password icon indicating copy to clipboard operation
password copied to clipboard
verified publisher icon cdepillabout

Documentation addition for working with JSON

Open Vlix opened this issue 5 years ago • 0 comments

After talking to someone who used password-instances, it's still somewhat annoying to have to make a field Text, just because you want to also use it with ToJSON to send between services. It might be a good idea to give an example to make this more convenient, because they did say they think it's a good idea not to allow Password to be turned into JSON for security's sake.

I think something in the documentation near the JSON instances like the following would make it easier for users to switch between Text and Password within other types:

Instead of:

data LoginForm = LoginForm
  { loginUsername :: UserName
  , loginPassword :: Text
  }

and then changing the loginPassword to Password just before hashing or checking, do the following:

data LoginForm a = LoginForm
  { loginUserName :: UserName
  , loginPassword :: a
  } deriving (Show, Functor)

This way, you can have a ToJSON instance for LoginForm while still using LoginForm Password everywhere in your code, while just doing:

unsafeShowPassword <$> loginForm :: LoginForm Text

just before sending it over the wire, and you can still just get the password straight from JSON because of the FromJSON instance.

Vlix avatar Nov 08 '20 18:11 Vlix