servant-server-0.7: A family of combinators for defining webservices APIs and serving them

Safe HaskellNone




Basic Auth

data BasicAuthResult usr Source

servant-server's current implementation of basic authentication is not immune to certian kinds of timing attacks. Decoding payloads does not take a fixed amount of time.

The result of authentication/authorization

newtype BasicAuthCheck usr Source

Datatype wrapping a function used to check authentication.

mkBAChallengerHdr :: ByteString -> Header Source

Internal method to make a basic-auth challenge

decodeBAHdr :: Request -> Maybe BasicAuthData Source

Find and decode an Authorization header from the request as Basic Auth

runBasicAuth :: Request -> ByteString -> BasicAuthCheck usr -> DelayedIO usr Source

Run and check basic authentication, returning the appropriate http error per the spec.