web-push: Send messages using Web Push protocol.

[ library, mit, web ] [ Propose Tags ]

Web Push is a simple protocol for delivery of real-time events to user agents using HTTP/2 server push. This can be used to send notifications to browsers using the Push API.

[Skip to Readme]
Versions [faq],, 0.3
Dependencies aeson, base (>=4.7 && <5), base64-bytestring (>= && <1.1), binary (>=0.7.5 && <0.9), bytestring (>=0.9 && <0.11), cryptonite (>=0.24), http-client (>=0.5.7 && <0.7), http-types (>=0.8.6 && <1.0), lens (>=4.15.1), memory (>=0.14.5 && <0.16), random (==1.1.*), safe-exceptions (>=0.1.7 && <0.2), text (>=0.11 && <2.0), time, transformers (>= && <0.6) [details]
License MIT
Copyright 2017 Sarthak Bagaria
Author Sarthak Bagaria
Maintainer neokits@gmail.com
Category Web
Home page https://github.com/sarthakbagaria/web-push#readme
Source repo head: git clone https://github.com/sarthakbagaria/web-push
Uploaded by sarthakbagaria at 2020-06-28T21:35:13Z
Distributions NixOS:0.3
Downloads 1305 total (5 in the last 30 days)
Rating (no votes yet) [estimated by Bayesian average]
Your Rating
  • λ
  • λ
  • λ
Status Hackage Matrix CI
Docs available [build log]
Last success reported on 2020-06-28 [all 1 reports]


[Index] [Quick Jump]


Maintainer's Corner

For package maintainers and hackage trustees

Readme for web-push-0.3

[back to package description]

web-push Hackage

Helper functions to send messages using Web Push protocol.


Guides to using Web Push API in browsers can be found on Mozilla's and Google's docs, or you can check out the demo app in the example folder. To run the demo app:

cd example
stack build
stack --docker-network=bridge --docker-run-args='--publish=3000:3000' exec web-push-example

Then access localhost:3000 from a browser. Keep the browser console open to check if there are errors. For use with docker, the above command requires stack 2.4 or above.

For production use, store a set of VAPID keys securely and use them for all push notification subscriptions and messages; public key will have to be exposed to client's browser when subscribing to push notifications, but private key must be kept secret and used when generating push notifications on the server. If VAPID keys are re-generated, all push notifications will require re-subscriptions. Also save the latest subscription details such as endpoint from user's browser session securely in the database and use them to send push notifications to the user later.


Current implementation is based on the following versions of the drafts: