servant-auth-token: Servant based API and server for token based authorisation

[ bsd3, library, web ] [ Propose Tags ] [ Report a vulnerability ]
Versions [RSS] 0.1.0.0, 0.1.1.0, 0.1.2.0, 0.2.0.0, 0.2.0.1, 0.3.0.0, 0.3.1.0, 0.3.2.0, 0.4.0.0, 0.4.1.0, 0.4.1.1, 0.4.2.0, 0.4.3.0, 0.4.4.0, 0.4.4.1, 0.4.5.0, 0.4.6.0, 0.4.7.0, 0.4.7.1, 0.5.0.0, 0.5.1.0, 0.5.2.0, 0.5.3.0, 0.5.4.0, 0.5.5.0, 0.5.6.0 (info)
Change log CHANGELOG.md
Dependencies aeson-injector (>=1.0.2 && <1.1), base (>=4.7 && <5), bytestring (>=0.10 && <0.11), containers (>=0.5 && <0.6), mtl (>=2.2 && <2.3), persistent (>=2.2 && <2.3), persistent-postgresql (>=2.2 && <2.3), persistent-template (>=2.1 && <2.2), pwstore-fast (>=2.4 && <2.5), servant-auth-token-api (>=0.1.2 && <0.2), servant-server (>=0.7 && <0.9), text (>=1.2 && <1.3), time (>=1.5 && <1.7), transformers (>=0.4 && <0.6), uuid (>=1.3 && <1.4) [details]
License BSD-3-Clause
Copyright 2016 Anton Gushcha
Author NCrashed
Maintainer ncrashed@gmail.com
Category Web
Home page https://github.com/ncrashed/servant-auth-token#readme
Source repo head: git clone https://github.com/ncrashed/servant-auth-token
Uploaded by NCrashed at 2016-08-03T17:21:01Z
Distributions
Reverse Dependencies 5 direct, 1 indirect [details]
Downloads 14703 total (35 in the last 30 days)
Rating (no votes yet) [estimated by Bayesian average]
Your Rating
  • λ
  • λ
  • λ
Status Docs uploaded by user [build log]
All reported builds failed as of 2016-08-03 [all 1 reports]

Readme for servant-auth-token-0.1.0.0

[back to package description]

servant-auth-token

The repo contains server implementation of servant-auth-toke-api.

How to add to your server

To use the server as constituent part, you need to provide customised 'AuthConfig' for 'authServer' function and implement 'AuthMonad' instance for your handler monad.

import Servant.Server.Auth.Token as Auth

-- | Example of user side configuration
data Config = Config {
  -- | Authorisation specific configuration
  authConfig :: AuthConfig
  -- other fields
  -- ...
}

-- | Example of user side handler monad
newtype App a = App { 
    runApp :: ReaderT Config (ExceptT ServantErr IO) a
  } deriving ( Functor, Applicative, Monad, MonadReader Config,
               MonadError ServantErr, MonadIO)

-- | Now you can use authorisation API in your handler
instance AuthMonad App where 
  getAuthConfig = asks authConfig
  liftAuthAction = App . lift

-- | Include auth 'migrateAll' function into your migration code
doMigrations :: SqlPersistT IO ()
doMigrations = runMigrationUnsafe $ do 
  migrateAll -- other user migrations
  Auth.migrateAll -- creation of authorisation entities
  -- optional creation of default admin if db is empty
  ensureAdmin 17 "admin" "123456" "admin@localhost" 

Now you can use 'guardAuthToken' to check authorisation headers in endpoints of your server:

-- | Read a single customer from DB
customerGet :: CustomerId -- ^ Customer unique id
  -> MToken '["customer-read"] -- ^ Required permissions for auth token
  -> App Customer -- ^ Customer data
customerGet i token = do
  guardAuthToken token 
  runDB404 "customer" $ getCustomer i