andrijan Jelovic
Apr 1, 2021, 10:39:15 PM4/1/21
to HAppS
Hi,
I've been trying to update a session right before redirect. I'm using reform on the login page to catch the login credentials. I believe they are working and I get redirected to the home page, but before the redirect, I have a update to putSession to store the new credentials. I'm also using the reform library to handle cross site forgery requests on the login page.:
Here's the code:
loginPage :: RouteT Sitemap (ClientSessionT SessionData (ServerPartT (ReaderT EnvironmentArgs IO))) Response
loginPage =
do
environmentArgs <- ask
homeURL <- showURL Home
loginURL <- showURL Login
loginCSSURL <- showURL $ CSS (CSSFilename "login.css")
topBannerCSSURL <- fmap CSSUrl (showURL $ CSS (CSSFilename "topBanner.css"))
formHTML <- lift $ reform (form loginURL) "loginPage" (displayMessage homeURL) Nothing loginForm
sessionData <- mapRouteT getSessionData askRouteT
ok $ toResponse $
H.html $ do
H.head $ do
H.title "Eureka Login"
H.link H.! A.href (fromString . Data.Text.unpack $ loginCSSURL) H.! A.rel "stylesheet" H.! A.type_ "text/css"
H.body $ do
loginBanner (eEnvironmentName environmentArgs) (eEnvironmentVersion environmentArgs) (fmap _username (Just sessionData)) topBannerCSSURL
formHTML
bottomBanner
H.p $ toMarkup $ _count sessionData
where
displayMessage :: Text -> LoginData -> ClientSessionT SessionData (ServerPartT (ReaderT EnvironmentArgs IO)) H.Html
displayMessage homeURL loginData = passwordMatchedResponse loginData
where passwordMatchedResponse :: LoginData -> ClientSessionT SessionData (ServerPartT (ReaderT EnvironmentArgs IO)) H.Html
passwordMatchedResponse (LoginData _ (Password "")) = loginFailed
passwordMatchedResponse (LoginData (Username "") _) = loginFailed
passwordMatchedResponse loginData =
do existingSession <- getSession
putSession $ SessionData (lUsername loginData) 34
seeOther homeURL "Loading home page"
-- return $ appTemplate "Form validation result" [] $ renderLoginData loginData
getSessionData :: ClientSessionT SessionData (ServerPartT (ReaderT EnvironmentArgs IO)) a -> ClientSessionT SessionData (ServerPartT (ReaderT EnvironmentArgs IO)) SessionData
getSessionData _ = getSession
The session's username is not being saved in the session and so what my homepage returns is empty string on my receiving homepage
homePage :: RouteT Sitemap (ClientSessionT SessionData (ServerPartT (ReaderT EnvironmentArgs IO))) Response
homePage =
do environmentArgs <- ask
topBannerCSSURL <- fmap CSSUrl (showURL $ CSS (CSSFilename "topBanner.css"))
sessionData <- mapRouteT getSessionData askRouteT
ok $ toResponse $ homePageDesign environmentArgs sessionData topBannerCSSURL
where homePageDesign :: EnvironmentArgs -> SessionData -> CSSUrl -> H.Html
homePageDesign eArgs sessionData cssUrl = H.html $ do
H.head $ do
H.title "Home"
H.body $ do
loginBanner (eEnvironmentName eArgs) (eEnvironmentVersion eArgs) (Just (_username sessionData)) cssUrl
H.p $ toMarkup $ (_count sessionData)
getSessionData :: ClientSessionT SessionData (ServerPartT (ReaderT EnvironmentArgs IO)) a
-> ClientSessionT SessionData (ServerPartT (ReaderT EnvironmentArgs IO)) SessionData
getSessionData _ = do sessionData <- getSession
putSession $ SessionData (_username sessionData) (_count sessionData + 1)
return sessionData
I do know that the session is updating because multiple reloads on the homepage increments a counter variable I have on sessionData.
I've used seeOther, movedPermanently, and tempRedirect, but they all don't appear to respect the putSession when I attempt to validate the credentials before redirecting.
Reply all
Reply to author
Forward
0 new messages