module Rakka.Resource.CheckAuth
    ( resCheckAuth
    )
    where

import           Network.HTTP.Lucu
import           Rakka.Authorization
import           Rakka.Environment


resCheckAuth :: Environment -> ResourceDef
resCheckAuth env
    = ResourceDef {
        resUsesNativeThread = False
      , resIsGreedy         = False
      , resGet
          = Just $
            do authM <- getAuthorization
               case authM of
                 Just (BasicAuthCredential userID password)
                     -> do valid <- isValidPair (envAuthDB env) userID password
                           if valid then
                               setStatus NoContent
                             else
                               setStatus Forbidden
                 _   -> setStatus Forbidden
      , resHead             = Nothing
      , resPost             = Nothing
      , resPut              = Nothing
      , resDelete           = Nothing
      }