Safe Haskell | Safe-Inferred |
---|---|
Language | Haskell2010 |
Combinators for guarding Servant handlers with authentication and authorization
Synopsis
- class AuthEndpointParam param where
- authEndpointUser :: param
- authEndpointAdmin :: param
- authorizeEndpoint :: forall i param p r a. Show (AuthedAccount i p) => AuthEndpoint i param p r => param -> (AuthedAccount i p -> Sem r a) -> AuthResult (AuthedAccount i p) -> Sem r a
- accountOnly :: forall i param p r a. Show (AuthedAccount i p) => AuthEndpoint i param p r => (AuthedAccount i p -> Sem r a) -> AuthResult (AuthedAccount i p) -> Sem r a
- accountOnly_ :: forall i param p r a. Show (AuthedAccount i p) => AuthEndpoint i param p r => Sem r a -> AuthResult (AuthedAccount i p) -> Sem r a
- accountOnly1 :: forall i param p r a b. Show (AuthedAccount i p) => AuthEndpoint i param p r => (AuthedAccount i p -> a -> Sem r b) -> AuthResult (AuthedAccount i p) -> a -> Sem r b
- accountOnly1_ :: forall i param p r a b. Show (AuthedAccount i p) => AuthEndpoint i param p r => (a -> Sem r b) -> AuthResult (AuthedAccount i p) -> a -> Sem r b
- accountOnly2 :: forall i param p r a b c. Show (AuthedAccount i p) => AuthEndpoint i param p r => (AuthedAccount i p -> a -> b -> Sem r c) -> AuthResult (AuthedAccount i p) -> a -> b -> Sem r c
- accountOnly2_ :: forall i param p r a b c. Show (AuthedAccount i p) => AuthEndpoint i param p r => (a -> b -> Sem r c) -> AuthResult (AuthedAccount i p) -> a -> b -> Sem r c
- adminOnly :: forall i param p r a. Show (AuthedAccount i p) => AuthEndpoint i param p r => (AuthedAccount i p -> Sem r a) -> AuthResult (AuthedAccount i p) -> Sem r a
- adminOnly_ :: forall i param p r a. Show (AuthedAccount i p) => AuthEndpoint i param p r => Sem r a -> AuthResult (AuthedAccount i p) -> Sem r a
- adminOnly1 :: forall i param p r a b. Show (AuthedAccount i p) => AuthEndpoint i param p r => (AuthedAccount i p -> a -> Sem r b) -> AuthResult (AuthedAccount i p) -> a -> Sem r b
- adminOnly1_ :: forall i param p r a b. Show (AuthedAccount i p) => AuthEndpoint i param p r => (a -> Sem r b) -> AuthResult (AuthedAccount i p) -> a -> Sem r b
- adminOnly2 :: forall i param p r a b c. Show (AuthedAccount i p) => AuthEndpoint i param p r => (AuthedAccount i p -> a -> b -> Sem r c) -> AuthResult (AuthedAccount i p) -> a -> b -> Sem r c
- adminOnly2_ :: forall i param p r a b c. Show (AuthedAccount i p) => AuthEndpoint i param p r => (a -> b -> Sem r c) -> AuthResult (AuthedAccount i p) -> a -> b -> Sem r c
Documentation
class AuthEndpointParam param where Source #
Basic values for describing the requirements of an endpoint for either "any user" or "admin".
authEndpointUser :: param Source #
authEndpointAdmin :: param Source #
Instances
authorizeEndpoint :: forall i param p r a. Show (AuthedAccount i p) => AuthEndpoint i param p r => param -> (AuthedAccount i p -> Sem r a) -> AuthResult (AuthedAccount i p) -> Sem r a Source #
Wrap an authenticated handler function with an authorization check.
Sends the account information and given endpoint param to the Authorize
effect if the authentication material is
valid.
accountOnly :: forall i param p r a. Show (AuthedAccount i p) => AuthEndpoint i param p r => (AuthedAccount i p -> Sem r a) -> AuthResult (AuthedAccount i p) -> Sem r a Source #
Require that the authentication material belongs to an active account.
accountOnly_ :: forall i param p r a. Show (AuthedAccount i p) => AuthEndpoint i param p r => Sem r a -> AuthResult (AuthedAccount i p) -> Sem r a Source #
Require that the authentication material belongs to an active account.
accountOnly1 :: forall i param p r a b. Show (AuthedAccount i p) => AuthEndpoint i param p r => (AuthedAccount i p -> a -> Sem r b) -> AuthResult (AuthedAccount i p) -> a -> Sem r b Source #
Require that the authentication material belongs to an active account.
accountOnly1_ :: forall i param p r a b. Show (AuthedAccount i p) => AuthEndpoint i param p r => (a -> Sem r b) -> AuthResult (AuthedAccount i p) -> a -> Sem r b Source #
Require that the authentication material belongs to an active account.
accountOnly2 :: forall i param p r a b c. Show (AuthedAccount i p) => AuthEndpoint i param p r => (AuthedAccount i p -> a -> b -> Sem r c) -> AuthResult (AuthedAccount i p) -> a -> b -> Sem r c Source #
Require that the authentication material belongs to an active account.
accountOnly2_ :: forall i param p r a b c. Show (AuthedAccount i p) => AuthEndpoint i param p r => (a -> b -> Sem r c) -> AuthResult (AuthedAccount i p) -> a -> b -> Sem r c Source #
Require that the authentication material belongs to an active account.
adminOnly :: forall i param p r a. Show (AuthedAccount i p) => AuthEndpoint i param p r => (AuthedAccount i p -> Sem r a) -> AuthResult (AuthedAccount i p) -> Sem r a Source #
Require that the authentication material belongs to an active admin account.
adminOnly_ :: forall i param p r a. Show (AuthedAccount i p) => AuthEndpoint i param p r => Sem r a -> AuthResult (AuthedAccount i p) -> Sem r a Source #
Require that the authentication material belongs to an active admin account.
adminOnly1 :: forall i param p r a b. Show (AuthedAccount i p) => AuthEndpoint i param p r => (AuthedAccount i p -> a -> Sem r b) -> AuthResult (AuthedAccount i p) -> a -> Sem r b Source #
Require that the authentication material belongs to an active admin account.
adminOnly1_ :: forall i param p r a b. Show (AuthedAccount i p) => AuthEndpoint i param p r => (a -> Sem r b) -> AuthResult (AuthedAccount i p) -> a -> Sem r b Source #
Require that the authentication material belongs to an active admin account.
adminOnly2 :: forall i param p r a b c. Show (AuthedAccount i p) => AuthEndpoint i param p r => (AuthedAccount i p -> a -> b -> Sem r c) -> AuthResult (AuthedAccount i p) -> a -> b -> Sem r c Source #
Require that the authentication material belongs to an active admin account.
adminOnly2_ :: forall i param p r a b c. Show (AuthedAccount i p) => AuthEndpoint i param p r => (a -> b -> Sem r c) -> AuthResult (AuthedAccount i p) -> a -> b -> Sem r c Source #
Require that the authentication material belongs to an active admin account.