Safe Haskell | None |
---|---|
Language | Haskell2010 |
- data IsMatch
- data IsPasswordCorrect
- data SameSite
- data JWTSettings = JWTSettings {
- signingKey :: JWK
- jwtAlg :: Maybe Alg
- validationKeys :: JWKSet
- audienceMatches :: StringOrURI -> IsMatch
- defaultJWTSettings :: JWK -> JWTSettings
- data CookieSettings = CookieSettings {
- cookieIsSecure :: !IsSecure
- cookieMaxAge :: !(Maybe DiffTime)
- cookieExpires :: !(Maybe UTCTime)
- cookiePath :: !(Maybe ByteString)
- cookieSameSite :: !SameSite
- sessionCookieName :: !ByteString
- cookieXsrfSetting :: !(Maybe XsrfCookieSettings)
- defaultCookieSettings :: CookieSettings
- data XsrfCookieSettings = XsrfCookieSettings {}
- defaultXsrfCookieSettings :: XsrfCookieSettings
- jwtSettingsToJwtValidationSettings :: JWTSettings -> JWTValidationSettings
- data IsSecure :: *
Documentation
data IsPasswordCorrect Source #
data JWTSettings Source #
JWTSettings
are used to generate cookies, and to verify JWTs.
JWTSettings | |
|
Generic JWTSettings Source # | |
type Rep JWTSettings Source # | |
defaultJWTSettings :: JWK -> JWTSettings Source #
A JWTSettings
where the audience always matches.
data CookieSettings Source #
The policies to use when generating cookies.
If *both* cookieMaxAge
and cookieExpires
are Nothing
, browsers will
treat the cookie as a *session cookie*. These will be deleted when the
browser is closed.
Note that having the setting Secure
may cause testing failures if you are
not testing over HTTPS.
CookieSettings | |
|
data XsrfCookieSettings Source #
The policies to use when generating and verifying XSRF cookies
XsrfCookieSettings | |
|
Was this request made over an SSL connection?
Note that this value will not tell you if the client originally
made this request over SSL, but rather whether the current
connection is SSL. The distinction lies with reverse proxies.
In many cases, the client will connect to a load balancer over SSL,
but connect to the WAI handler without SSL. In such a case,
the handlers would get NotSecure
, but from a user perspective,
there is a secure connection.