hails-0.1.1: IFC enforcing web platform framework

Safe HaskellTrustworthy

Hails.HttpServer.Auth

Contents

Description

This module exports various authentication methods.

Synopsis

Documentation

type AuthFunction m sSource

Arguments

 = HttpReq s

Request

-> m (Either (HttpResp m) (HttpReq s)) 

Authentication function

Basic authentication

basicAuthSource

Arguments

:: Monad m 
=> (HttpReq s -> m Bool)

Authentication function

-> AuthFunction m s 

Perform basic authentication

basicNoAuth :: Monad m => AuthFunction m sSource

Basic authentication, that always succeeds. The function uses the username in the cookie (as in externalAuth), if it is set. If the cookie is not set, bsicAuth is used.

External authentication

externalAuth :: L -> String -> AuthFunction DC sSource

Use an external authentication service that sets a cookie. The cookie name is _hails_user, and its contents contain a string of the form user-name:HMAC-SHA1(user-name). This function simply checks that the cookie exits and the MAC'd user name is correct. If this is the case, it returns a request with the cookie removed. Otherwise it retuns a redirect (to the provided url) response.