Safe Haskell | None |
---|
- data Session
- data SessionConfig = SessionConfig {
- sessionKey :: KeySource
- sessionMaxAge :: DiffTime
- sessionPath :: Maybe ByteString
- sessionDomain :: Maybe ByteString
- sessionHttpOnly :: Bool
- sessionSecure :: Bool
- sessionTimeoutAction :: forall e m. MonadIO m => ActionT e m ()
- angularXsrfCookieName :: Maybe ByteString
- csrfTokenCookieName :: ByteString
- csrfTokenCheckingName :: Either HeaderName ByteString
- csrfTokenLength :: Int
- data KeySource
- embedKeyConfig :: FilePath -> ExpQ
- embedDefaultKeyConfig :: ExpQ
- initSession :: MonadIO m => SessionConfig -> Initializer' m Session
- getSessionConfig :: (Has Session exts, Monad m) => ActionT exts m SessionConfig
- setSession :: (Has Session exts, MonadIO m) => ByteString -> ByteString -> ActionT exts m ()
- csrfToken :: (Has Session exts, MonadIO m) => ActionT exts m ByteString
- setSessionWith :: (Has Session exts, MonadIO m) => SessionConfig -> ByteString -> ByteString -> ActionT exts m ()
- session :: (Has Session exts, Query a, Strategy w, MonadIO actM) => ByteString -> w a -> ApiaryT exts (SNext w prms a) actM m () -> ApiaryT exts prms actM m ()
- checkToken :: (Has Session exts, MonadIO actM) => ApiaryT exts prms actM m () -> ApiaryT exts prms actM m ()
- module Web.Apiary.Cookie
Documentation
config
data SessionConfig Source
SessionConfig | |
|
embedKeyConfig :: FilePath -> ExpQSource
generate and embed key at compile time. since 0.13.2.
This function embed as SessionsessionConfig with default sessionConfig. so you can sessionConfigure it. but DON'T sessionConfigure sessionKey.
this function is convenient when create heroku project.
embedsessionConfig = $embedDefaultKeysessionConfig { csrfTokenCookieName = "foo" }
initializer
initSession :: MonadIO m => SessionConfig -> Initializer' m SessionSource
getter
getSessionConfig :: (Has Session exts, Monad m) => ActionT exts m SessionConfigSource
setter
setSession :: (Has Session exts, MonadIO m) => ByteString -> ByteString -> ActionT exts m ()Source
csrfToken :: (Has Session exts, MonadIO m) => ActionT exts m ByteStringSource
create crypto random (generate random by AES CTR(cprng-aes package) and encode by base64),
set it client session cookie, set XSRF-TOKEN header(when Just angularXsrfCookieName),
and return value. since 0.9.0.0.
with sessionConfig
setSessionWith :: (Has Session exts, MonadIO m) => SessionConfig -> ByteString -> ByteString -> ActionT exts m ()Source
filter
session :: (Has Session exts, Query a, Strategy w, MonadIO actM) => ByteString -> w a -> ApiaryT exts (SNext w prms a) actM m () -> ApiaryT exts prms actM m ()Source
checkToken :: (Has Session exts, MonadIO actM) => ApiaryT exts prms actM m () -> ApiaryT exts prms actM m ()Source
check csrf token. since 0.9.0.0.
Reexport
deleteCookie
module Web.Apiary.Cookie