postgrest-6.0.0: REST API for any Postgres database

Safe HaskellNone



This module provides functions to deal with the JWT authorization ( It also can be used to define other authorization functions, in the future Oauth, LDAP and similar integrations can be coded here.

Authentication should always be implemented in an external service. In the test suite there is an example of simple login function that can be used for a very simple authentication system inside the PostgreSQL database.



containsRole :: JWTAttempt -> Bool Source #

Whether a response from jwtClaims contains a role claim

jwtClaims :: Maybe JWKSet -> Maybe StringOrURI -> LByteString -> UTCTime -> Maybe JSPath -> IO JWTAttempt Source #

Receives the JWT secret and audience (from config) and a JWT and returns a map of JWT claims.

data JWTAttempt Source #

Possible situations encountered with client JWTs

Eq JWTAttempt Source # 
Instance details

Defined in PostgREST.Auth

Show JWTAttempt Source # 
Instance details

Defined in PostgREST.Auth

parseSecret :: ByteString -> JWKSet Source #

Parse `jwt-secret` configuration option and turn into a JWKSet.

There are three ways to specify `jwt-secret`: text secret, JSON Web Key (JWK), or JSON Web Key Set (JWKS). The first two are converted into a JWKSet with one key and the last is converted as is.