Safe Haskell | None |
---|
- authSessCfg :: AuthCfg sess -> SessionCfg (VisitorSession sess userId)
- data AuthCfg sess = AuthCfg {
- ac_sessionTTL :: NominalDiffTime
- ac_emptySession :: sess
- writeSessionData :: sess -> SpockAction conn (VisitorSession sess userId) st ()
- readSessionData :: SpockAction conn (VisitorSession sess userId) st sess
- modifySessionData :: (sess -> sess) -> SpockAction conn (VisitorSession sess userId) st ()
- data VisitorSession sess userId
- data NoAccessReason
- type NoAccessHandler conn sess userId st = NoAccessReason -> SpockAction conn (VisitorSession sess userId) st ()
- type LoadUserFun conn sess userId st user = userId -> SpockAction conn (VisitorSession sess userId) st (Maybe user)
- type CheckRightsFun conn sess userId st user = user -> [UserRights] -> SpockAction conn (VisitorSession sess userId) st Bool
- type UserRights = Text
- markAsLoggedIn :: userId -> SpockAction conn (VisitorSession sess userId) st ()
- markAsGuest :: SpockAction conn (VisitorSession sess userId) st ()
- userRoute :: NoAccessHandler conn sess userId st -> LoadUserFun conn sess userId st user -> CheckRightsFun conn sess userId st user -> StdMethod -> [UserRights] -> Text -> (user -> SpockAction conn (VisitorSession sess userId) st ()) -> SpockM conn (VisitorSession sess userId) st ()
Initialisation helpers
authSessCfg :: AuthCfg sess -> SessionCfg (VisitorSession sess userId)Source
Plug this into the spock
function to create SessionCfg
Configuration
AuthCfg | |
|
Handeling custom session data
writeSessionData :: sess -> SpockAction conn (VisitorSession sess userId) st ()Source
Replacement for writeSession
readSessionData :: SpockAction conn (VisitorSession sess userId) st sessSource
Replacement for readSession
modifySessionData :: (sess -> sess) -> SpockAction conn (VisitorSession sess userId) st ()Source
Replacement for modifySession
Access control
data VisitorSession sess userId Source
(Eq sess, Eq userId) => Eq (VisitorSession sess userId) | |
(Show sess, Show userId) => Show (VisitorSession sess userId) |
data NoAccessReason Source
Describes why access was denied to a user
type NoAccessHandler conn sess userId st = NoAccessReason -> SpockAction conn (VisitorSession sess userId) st ()Source
Define what happens to non-authorized requests
type LoadUserFun conn sess userId st user = userId -> SpockAction conn (VisitorSession sess userId) st (Maybe user)Source
How should a session be transformed into a user? Can access the database using runQuery
type CheckRightsFun conn sess userId st user = user -> [UserRights] -> SpockAction conn (VisitorSession sess userId) st BoolSource
What rights does the current user have? Can access the database using runQuery
type UserRights = TextSource
Assign the current session roles/permission, eg. admin or user
markAsLoggedIn :: userId -> SpockAction conn (VisitorSession sess userId) st ()Source
Mark current visitor as logged in
markAsGuest :: SpockAction conn (VisitorSession sess userId) st ()Source
Mark current visitor as guest
userRoute :: NoAccessHandler conn sess userId st -> LoadUserFun conn sess userId st user -> CheckRightsFun conn sess userId st user -> StdMethod -> [UserRights] -> Text -> (user -> SpockAction conn (VisitorSession sess userId) st ()) -> SpockM conn (VisitorSession sess userId) st ()Source
Before the request is performed, you can check if the signed in user has permissions to
view the contents of the request. You may want to define a helper function that
proxies this function to not pass around NoAccessHandler
, LoadUserFun
and CheckRightsFun
all the time.
Example:
type MyWebMonad a = SpockAction Connection (VisitorSession () UserId) () a newtype MyUser = MyUser { unMyUser :: T.Text } http403 msg = do status Http.status403 text (show msg) login :: Http.StdMethod -> [UserRights] -> RoutePattern -> (MyUser -> MyWebMonad ()) -> MyWebMonad () login = userRoute http403 myLoadUser myCheckRights