servant-auth-token: Servant based API and server for token based authorisation
Modules
[Index]
Downloads
- servant-auth-token-0.2.0.0.tar.gz [browse] (Cabal source package)
- Package description (as included in the package)
Maintainer's Corner
For package maintainers and hackage trustees
Candidates
- No Candidates
| Versions [RSS] | 0.1.0.0, 0.1.1.0, 0.1.2.0, 0.2.0.0, 0.2.0.1, 0.3.0.0, 0.3.1.0, 0.3.2.0, 0.4.0.0, 0.4.1.0, 0.4.1.1, 0.4.2.0, 0.4.3.0, 0.4.4.0, 0.4.4.1, 0.4.5.0, 0.4.6.0, 0.4.7.0, 0.4.7.1, 0.5.0.0, 0.5.1.0, 0.5.2.0, 0.5.3.0, 0.5.4.0, 0.5.5.0, 0.5.6.0 (info) |
|---|---|
| Change log | CHANGELOG.md |
| Dependencies | aeson-injector (>=1.0.4 && <1.1), base (>=4.7 && <5), bytestring (>=0.10 && <0.11), containers (>=0.5 && <0.6), mtl (>=2.2 && <2.3), persistent (>=2.2 && <2.3), persistent-postgresql (>=2.2 && <2.3), persistent-template (>=2.1 && <2.2), pwstore-fast (>=2.4 && <2.5), servant-auth-token-api (>=0.2.0 && <0.3), servant-server (>=0.7 && <0.9), text (>=1.2 && <1.3), time (>=1.5 && <1.7), transformers (>=0.4 && <0.6), uuid (>=1.3 && <1.4) [details] |
| License | BSD-3-Clause |
| Copyright | 2016 Anton Gushcha |
| Author | NCrashed |
| Maintainer | ncrashed@gmail.com |
| Category | Web |
| Home page | https://github.com/ncrashed/servant-auth-token#readme |
| Source repo | head: git clone https://github.com/ncrashed/servant-auth-token |
| Uploaded | by NCrashed at 2016-08-08T21:53:34Z |
| Distributions | |
| Reverse Dependencies | 5 direct, 1 indirect [details] |
| Downloads | 14349 total (65 in the last 30 days) |
| Rating | (no votes yet) [estimated by Bayesian average] |
| Your Rating | |
| Status | Docs uploaded by user [build log] All reported builds failed as of 2016-08-08 [all 1 reports] |
Readme for servant-auth-token-0.2.0.0
[back to package description]servant-auth-token
The repo contains server implementation of servant-auth-toke-api.
How to add to your server
To use the server as constituent part, you need to provide customised 'AuthConfig' for 'authServer' function and implement 'AuthMonad' instance for your handler monad.
import Servant.Server.Auth.Token as Auth
-- | Example of user side configuration
data Config = Config {
-- | Authorisation specific configuration
authConfig :: AuthConfig
-- other fields
-- ...
}
-- | Example of user side handler monad
newtype App a = App {
runApp :: ReaderT Config (ExceptT ServantErr IO) a
} deriving ( Functor, Applicative, Monad, MonadReader Config,
MonadError ServantErr, MonadIO)
-- | Now you can use authorisation API in your handler
instance AuthMonad App where
getAuthConfig = asks authConfig
liftAuthAction = App . lift
-- | Include auth 'migrateAll' function into your migration code
doMigrations :: SqlPersistT IO ()
doMigrations = runMigrationUnsafe $ do
migrateAll -- other user migrations
Auth.migrateAll -- creation of authorisation entities
-- optional creation of default admin if db is empty
ensureAdmin 17 "admin" "123456" "admin@localhost"
Now you can use 'guardAuthToken' to check authorisation headers in endpoints of your server:
-- | Read a single customer from DB
customerGet :: CustomerId -- ^ Customer unique id
-> MToken '["customer-read"] -- ^ Required permissions for auth token
-> App Customer -- ^ Customer data
customerGet i token = do
guardAuthToken token
runDB404 "customer" $ getCustomer i