| Safe Haskell | Safe-Inferred |
|---|---|
| Language | Haskell2010 |
Happstack.Server.Auth
Description
Support for basic access authentication http://en.wikipedia.org/wiki/Basic_access_authentication
Synopsis
- basicAuth :: Happstack m => String -> Map String String -> m a -> m a
- basicAuthBy :: Happstack m => (ByteString -> ByteString -> Bool) -> String -> m a -> m a
- validLoginPlaintext :: Map String String -> ByteString -> ByteString -> Bool
Documentation
Arguments
| :: Happstack m | |
| => String | the realm name |
| -> Map String String | the username password map |
| -> m a | the part to guard |
| -> m a |
A simple HTTP basic authentication guard.
If authentication fails, this part will call mzero.
example:
main = simpleHTTP nullConf $
msum [ basicAuth "127.0.0.1" (fromList [("happstack","rocks")]) $ ok "You are in the secret club"
, ok "You are not in the secret club."
]Arguments
| :: Happstack m | |
| => (ByteString -> ByteString -> Bool) | function that returns true if the name password combination is valid |
| -> String | the realm name |
| -> m a | the part to guard |
| -> m a |
Generalized version of basicAuth.
The function that checks the username password combination must be supplied as first argument.
example:
main = simpleHTTP nullConf $
msum [ basicAuth' (validLoginPlaintext (fromList [("happstack","rocks")])) "127.0.0.1" $ ok "You are in the secret club"
, ok "You are not in the secret club."
]Arguments
| :: Map String String | the username password map |
| -> ByteString | the username |
| -> ByteString | the password |
| -> Bool |
Function that looks up the plain text password for username in a Map and returns True if it matches with the given password.
Note: The implementation is hardened against timing attacks but not completely safe. Ideally you should build your own predicate, using a robust constant-time equality comparison from a cryptographic library like sodium.