I'm trying to using Yesod as mobile application's API backend and have chosen to use bearer JWTs to handle authentication and authorization. I've overridden maybeAuthId so that Yesod.Auth accepts (or rejects) the JWTs just fine. However, I can't figure out how to get the auth plugins to return a token to the client instead of its default behavior of storing the AuthId in the client session and redirecting the client. Is there anyway to alter the default auth plugin flow to have it return a token to the client instead?
Update: I've dug around in the docs and source code for a bit and have a better idea of how the auth plugins work now: Auth plugins internally call setCredsRedirect to set the session and do the callback onLogin. The problem with using onLogin is that Creds are not accessible from inside that function. My only other idea for a solution is to edit the authenticate function to respond with the JWT.
