diff options
Diffstat (limited to 'SessionID.hs')
-rw-r--r-- | SessionID.hs | 23 |
1 files changed, 12 insertions, 11 deletions
diff --git a/SessionID.hs b/SessionID.hs index 3827e1d..d643a28 100644 --- a/SessionID.hs +++ b/SessionID.hs @@ -11,13 +11,13 @@ module SessionID ( import Serialization import System.FilePath -import Data.Text import System.IO import System.Directory import Network.Wai.Handler.Warp (Port) import Network.WebSockets hiding (Message) import qualified Data.Aeson import Data.Maybe +import Data.List import Data.UUID import Data.UUID.V4 @@ -31,21 +31,22 @@ instance FromJSON SessionID instance WebSocketsData SessionID where -- fromDataMessage = fromLazyByteString . fromDataMessage - fromLazyByteString = fromMaybe (error "bad SessionID") . Data.Aeson.decode + fromLazyByteString b = + -- Down't trust a legal SessionID to be deserialized; + -- use smart constructor to verify it's legal. + let SessionID unverified = fromMaybe (error "bad SessionID serialization") (Data.Aeson.decode b) + in fromMaybe (error "illegal SessionID") (mkSessionID unverified) toLazyByteString = Data.Aeson.encode -- | Smart constructor that enforces legal SessionID contents. -- --- The passed Text can either be the bare SessionID, or it can be an URL +-- The passed String can either be the bare SessionID, or it can be an URL -- which ends with the SessionID. -mkSessionID :: Text -> Maybe SessionID -mkSessionID t = - let s = unpack t - in if "http" `isPrefixOf` t - then Just $ SessionID $ takeFileName s - else if takeFileName s == s - then Just $ SessionID s - else Nothing +mkSessionID :: String -> Maybe SessionID +mkSessionID s + | "http" `isPrefixOf` s = Just $ SessionID $ takeFileName s + | takeFileName s == s = Just $ SessionID s + | otherwise = Nothing sessionLogFile :: FilePath -> SessionID -> FilePath sessionLogFile dir (SessionID f) = dir </> "debug-me." ++ f ++ ".log" |