| Safe Haskell | None |
|---|---|
| Language | Haskell2010 |
Servant.Server.Internal.BasicAuth
Contents
- data BasicAuthResult usr
- = Unauthorized
- | BadPassword
- | NoSuchUser
- | Authorized usr
- newtype BasicAuthCheck usr = BasicAuthCheck {
- unBasicAuthCheck :: BasicAuthData -> IO (BasicAuthResult usr)
- mkBAChallengerHdr :: ByteString -> Header
- decodeBAHdr :: Request -> Maybe BasicAuthData
- runBasicAuth :: Request -> ByteString -> BasicAuthCheck usr -> IO (RouteResult usr)
Basic Auth
data BasicAuthResult usr Source
servant-server's current implementation of basic authentication is not immune to certian kinds of timing attacks. Decoding payloads does not take a fixed amount of time.
The result of authentication/authorization
Constructors
| Unauthorized | |
| BadPassword | |
| NoSuchUser | |
| Authorized usr |
Instances
| Functor BasicAuthResult Source | |
| Eq usr => Eq (BasicAuthResult usr) Source | |
| Read usr => Read (BasicAuthResult usr) Source | |
| Show usr => Show (BasicAuthResult usr) Source | |
| Generic (BasicAuthResult usr) Source | |
| type Rep (BasicAuthResult usr) Source |
newtype BasicAuthCheck usr Source
Datatype wrapping a function used to check authentication.
Constructors
| BasicAuthCheck | |
Fields
| |
Instances
| Functor BasicAuthCheck Source | |
| Generic (BasicAuthCheck usr) Source | |
| type Rep (BasicAuthCheck usr) Source |
mkBAChallengerHdr :: ByteString -> Header Source
Internal method to make a basic-auth challenge
decodeBAHdr :: Request -> Maybe BasicAuthData Source
Find and decode an Authorization header from the request as Basic Auth
runBasicAuth :: Request -> ByteString -> BasicAuthCheck usr -> IO (RouteResult usr) Source
Run and check basic authentication, returning the appropriate http error per the spec.