wai-extra- Provides some basic WAI handlers and middleware.

Safe HaskellNone




Implements HTTP Basic Authentication.

This module may add digest authentication in the future.



basicAuth :: CheckCreds -> AuthSettings -> Middleware Source #

Perform basic authentication.

basicAuth (\u p -> return $ u == "michael" && p == "mypass") "My Realm"

Since: 1.3.4

basicAuth' :: (Request -> CheckCreds) -> AuthSettings -> Middleware Source #

Like basicAuth, but also passes a request to the authentication function.

Since: 3.0.19

type CheckCreds = ByteString -> ByteString -> IO Bool Source #

Check if a given username and password is valid.

data AuthSettings Source #

Basic authentication settings. This value is an instance of IsString, so the recommended approach to create a value is to provide a string literal (which will be the realm) and then overriding individual fields.

"My Realm" { authIsProtected = someFunc } :: AuthSettings

Since: 1.3.4

authOnNoAuth :: AuthSettings -> ByteString -> Application Source #

Takes the realm and returns an appropriate 401 response when authentication is not provided.

Since: 1.3.4

authIsProtected :: AuthSettings -> Request -> IO Bool Source #

Determine if access to the requested resource is restricted.

Default: always returns True.

Since: 1.3.4

Helping functions

extractBasicAuth :: ByteString -> Maybe (ByteString, ByteString) Source #

Extract basic authentication data from usually Authorization header value. Returns username and password

Since: 3.0.5

extractBearerAuth :: ByteString -> Maybe ByteString Source #

Extract bearer authentication data from Authorization header value. Returns bearer token

Since: 3.0.5