Safe Haskell | Safe-Inferred |
---|---|
Language | Haskell2010 |
Synopsis
- data BasicAuthResult usr
- = Unauthorized
- | BadPassword
- | NoSuchUser
- | Authorized usr
- newtype BasicAuthCheck usr = BasicAuthCheck {
- unBasicAuthCheck :: BasicAuthData -> IO (BasicAuthResult usr)
- mkBAChallengerHdr :: ByteString -> Header
- decodeBAHdr :: Request -> Maybe BasicAuthData
- runBasicAuth :: Request -> ByteString -> BasicAuthCheck usr -> DelayedIO usr
Basic Auth
data BasicAuthResult usr Source #
servant-server's current implementation of basic authentication is not immune to certain kinds of timing attacks. Decoding payloads does not take a fixed amount of time.
The result of authentication/authorization
Instances
newtype BasicAuthCheck usr Source #
Datatype wrapping a function used to check authentication.
BasicAuthCheck | |
|
Instances
Functor BasicAuthCheck Source # | |
Defined in Servant.Server.Internal.BasicAuth fmap :: (a -> b) -> BasicAuthCheck a -> BasicAuthCheck b # (<$) :: a -> BasicAuthCheck b -> BasicAuthCheck a # | |
Generic (BasicAuthCheck usr) Source # | |
Defined in Servant.Server.Internal.BasicAuth type Rep (BasicAuthCheck usr) :: Type -> Type # from :: BasicAuthCheck usr -> Rep (BasicAuthCheck usr) x # to :: Rep (BasicAuthCheck usr) x -> BasicAuthCheck usr # | |
type Rep (BasicAuthCheck usr) Source # | |
Defined in Servant.Server.Internal.BasicAuth type Rep (BasicAuthCheck usr) = D1 ('MetaData "BasicAuthCheck" "Servant.Server.Internal.BasicAuth" "servant-server-0.20-Ke8t2mWvR03Cf4fvKIQLiS" 'True) (C1 ('MetaCons "BasicAuthCheck" 'PrefixI 'True) (S1 ('MetaSel ('Just "unBasicAuthCheck") 'NoSourceUnpackedness 'NoSourceStrictness 'DecidedLazy) (Rec0 (BasicAuthData -> IO (BasicAuthResult usr))))) |
mkBAChallengerHdr :: ByteString -> Header Source #
Internal method to make a basic-auth challenge
decodeBAHdr :: Request -> Maybe BasicAuthData Source #
Find and decode an Authorization
header from the request as Basic Auth
runBasicAuth :: Request -> ByteString -> BasicAuthCheck usr -> DelayedIO usr Source #
Run and check basic authentication, returning the appropriate http error per the spec.