KEo      !"#$%&'()*+,-./0123456789:;<=>?@ABCDEFGHIJKLMNOPQRSTUVWXYZ[\] ^ _ ` a b c d e f g h i j k l m n None!"&(+,-./0134579>IKLNopqopq Safe!"&(+,-./0134579>IKLNNone!"&'(+,-./0134579>CIKLN      None!"&(+,-./0134579>IKLNAn  AuthCheck@ is the function used to decide the authentication status (the ) of a request. Different  AuthCheck^s may be combined as a Monoid or Alternative; the semantics of this is that the *first* non-# result from left to right is used.(The result of an authentication attempt.Authentication succeeded.If an authentication procedure cannot be carried out - if for example it expects a password and username in a header that is not present -  IndefiniteP is returned. This indicates that other authentication methods should be tried. !"#$%&'()*++*)('&%$#"!  !"#$%&'()*+None!"&(+,-./0134579>IKLN--D is a convenience function to throw errors across an entire sub-API uthrowAll err400 :: Handler a :<|> Handler b :<|> Handler c == throwError err400 :<|> throwError err400 :<|> err400,-./0,-,-0/.,-./0None!"&(+,-./0134579>IKLN 1,The policies to use when generating cookies. If *both* 4 and 5 are Nothingk, browsers will treat the cookie as a *session cookie*. These will be deleted when the browser is closed.Note that having the setting Secure? may cause testing failures if you are not testing over HTTPS.3F= means browsers will only send cookies over HTTPS. Default: Secure.45How long from now until the cookie expires. Default: Nothing5*At what time the cookie expires. Default: Nothing6> settings. Default:  SameSiteLax.75What name to use for the cookie used for the session.89What name to use for the cookie used for CSRF protection.99What name to use for the header used for CSRF protection.: JWTSettings2 are used to generate cookies, and to verify JWTs.=An aud predicate. The audG is a string or URI that identifies the intended recipient of the JWT.KA  JWTSettings# where the audience always matches.123456789:;<=>?@ABCDEFGHIJKLMN123456789:;<=>?@ABCDEFGHIJKLMHIJEFGBCD>?@A:;<=K123456789NLM 123456789:;<=>?@ABCDEFGHIJKLMNNone!"&(+,-./0134579>IKLNOHow to encode data from a JWT.;The default implementation stores data in the unregistered dat claim, and uses the type's ToJSON instance to encode the data.QHow to decode data from a JWT.KThe default implementation assumes the data is stored in the unregistered dat claim, and uses the FromJSON% instance to decode value from there.THCreates a JWT containing the specified data. The data is stored in the datT claim. The 'Maybe UTCTime' argument indicates the time at which the token expires.OPQRSTOPQRSTQROPSTOPQRSTNone!"&(+,-./0134579>IKLNUVWUVWUVWUVWNone!"&(+,-./0134579>IKLNY[Whether the username exists and the password is correct. Note that, rather than passing a Pass5 to the function, we pass a function that checks an  EncryptedPassf. This is to make sure you don't accidentally do something untoward with the password, like store it.[A r\ that asks the client to authenticated via Basic Authentication. The argument is the realm.XYZ[\XYZ[\[ZXY\XYZ[\ None!"&(+,-./0134579>IKLN]AppCtx applies the function res to the arguments in ls1 by taking the values from the Context provided.cIsAuth a ctx v indicates that a/ is an auth type that expects all elements of ctxE to be the in the Context and whose authentication check returns an  AuthCheck v.]^_`abcdefghijkl ]^_`abcdecdelkjabih`_]^gf ]^_`abcdefghijkl None!"&(+,-./0134579>IKLNmmmNone!"&(+,-./0134579>IKLNn%Generate a key suitable for use with  defaultConfig.n6 ,-123456789:;<=BCDEFGHIJKLOPQRTVWXYZan6QROPHIJ:;<=K 123456789LVWEFGa XYZBCD,-nTns   !"#$%&'()**+,-./0123456789:;<=>?@ABCCDEFGHIJKKLMNOPQRSTUVWXYZ[\]^_`abcdefghijkl m n o p q r s t u v w x y z { | }~  AZ8pPIoCjXV3WECpTGhccaServant.Auth.Server)Servant.Auth.Server.Internal.AddSetCookie"Servant.Auth.Server.Internal.Types%Servant.Auth.Server.Internal.ThrowAll(Servant.Auth.Server.Internal.ConfigTypes Servant.Auth.Server.Internal.JWT#Servant.Auth.Server.Internal.Cookie&Servant.Auth.Server.Internal.BasicAuth"Servant.Auth.Server.Internal.ClassServant.Auth.Server.Internal#Servant.Auth.Server.SetCookieOrphan&Servant.Auth.Server.Internal.FormLogindatad_K91y8NcZUJI9yaBI61rgdDData.Default.ClassDefaultcooki_K5cXuTHwzBb4lSJpuZqTwh Web.Cookie SetCookiedefserva_AB05ANJ8MiZDIGl9RldNkxServant.API.BasicAuthbasicAuthPasswordbasicAuthUsername BasicAuthDataserva_7Z8BWWHojwRHzdlsk7qWIC Servant.AuthAuthJWTCookie BasicAuthBSSgetBSS AddSetCookie addSetCookieAddSetCookieApi csrfCookie$fToByteStringBSS$fToHttpApiDataBSS$fAddSetCookie:<|>:<|>$fAddSetCookiemm$fAddSetCookie(->)(->) AuthCheck runAuthCheck AuthResult BadPassword NoSuchUser Authenticated Indefinite$fMonadPlusAuthCheck$fAlternativeAuthCheck$fMonadTimeAuthCheck$fMonadIOAuthCheck$fMonadReaderRequestAuthCheck$fMonadAuthCheck$fApplicativeAuthCheck$fMonoidAuthCheck$fMonadPlusAuthResult$fAlternativeAuthResult$fMonadAuthResult$fApplicativeAuthResult$fMonoidAuthResultThrowAllthrowAll $fThrowAllm$fThrowAll(->)$fThrowAll:<|>CookieSettingscookieIsSecure cookieMaxAge cookieExpirescookieSameSitesessionCookieNamexsrfCookieNamexsrfHeaderName JWTSettingskeyaudienceMatchesSameSiteAnySiteSameSiteStrict SameSiteLaxIsPasswordCorrectPasswordCorrectPasswordIncorrectIsSecureSecure NotSecureIsMatchMatches DoesNotMatchdefaultJWTSettingsdefaultCookieSettings"jwtSettingsToJwtValidationSettings$fDefaultCookieSettingsToJWT encodeJWTFromJWT decodeJWT jwtAuthCheckmakeJWTcookieAuthCheck makeCookie makeCookieBSFromBasicAuthDatafromBasicAuthData BasicAuthCfgwwwAuthenticatedErrbasicAuthCheckAppCtxappCtxAppUnappAreAuthsrunAuthsIsAuthAuthArgsrunAuth$fAppCtxctx[]res$fAppCtxctxs:(->)$fAreAuths:ctxsv$fAreAuths[]ctxsv$fIsAuthBasicAuthusr$fIsAuthJWTusr$fIsAuthCookieusr$fHasServer*:>ctxs generateKey$fToByteStringSetCookie$fToHttpApiDataSetCookie$fFromHttpApiDataSetCookieserva_JUuWwzrNZ1k9qRBVhYUBLy"Servant.Server.Internal.ServantErr ServantErr