servant-auth-token: Servant based API and server for token based authorisation

[ bsd3, library, web ] [ Propose Tags ]

Please see

[Skip to Readme]
Versions [faq],,,,,,,,,,,,,,,,,,,,,,,,, (info)
Change log
Dependencies aeson-injector (>=1.0.4 && <1.1), base (>=4.7 && <5), bytestring (==0.10.*), containers (==0.5.*), mtl (==2.2.*), pwstore-fast (==2.4.*), servant-auth-token-api (==0.4.*), servant-server (==0.9.*), text (==1.2.*), time (>=1.5 && <1.7), transformers (>=0.4 && <0.6), uuid (==1.3.*) [details]
License BSD-3-Clause
Copyright 2016 Anton Gushcha
Author NCrashed
Category Web
Home page
Source repo head: git clone
Uploaded by NCrashed at Mon Feb 13 16:28:18 UTC 2017
Distributions NixOS:
Downloads 10336 total (797 in the last 30 days)
Rating (no votes yet) [estimated by Bayesian average]
Your Rating
  • λ
  • λ
  • λ
Status Hackage Matrix CI
Docs available [build log]
Last success reported on 2017-02-13 [all 1 reports]




Maintainer's Corner

For package maintainers and hackage trustees

Readme for servant-auth-token-

[back to package description]


Build Status

The repo contains server implementation of servant-auth-token-api.

How to add to your server

At the moment you have two options for backend storage:

  • persistent backend - persistent backend, simple to integrate with your app.

  • acid-state backend - acid-state backend is light solution for in memory storage, but it is more difficult to integrate it with your app.

  • Possible candidates for other storage backends: VCache, leveldb, JSON files. To see how to implement them, see HasStorage type class.

Now you can use 'guardAuthToken' to check authorization headers in endpoints of your server:

-- | Read a single customer from DB
customerGet :: CustomerId -- ^ Customer unique id
  -> MToken '["customer-read"] -- ^ Required permissions for auth token
  -> ServerM Customer -- ^ Customer data
customerGet i token = do
  guardAuthToken token
  runDB404 "customer" $ getCustomer i