Safe Haskell	None
Language	Haskell2010

PostgREST.Auth

Description

This module provides functions to deal with the JWT authorization (http://jwt.io). It also can be used to define other authorization functions, in the future Oauth, LDAP and similar integrations can be coded here.

Authentication should always be implemented in an external service. In the test suite there is an example of simple login function that can be used for a very simple authentication system inside the PostgreSQL database.

Synopsis

Documentation

setRole :: Text -> Text Source

Receives the name of a role and returns a SET ROLE statement

claimsToSQL :: ClaimsMap -> [Text] Source

Receives a map of JWT claims and returns a list of PostgreSQL statements to set the claims as user defined GUCs. Except if we have a claim called role, this one is mapped to a SET ROLE statement. In case there is any problem decoding the JWT it returns Nothing.

jwtClaims :: Secret -> Text -> NominalDiffTime -> Maybe ClaimsMap Source

Receives the JWT secret (from config) and a JWT and returns a map of JWT claims In case there is any problem decoding the JWT it returns Nothing.

tokenJWT :: Secret -> Value -> Text Source

Receives the JWT secret (from config) and a JWT and a JSON value and returns a signed JWT.