Safe Haskell | None |
---|---|
Language | Haskell2010 |
- data Session
- data SessionConfig = SessionConfig {
- sessionKey :: KeySource
- sessionMaxAge :: DiffTime
- sessionPath :: Maybe ByteString
- sessionDomain :: Maybe ByteString
- sessionHttpOnly :: Bool
- sessionSecure :: Bool
- sessionTimeoutAction :: forall e m. MonadIO m => ActionT e m ()
- angularXsrfCookieName :: Maybe ByteString
- csrfTokenCookieName :: ByteString
- csrfTokenCheckingName :: Either HeaderName ByteString
- csrfTokenLength :: Int
- data KeySource
- embedKeyConfig :: FilePath -> ExpQ
- embedDefaultKeyConfig :: ExpQ
- initSession :: MonadIO m => SessionConfig -> Initializer' m Session
- getSessionConfig :: (Has Session exts, Monad m) => ActionT exts m SessionConfig
- setSession :: (Has Session exts, MonadIO m) => ByteString -> ByteString -> ActionT exts m ()
- csrfToken :: (Has Session exts, MonadIO m) => ActionT exts m ByteString
- setSessionWith :: (Has Session exts, MonadIO m) => SessionConfig -> ByteString -> ByteString -> ActionT exts m ()
- session :: (Has Session exts, Query a, Strategy w, MonadIO actM) => ByteString -> w a -> ApiaryT exts (SNext w prms a) actM m () -> ApiaryT exts prms actM m ()
- checkToken :: (Has Session exts, MonadIO actM) => ApiaryT exts prms actM m () -> ApiaryT exts prms actM m ()
- module Web.Apiary.Cookie
Documentation
config
data SessionConfig Source
SessionConfig | |
|
embedKeyConfig :: FilePath -> ExpQ Source
generate and embed key at compile time. since 0.13.2.
This function embed as SessionsessionConfig with default sessionConfig. so you can sessionConfigure it. but DON'T sessionConfigure sessionKey.
this function is convenient when create heroku project.
embedsessionConfig = $embedDefaultKeysessionConfig { csrfTokenCookieName = "foo" }
initializer
initSession :: MonadIO m => SessionConfig -> Initializer' m Session Source
getter
getSessionConfig :: (Has Session exts, Monad m) => ActionT exts m SessionConfig Source
setter
setSession :: (Has Session exts, MonadIO m) => ByteString -> ByteString -> ActionT exts m () Source
csrfToken :: (Has Session exts, MonadIO m) => ActionT exts m ByteString Source
create crypto random (generate random by AES CTR(cprng-aes package) and encode by base64),
set it client session cookie, set XSRF-TOKEN header(when Just angularXsrfCookieName),
and return value. since 0.9.0.0.
with sessionConfig
setSessionWith :: (Has Session exts, MonadIO m) => SessionConfig -> ByteString -> ByteString -> ActionT exts m () Source
filter
session :: (Has Session exts, Query a, Strategy w, MonadIO actM) => ByteString -> w a -> ApiaryT exts (SNext w prms a) actM m () -> ApiaryT exts prms actM m () Source
checkToken :: (Has Session exts, MonadIO actM) => ApiaryT exts prms actM m () -> ApiaryT exts prms actM m () Source
check csrf token. since 0.9.0.0.
Reexport
deleteCookie
module Web.Apiary.Cookie