servant-0.7.1: A family of combinators for defining webservices APIs

Safe HaskellSafe




data BasicAuth realm userData Source

Combinator for Basic Access Authentication.

  • IMPORTANT*: Only use Basic Auth over HTTPS! Credentials are not hashed or encrypted. Note also that because the same credentials are sent on every request, Basic Auth is not as secure as some alternatives. Further, the implementation in servant-server does not protect against some types of timing attacks.

In Basic Auth, username and password are base64-encoded and transmitted via the Authorization header. Handshakes are not required, making it relatively efficient.

data BasicAuthData Source

A simple datatype to hold data required to decorate a request