wai-middleware-auth: Authentication middleware that secures WAI application

[ library, mit, program, web ] [ Propose Tags ]

See README


[Skip to Readme]
Versions [faq] 0.1.0.0, 0.1.1.0, 0.1.1.1, 0.1.1.2, 0.1.2.0, 0.1.2.1, 0.2.0.0, 0.2.1.0
Change log CHANGELOG.md
Dependencies aeson, base (>=4.7 && <5), base64-bytestring, binary, blaze-builder, blaze-html, bytestring, case-insensitive, cereal, clientsession, cookie, exceptions, hoauth2 (>=0.5.0 && <1.11), http-client, http-client-tls, http-conduit, http-reverse-proxy, http-types, optparse-simple, regex-posix, safe-exceptions, shakespeare, text, unix-compat, unordered-containers, uri-bytestring, vault, wai (>=3.0 && <4), wai-app-static, wai-extra (>=3.0.7), wai-middleware-auth, warp, yaml [details]
License MIT
Author Alexey Kuleshevich
Maintainer alexey@fpcomplete.com
Revised Revision 1 made by lehins at Sun Feb 2 17:29:41 UTC 2020
Category Web
Source repo head: git clone https://github.com/fpco/wai-middleware-auth
Uploaded by lehins at Wed Jul 12 09:01:40 UTC 2017
Distributions LTSHaskell:0.1.2.1, NixOS:0.2.1.0, Stackage:0.1.2.1
Executables wai-auth
Downloads 3626 total (218 in the last 30 days)
Rating 2.0 (votes: 1) [estimated by Bayesian average]
Your Rating
  • λ
  • λ
  • λ
Status Hackage Matrix CI
Docs available [build log]
Last success reported on 2017-07-12 [all 1 reports]

Modules

[Index]

Downloads

Note: This package has metadata revisions in the cabal description newer than included in the tarball. To unpack the package including the revisions, use 'cabal get'.

Maintainer's Corner

For package maintainers and hackage trustees


Readme for wai-middleware-auth-0.1.2.1

[back to package description]

wai-middleware-auth

Middleware that secures WAI application

Installation

$ stack install wai-middleware-auth

OR

$ cabal install wai-middleware-auth

wai-auth

Along with middleware this package ships with an executbale wai-auth, which can function as a protected file server or a reverse proxy. Right from the box it supports OAuth2 authentication as well as it's custom implementations for Google and Github.

Configuration is done using a yaml config file. Here is a sample file that will configure wai-auth to run a file server with google and github authentication on http://localhost:3000:

app_root: "_env:APPROOT:http://localhost:3000"
app_port: 3000
cookie_age: 3600
secret_key: "...+vwscbKR4DyPT"
file_server:
  root_folder: "/path/to/html/files"
  redirect_to_index: true
  add_trailing_slash: true
providers:
  github:
    client_id: "...94cc"
    client_secret: "...166f"
    app_name: "Dev App for wai-middleware-auth"
    email_white_list:
      - "^[a-zA-Z0-9._%+-]+@example.com$"
  google:
    client_id: "...qlj.apps.googleusercontent.com"
    client_secret: "...oxW"
    email_white_list:
      - "^[a-zA-Z0-9._%+-]+@example.com$"

Above configuration will also block access to users that don't have an email with example.com domain. There is also a secret_key field which will be used to encrypt the session cookie. In order to generate a new random key run this command:

$ echo $(wai-auth key --base64)
azuCFq0zEBkLSXhQrhliZzZD8Kblo...

Make sure you have proper callback/redirect urls registered with google/github apps, eg: http://localhost:3000/_auth_middleware/google/complete.

After configuration file is ready, running application is very easy:

$ wai-auth --config-file=/path/to/config.yaml
Listening on port 3000