Safe Haskell | None |
---|---|
Language | Haskell2010 |
Implements HTTP Basic Authentication.
This module may add digest authentication in the future.
- basicAuth :: CheckCreds -> AuthSettings -> Middleware
- type CheckCreds = ByteString -> ByteString -> IO Bool
- data AuthSettings
- authRealm :: AuthSettings -> ByteString
- authOnNoAuth :: AuthSettings -> ByteString -> Application
- authIsProtected :: AuthSettings -> Request -> IO Bool
- extractBasicAuth :: ByteString -> Maybe (ByteString, ByteString)
- extractBearerAuth :: ByteString -> Maybe ByteString
Middleware
basicAuth :: CheckCreds -> AuthSettings -> Middleware Source
Perform basic authentication.
basicAuth (\u p -> return $ u == "michael" && p == "mypass") "My Realm"
Since 1.3.4
type CheckCreds = ByteString -> ByteString -> IO Bool Source
Check if a given username and password is valid.
data AuthSettings Source
Basic authentication settings. This value is an instance of
IsString
, so the recommended approach to create a value is to
provide a string literal (which will be the realm) and then
overriding individual fields.
"My Realm" { authIsProtected = someFunc } :: AuthSettings
Since 1.3.4
authRealm :: AuthSettings -> ByteString Source
Since 1.3.4
authOnNoAuth :: AuthSettings -> ByteString -> Application Source
Takes the realm and returns an appropriate 401 response when authentication is not provided.
Since 1.3.4
authIsProtected :: AuthSettings -> Request -> IO Bool Source
Determine if access to the requested resource is restricted.
Default: always returns True
.
Since 1.3.4
Helping functions
extractBasicAuth :: ByteString -> Maybe (ByteString, ByteString) Source
Extract basic authentication data from usually Authorization header value. Returns username and password
Since 3.0.5
extractBearerAuth :: ByteString -> Maybe ByteString Source
Extract bearer authentication data from Authorization header value. Returns bearer token
Since 3.0.5