servant-auth- Authentication combinators for servant

Safe HaskellNone





data Auth (auths :: [*]) val Source #

Auth [auth1, auth2] val :> api represents an API protected *either* by auth1 or auth2


data JWT Source #

A JSON Web Token (JWT) in the the Authorization header:

Authorization: Bearer token

Note that while the token is signed, it is not encrypted. Therefore do not keep in it any information you would not like the client to know.

JWTs are described in IETF's RFC 7519

data Cookie Source #

A cookie. The content cookie itself is a JWT. Another cookie is also used, the contents of which are expected to be send back to the server in a header, for XSRF protection.

data BasicAuth Source #

Basic Auth.

data FormLogin form Source #

Login via a form.