add app setting enable SSL_ONLY
This commit is contained in:
parent
3ecb38b89a
commit
71938b3e0a
|
@ -41,3 +41,5 @@ archive-socks-proxy-host: "_env:ARCHIVE_SOCKS_PROXY_HOST"
|
|||
archive-socks-proxy-port: "_env:ARCHIVE_SOCKS_PROXY_PORT"
|
||||
|
||||
source-code-uri: "_env:SOURCE_CODE_URI:https://github.com/jonschoning/espial"
|
||||
|
||||
ssl-only: "_env:SSL_ONLY" # false
|
||||
|
|
|
@ -1,5 +1,6 @@
|
|||
{-# LANGUAGE DeriveGeneric #-}
|
||||
{-# LANGUAGE StandaloneDeriving #-}
|
||||
{-# LANGUAGE NamedFieldPuns #-}
|
||||
{-# OPTIONS_GHC -fno-warn-unused-matches #-}
|
||||
|
||||
module Foundation where
|
||||
|
@ -41,6 +42,9 @@ instance YesodPersist App where
|
|||
instance YesodPersistRunner App where
|
||||
getDBRunner = defaultGetDBRunner appConnPool
|
||||
|
||||
session_timeout_minutes :: Int
|
||||
session_timeout_minutes = 10080 -- (7 days)
|
||||
|
||||
-- Yesod
|
||||
|
||||
instance Yesod App where
|
||||
|
@ -49,11 +53,28 @@ instance Yesod App where
|
|||
Nothing -> getApprootText guessApproot app req
|
||||
Just root -> root
|
||||
|
||||
makeSessionBackend _ = Just <$> defaultClientSessionBackend
|
||||
10080 -- min (7 days)
|
||||
"config/client_session_key.aes"
|
||||
makeSessionBackend :: App -> IO (Maybe SessionBackend)
|
||||
makeSessionBackend App {appSettings} = do
|
||||
backend <-
|
||||
defaultClientSessionBackend
|
||||
session_timeout_minutes
|
||||
"config/client_session_key.aes"
|
||||
maybeSSLOnly $ pure (Just backend)
|
||||
where
|
||||
maybeSSLOnly =
|
||||
if appSSLOnly appSettings
|
||||
then sslOnlySessions
|
||||
else id
|
||||
|
||||
yesodMiddleware = defaultYesodMiddleware . defaultCsrfMiddleware
|
||||
yesodMiddleware :: HandlerFor App res -> HandlerFor App res
|
||||
yesodMiddleware = maybeSSLOnly . defaultYesodMiddleware . defaultCsrfMiddleware
|
||||
where
|
||||
maybeSSLOnly handler = do
|
||||
yesod <- getYesod
|
||||
(if appSSLOnly (appSettings yesod)
|
||||
then sslOnlyMiddleware session_timeout_minutes
|
||||
else id)
|
||||
handler
|
||||
|
||||
defaultLayout widget = do
|
||||
req <- getRequest
|
||||
|
|
|
@ -64,6 +64,8 @@ data AppSettings = AppSettings
|
|||
|
||||
, appSourceCodeUri :: Maybe Text
|
||||
-- ^ Uri to app source code
|
||||
|
||||
, appSSLOnly :: Bool
|
||||
}
|
||||
|
||||
instance FromJSON AppSettings where
|
||||
|
@ -96,7 +98,9 @@ instance FromJSON AppSettings where
|
|||
|
||||
appArchiveSocksProxyHost <- o .:? "archive-socks-proxy-host"
|
||||
appArchiveSocksProxyPort <- o .:? "archive-socks-proxy-port"
|
||||
appSourceCodeUri <- o .:? "source-code-uri"
|
||||
appSourceCodeUri <- o .:? "source-code-uri"
|
||||
|
||||
appSSLOnly <- fromMaybe False <$> o .:? "ssl-only"
|
||||
|
||||
return AppSettings {..}
|
||||
|
||||
|
|
Loading…
Reference in a new issue