servant-auth-server-0.2.1.0: servant-server/servant-auth compatibility

Safe HaskellNone
LanguageHaskell2010

Servant.Auth.Server.Internal.ConfigTypes

Synopsis

Documentation

data IsMatch Source

Constructors

Matches 
DoesNotMatch 

Instances

data IsSecure Source

Constructors

Secure 
NotSecure 

Instances

data IsPasswordCorrect Source

Constructors

PasswordCorrect 
PasswordIncorrect 

Instances

data SameSite Source

Constructors

AnySite 
SameSiteStrict 
SameSiteLax 

Instances

data JWTSettings Source

JWTSettings are used to generate cookies, and to verify JWTs.

Constructors

JWTSettings 

Fields

key :: JWK
 
audienceMatches :: StringOrURI -> IsMatch

An aud predicate. The aud is a string or URI that identifies the intended recipient of the JWT.

Instances

defaultJWTSettings :: JWK -> JWTSettings Source

A JWTSettings where the audience always matches.

data CookieSettings Source

The policies to use when generating cookies.

If *both* cookieMaxAge and cookieExpires are Nothing, browsers will treat the cookie as a *session cookie*. These will be deleted when the browser is closed.

Note that having the setting Secure may cause testing failures if you are not testing over HTTPS.

Constructors

CookieSettings 

Fields

cookieIsSecure :: IsSecure

Secure means browsers will only send cookies over HTTPS. Default: Secure.

cookieMaxAge :: Maybe DiffTime

How long from now until the cookie expires. Default: Nothing

cookieExpires :: Maybe UTCTime

At what time the cookie expires. Default: Nothing

cookieSameSite :: SameSite

SameSite settings. Default: SameSiteLax.

sessionCookieName :: ByteString

What name to use for the cookie used for the session.

xsrfCookieName :: ByteString

What name to use for the cookie used for CSRF protection.

xsrfHeaderName :: ByteString

What name to use for the header used for CSRF protection.

Instances

defaultCookieSettings :: CookieSettings Source

jwtSettingsToJwtValidationSettings :: JWTSettings -> JWTValidationSettings Source