3.1.1 - set atc cookie to SameSiteLax so that we can add links from emails and external sites

stepcut · stepcut · commit a2dbd5264bfb · 2023-11-02T12:11:59.000-05:00
diff --git a/happstack-authenticate.cabal b/happstack-authenticate.cabal
@@ -1,6 +1,6 @@
 Cabal-version:       2.2
 Name:                happstack-authenticate
-Version:             3.1.0
+Version:             3.1.1
 Synopsis:            Happstack Authentication Library
 Description:         A themeable authentication library with support for username+password
 Homepage:            http://www.happstack.com/
@@ -58,6 +58,7 @@ common shared-ghcjs-properties
 Library
   import:              shared-properties
   import:              shared-ghcjs-properties
+  ghc-options:         -Werror=incomplete-patterns
   hs-source-dirs:      src
   if flag(Debug)
     cpp-options: "-DDEBUG_CLIENT"
diff --git a/src/Happstack/Authenticate/Client.hs b/src/Happstack/Authenticate/Client.hs
@@ -459,14 +459,15 @@ extractJWT modelTV jr =
 --            (Just (String tkn)) ->
 --              updateAuthenticateModelFromToken modelTV tkn
             (Just o) ->
-              do debugPrint $  "Got a token, but it is not a string: " ++ show o
+              do debugStrLn $  "Got a token, but it is not a string: " ++ show o
                  case fromJSON o of
                    (Success tkn@(Authenticate.Token u)) ->
                      do debugPrint $  "Got token " ++ show (u :: User)
                         updateAuthenticateModelFromToken modelTV tkn
                    (Error e) ->
                      do debugStrLn $ "fromJSON aa - " ++ e
-        _ -> debugPrint "Could not find a token that is a string"
+            _ -> debugStrLn "Could not find a token that is a string"
+        _ -> debugStrLn "_jrData is not an Object"
 
 updateAuthenticateModelFromToken :: TVar AuthenticateModel -> Authenticate.Token -> IO ()
 updateAuthenticateModelFromToken modelTV (Authenticate.Token u) =
diff --git a/src/Happstack/Authenticate/Handlers.hs b/src/Happstack/Authenticate/Handlers.hs
@@ -36,7 +36,7 @@ import Data.Time                       (UTCTime, addUTCTime, diffUTCTime, getCur
 import Data.Time.Clock.POSIX           (utcTimeToPOSIXSeconds, posixSecondsToUTCTime)
 import Data.UserId                     (UserId(..), rUserId, succUserId, unUserId)
 import Happstack.Authenticate.Core
-import Happstack.Server                (Cookie(httpOnly, sameSite, secure), CookieLife(Session, MaxAge), Happstack, Method(GET, HEAD), SameSite(SameSiteStrict), ServerPartT, Request(rqSecure), Response, addCookie, askRq, expireCookie, getHeaderM, lookCookie, lookCookieValue, method, mkCookie, notFound, resp, toResponseBS)
+import Happstack.Server                (Cookie(httpOnly, sameSite, secure), CookieLife(Session, MaxAge), Happstack, Method(GET, HEAD), SameSite(SameSiteLax), ServerPartT, Request(rqSecure), Response, addCookie, askRq, expireCookie, getHeaderM, lookCookie, lookCookieValue, method, mkCookie, notFound, resp, toResponseBS)
 import GHC.Generics                    (Generic)
 import Prelude                         hiding ((.), id, exp)
 import System.IO                       (IOMode(ReadMode), withFile)
@@ -452,7 +452,7 @@ addTokenCookie :: (Happstack m) =>
 addTokenCookie authenticateState authenticateConfig user =
   do token <- issueToken authenticateState authenticateConfig user
      s <- rqSecure <$> askRq -- FIXME: this isn't that accurate in the face of proxies
-     addCookie (MaxAge (60*60*24*30)) ((mkCookie authCookieName (Text.unpack token)) { sameSite = SameSiteStrict, secure = s, httpOnly = True })
+     addCookie (MaxAge (60*60*24*30)) ((mkCookie authCookieName (Text.unpack token)) { sameSite = SameSiteLax, secure = s, httpOnly = True })
      return ()
 
 -- | delete the `Token` `Cookie`
