nonce is a Maybe

2011-01-24 06:01:38 +02:00 · 2011-01-24 06:01:38 +02:00 · 8596bbc10e
commit 8596bbc10e
parent e802df12dc
2 changed files with 5 additions and 5 deletions
--- a/Yesod/Core.hs
+++ b/Yesod/Core.hs
@ -283,7 +283,7 @@ defaultYesodRunner y mkey murl handler req = do
    let sessionMap = Map.fromList
                   $ filter (\(x, _) -> x /= nonceKey) session'
    yar <- handlerToYAR y (yesodRender y) errorHandler rr murl sessionMap h
-    let mnonce = Just $ reqNonce rr -- FIXME
+    let mnonce = reqNonce rr
    return $ yarToResponse (hr mnonce getExpires host exp') yar
  where
    hr mnonce getExpires host exp' hs ct sm =
@ -599,11 +599,11 @@ parseWaiRequest env session' key' = do
                     Nothing -> langs''
                     Just x -> x : langs''
    nonce <- case (key', lookup nonceKey session') of
-                (Nothing, _) -> return $ error "You have attempted to use the nonce, but sessions are disabled." -- FIXME maybe this should be handled without an error?
+                (Nothing, _) -> return Nothing
-                (_, Just x) -> return x
+                (_, Just x) -> return $ Just x
                (_, Nothing) -> do
                    g <- newStdGen
-                    return $ fst $ randomString 10 g
+                    return $ Just $ fst $ randomString 10 g
    return $ Request gets' cookies' env langs''' nonce
  where
    randomString len =
--- a/Yesod/Request.hs
+++ b/Yesod/Request.hs
@ -101,7 +101,7 @@ data Request = Request
      -- | Languages which the client supports.
    , reqLangs :: [String]
      -- | A random, session-specific nonce used to prevent CSRF attacks.
-    , reqNonce :: String
+    , reqNonce :: Maybe String
    }
 lookup' :: Eq a => a -> [(a, b)] -> [b]