// Given the following functions:
// tryGetUser: string -> Async<User option>
// isPwdValid: string -> User -> bool
// authorize: User -> Async<Result<unit, AuthError>>
// createAuthToken: User -> Result<AuthToken, TokenError>
type LoginError = InvalidUser | InvalidPwd | Unauthorized of AuthError | TokenErr of TokenError
let login (username: string) (password: string) : Async<Result<AuthToken, LoginError>> =
// requireSome unwraps a Some value or gives the specified error if None
let! user = username |> tryGetUser |> AsyncResult.requireSome InvalidUser
// requireTrue gives the specified error if false
do! user |> isPwdValid password |> Result.requireTrue InvalidPwd
// Error value is wrapped/transformed (Unauthorized has signature AuthError -> LoginError)
do! user |> authorize |> AsyncResult.mapError Unauthorized
// Same as above, but synchronous, so we use the built-in mapError
return! user |> createAuthToken |> Result.mapError TokenErr