Safe Haskell	None
Language	Haskell2010

Web.Users.Types

Contents

The core type class
User representation
Token types
Error types

Synopsis

The core type class

class (Show (UserId b), Eq (UserId b), ToJSON (UserId b), FromJSON (UserId b), Typeable (UserId b), PathPiece (UserId b)) => UserStorageBackend b where Source

An abstract backend for managing users. A backend library should implement the interface and an end user should build applications on top of this interface.

Minimal complete definition

initUserBackend, destroyUserBackend, housekeepBackend, getUserById, listUsers, countUsers, createUser, updateUser, deleteUser, authUser, verifySession, destroySession, requestPasswordReset, verifyPasswordResetToken, applyNewPassword, requestActivationToken, activateUser

Associated Types

type UserId b :: * Source

The storage backends userid

Methods

initUserBackend :: b -> IO () Source

Initialise the backend. Call once on application launch to for example create missing database tables

destroyUserBackend :: b -> IO () Source

Destory the backend. WARNING: This is only for testing! It deletes all tables and data.

housekeepBackend :: b -> IO () Source

This cleans up invalid sessions and other tokens. Call periodically as needed.

getUserById :: (FromJSON a, ToJSON a) => b -> UserId b -> IO (Maybe (User a)) Source

Retrieve a user from the database

listUsers :: (FromJSON a, ToJSON a) => b -> Maybe (Int64, Int64) -> IO [(UserId b, User a)] Source

List all users (unlimited, or limited)

countUsers :: b -> IO Int64 Source

Count all users

createUser :: (FromJSON a, ToJSON a) => b -> User a -> IO (Either CreateUserError (UserId b)) Source

Create a user

updateUser :: (FromJSON a, ToJSON a) => b -> UserId b -> (User a -> User a) -> IO (Either UpdateUserError ()) Source

Modify a user

updateUserDetails :: (FromJSON a, ToJSON a) => b -> UserId b -> (a -> a) -> IO () Source

Modify details of a user

deleteUser :: b -> UserId b -> IO () Source

Delete a user

authUser :: b -> Text -> PasswordPlain -> NominalDiffTime -> IO (Maybe SessionId) Source

Authentificate a user using username/email and password. The NominalDiffTime describes the session duration

verifySession :: b -> SessionId -> NominalDiffTime -> IO (Maybe (UserId b)) Source

Verify a SessionId. The session duration can be extended by NominalDiffTime

destroySession :: b -> SessionId -> IO () Source

Destroy a session

requestPasswordReset :: b -> UserId b -> NominalDiffTime -> IO PasswordResetToken Source

Request a PasswordResetToken for a given user, valid for NominalDiffTime

verifyPasswordResetToken :: (FromJSON a, ToJSON a) => b -> PasswordResetToken -> IO (Maybe (User a)) Source

Check if a PasswordResetToken is still valid and retrieve the owner of it

applyNewPassword :: b -> PasswordResetToken -> Password -> IO (Either TokenError ()) Source

Apply a new password to the owner of PasswordResetToken iff the token is still valid

requestActivationToken :: b -> UserId b -> NominalDiffTime -> IO ActivationToken Source

Request an ActivationToken for a given user, valid for NominalDiffTime

activateUser :: b -> ActivationToken -> IO (Either TokenError ()) Source

Activate the owner of ActivationToken iff the token is still valid

User representation

data User a Source

Core user datatype. Store custom information in the u_more field

Constructors

User
Fields u_name :: !Text u_email :: !Text u_password :: !Password u_active :: !Bool u_more :: !a

Instances

Eq a => Eq (User a)
Show a => Show (User a)
ToJSON a => ToJSON (User a)
FromJSON a => FromJSON (User a)
Typeable (* -> *) User

data Password Source

Password representation. When updating or creating a user, use makePassword to create one. The implementation details of this type are ONLY for use in backend implementations.

Constructors

PasswordHash !Text
PasswordHidden

Instances

Eq Password
Show Password
Typeable * Password

makePassword :: PasswordPlain -> Password Source

Construct a password from plaintext by hashing it

hidePassword :: User a -> User a Source

Strip the password from the user type.

newtype PasswordPlain Source

Plaintext passsword. Used for authentification.

Constructors

PasswordPlain
Fields unPasswordPlain :: Text

Instances

Eq PasswordPlain
Show PasswordPlain
IsString PasswordPlain
Typeable * PasswordPlain

verifyPassword :: PasswordPlain -> Password -> Bool Source

Check a plaintext password against a password

Token types

newtype PasswordResetToken Source

A password reset token to send out to users via email or sms

Constructors

PasswordResetToken
Fields unPasswordResetToken :: Text

Instances

Eq PasswordResetToken
Show PasswordResetToken
ToJSON PasswordResetToken
FromJSON PasswordResetToken
PathPiece PasswordResetToken
Typeable * PasswordResetToken

newtype ActivationToken Source

An activation token to send out to users via email or sms

Constructors

ActivationToken
Fields unActivationToken :: Text

Instances

Eq ActivationToken
Show ActivationToken
ToJSON ActivationToken
FromJSON ActivationToken
PathPiece ActivationToken
Typeable * ActivationToken

newtype SessionId Source

A session id for identifying user sessions

Constructors

SessionId
Fields unSessionId :: Text

Instances

Eq SessionId
Show SessionId
ToJSON SessionId
FromJSON SessionId
PathPiece SessionId
Typeable * SessionId

Error types

data CreateUserError Source

Errors that happen on storage level during user creation

Constructors

UsernameOrEmailAlreadyTaken
InvalidPassword

Instances

Eq CreateUserError
Show CreateUserError

data UpdateUserError Source

Errors that happen on storage level during user updating

Constructors

UsernameOrEmailAlreadyExists
UserDoesntExit

Instances

Eq UpdateUserError
Show UpdateUserError

data TokenError Source

Errors that happen on storage level during token actions

Constructors

TokenInvalid

Instances

Eq TokenError
Show TokenError