servant-auth-token: Servant based API and server for token based authorisation

[ bsd3, library, web ] [ Propose Tags ]

Please see

[Skip to Readme]
Versions [RSS] [faq],,,,,,,,,,,,,,,,,,,,,,,,, (info)
Change log
Dependencies aeson-injector (==1.1.*), base (>=4.8 && <5), byteable (==0.1.*), bytestring (==0.10.*), containers (==0.5.*), http-api-data (>=0.3.5 && <0.4), mtl (==2.2.*), pwstore-fast (==2.4.*), servant (>=0.11 && <0.15), servant-auth-token-api (==0.5.*), servant-server (>=0.11 && <0.15), text (==1.2.*), time (>=1.5 && <1.9), transformers (>=0.4 && <0.6), uuid (==1.3.*), wai (==3.2.*) [details]
License BSD-3-Clause
Copyright 2016-2017 Anton Gushcha
Author Anton Gushcha <> , Ivan Lazar Miljenovic <>
Category Web
Home page
Source repo head: git clone
Uploaded by NCrashed at 2018-09-16T11:27:54Z
Distributions NixOS:
Downloads 12537 total (97 in the last 30 days)
Rating (no votes yet) [estimated by Bayesian average]
Your Rating
  • λ
  • λ
  • λ
Status Hackage Matrix CI
Docs available [build log]
Last success reported on 2018-09-16 [all 1 reports]


[Index] [Quick Jump]


Maintainer's Corner

For package maintainers and hackage trustees


Readme for servant-auth-token-

[back to package description]


Build Status

The repo contains server implementation of servant-auth-token-api.

How to add to your server

At the moment you have two options for backend storage:

  • persistent backend - persistent backend, simple to integrate with your app.

  • acid-state backend - acid-state backend is light solution for in memory storage, but it is more difficult to integrate it with your app.

  • Possible candidates for other storage backends: VCache, leveldb, JSON files. To see how to implement them, see HasStorage type class.

Now you can use 'guardAuthToken' to check authorization headers in endpoints of your server:

-- | Read a single customer from DB
customerGet :: CustomerId -- ^ Customer unique id
  -> MToken '["customer-read"] -- ^ Required permissions for auth token
  -> ServerM Customer -- ^ Customer data
customerGet i token = do
  guardAuthToken token
  runDB404 "customer" $ getCustomer i