A user payload instance contains user related session information and can be used as the payload for regular sessions. It contains a reference to the user it belongs to, a flag to indicate whether the user is logged in or not and a possible user specific session payload.

Constructors

UserPayload
Fields upUser :: User upLoggedIn :: Bool upPayload :: Maybe a

Instances

Eq a => Eq (UserPayload a)
Show a => Show (UserPayload a)

type UserSession a = Session (UserPayload a)Source

User database backend.

data UserDatabase Source

A user database containing a list of users and a reference to the backend the database originates from and can be synchronized back to.

Constructors

UserDatabase Backend [User]

users :: UserDatabase :-> [User]Source

backend :: UserDatabase :-> Backend Source

data Backend Source

Constructors

Backend
Fields read :: MonadIO m => m UserDatabase add :: MonadIO m => User -> m ()

noBackend :: Backend Source

User database backend that does nothing and discards all changes made.

fileBackend :: FilePath -> Backend Source

File based user database backend. Format: username password action*.

Handlers.

hGetUser :: LoginM p m => m (Maybe User)Source

hSignup :: forall m q p a. (MonadIO m, PayloadM q UserDatabase m, SessionM (UserPayload p) m, BodyM Request m, HttpM Request m) => p -> [Action] -> m a -> (User -> m a) -> m aSource

The signup handler is used to create a new entry in the user database. It reads a new username and password from the post parameters and adds a new entry into the backend of the user database when no user with such name exists. The user gets the specified initial set of actions assigned. When the signup fails the first handler will be executed when the signup succeeds the second handler will be executed which may access the fresh user object.

hLogin :: forall m q p a. (PayloadM q UserDatabase m, SessionM (UserPayload p) m, HttpM Request m, MonadIO m, BodyM Request m) => p -> m a -> (User -> m a) -> m aSource

The login handler. Read the username and password values from the post data and use that to authenticate the user. When the user can be found in the database the user is logged in and stored in the session payload. When the login fails the first handler will be executed when the login succeeds the second handler will be executed which may access the fresh user object.

hLogout :: SessionM (UserPayload p) m => p -> m ()Source

Logout the current user by emptying the session payload.

hLoginfo :: (SessionM (UserPayload p) m, SendM m) => p -> m ()Source

The loginfo handler exposes the current user session to the world using a simple text based response. The response contains information about the current session identifier, session start and expiration date and the possible user payload that is included.

hAuthorized :: SessionM (UserPayload p) m => p -> Maybe Action -> m b -> (User -> m b) -> m bSource

Execute a handler only when the user for the current session is authorized to do so. The user must have the specified action contained in its actions list in order to be authorized. When the authorization fails the first handler will be executed when the authorization succeeds the second handler will be executed which may access the current user object.