- type Username = String
- type Password = String
- type Email = String
- type Action = String
- data User = User Username Email Password [Action]
- email :: User :-> Email
- username :: User :-> Username
- password :: User :-> Password
- actions :: User :-> [Action]
- class (Applicative m, Monad m) => LoginM p m | m -> p where
- data UserPayload a = UserPayload {}
- type UserSession a = Session (UserPayload a)
- data UserDatabase = UserDatabase Backend [User]
- users :: UserDatabase :-> [User]
- backend :: UserDatabase :-> Backend
- data Backend = Backend {}
- noBackend :: Backend
- fileBackend :: FilePath -> Backend
- hGetUser :: LoginM p m => m (Maybe User)
- hSignup :: forall m q p a. (MonadIO m, PayloadM q UserDatabase m, SessionM (UserPayload p) m, BodyM Request m, HttpM Request m) => p -> [Action] -> m a -> (User -> m a) -> m a
- hLogin :: forall m q p a. (PayloadM q UserDatabase m, SessionM (UserPayload p) m, HttpM Request m, MonadIO m, BodyM Request m) => p -> m a -> (User -> m a) -> m a
- hLogout :: SessionM (UserPayload p) m => p -> m ()
- hLoginfo :: (SessionM (UserPayload p) m, SendM m) => p -> m ()
- hAuthorized :: SessionM (UserPayload p) m => p -> Maybe Action -> m b -> (User -> m b) -> m b
Basic types.
User containg a username, password and a list of actions this user is allowed to perform within the system.
Login server aspect.
class (Applicative m, Monad m) => LoginM p m | m -> p whereSource
login :: m a -> (User -> m a) -> m aSource
signup :: [Action] -> m a -> (User -> m a) -> m aSource
authorized :: Maybe Action -> m a -> (User -> m a) -> m aSource
(Contains q (TVar (Sessions (UserPayload p))), Contains q (TVar UserDatabase)) => LoginM p (Handler q) |
User Sessions.
data UserPayload a Source
A user payload instance contains user related session information and can be used as the payload for regular sessions. It contains a reference to the user it belongs to, a flag to indicate whether the user is logged in or not and a possible user specific session payload.
Eq a => Eq (UserPayload a) | |
Show a => Show (UserPayload a) |
type UserSession a = Session (UserPayload a)Source
User database backend.
data UserDatabase Source
A user database containing a list of users and a reference to the backend the database originates from and can be synchronized back to.
users :: UserDatabase :-> [User]Source
fileBackend :: FilePath -> BackendSource
File based user database backend. Format: username password action*.
Handlers.
hSignup :: forall m q p a. (MonadIO m, PayloadM q UserDatabase m, SessionM (UserPayload p) m, BodyM Request m, HttpM Request m) => p -> [Action] -> m a -> (User -> m a) -> m aSource
The signup handler is used to create a new entry in the user database. It reads a new username and password from the post parameters and adds a new entry into the backend of the user database when no user with such name exists. The user gets the specified initial set of actions assigned. When the signup fails the first handler will be executed when the signup succeeds the second handler will be executed which may access the fresh user object.
hLogin :: forall m q p a. (PayloadM q UserDatabase m, SessionM (UserPayload p) m, HttpM Request m, MonadIO m, BodyM Request m) => p -> m a -> (User -> m a) -> m aSource
The login handler. Read the username and password values from the post data and use that to authenticate the user. When the user can be found in the database the user is logged in and stored in the session payload. When the login fails the first handler will be executed when the login succeeds the second handler will be executed which may access the fresh user object.
hLogout :: SessionM (UserPayload p) m => p -> m ()Source
Logout the current user by emptying the session payload.
hLoginfo :: (SessionM (UserPayload p) m, SendM m) => p -> m ()Source
The loginfo
handler exposes the current user session to the world using a
simple text based response. The response contains information about the current
session identifier, session start and expiration date and the possible user
payload that is included.
hAuthorized :: SessionM (UserPayload p) m => p -> Maybe Action -> m b -> (User -> m b) -> m bSource
Execute a handler only when the user for the current session is authorized to do so. The user must have the specified action contained in its actions list in order to be authorized. When the authorization fails the first handler will be executed when the authorization succeeds the second handler will be executed which may access the current user object.