servant-auth-token-0.3.0.0: Servant based API and server for token based authorisation

Copyright(c) Anton Gushcha, 2016
LicenseMIT
Maintainerncrashed@gmail.com
Stabilityexperimental
PortabilityPortable
Safe HaskellNone
LanguageHaskell2010

Servant.Server.Auth.Token.Config

Description

 

Synopsis

Documentation

data AuthConfig Source

Configuration specific for authorisation system

Constructors

AuthConfig 

Fields

getPool :: ConnectionPool

Get database connection pool

defaultExpire :: !NominalDiffTime

For authorisation, defines amounts of seconds when token becomes invalid.

restoreExpire :: !NominalDiffTime

For password restore, defines amounts of seconds when restore code becomes invalid.

restoreCodeSender :: !(RespUserInfo -> RestoreCode -> IO ())

User specified implementation of restore code sending. It could be a email sender or SMS message or mobile application method, whatever the implementation needs.

restoreCodeGenerator :: !(IO RestoreCode)

User specified generator for restore codes. By default the server generates UUID that can be unacceptable for SMS restoration routine.

maximumExpire :: !(Maybe NominalDiffTime)

Upper bound of expiration time that user can request for a token.

passwordsStrength :: !Int

For authorisation, defines amount of hashing of new user passwords (should be greater or equal 14). The passwords hashed 2^strength times. It is needed to prevent almost all kinds of brute force attacks, rainbow tables and dictionary attacks.

passwordValidator :: !(Text -> Maybe Text)

Validates user password at registration / password change.

If the function returns Just, then a 400 error is raised with specified text.

Default value doesn't validate passwords at all.

servantErrorFormer :: !(ServantErr -> ServantErr)

Transformation of errors produced by the auth server

defaultPageSize :: !Word

Default size of page for pagination

singleUseCodeSender :: !(RespUserInfo -> SingleUseCode -> IO ())

User specified method of sending single usage code for authorisation.

See also: endpoints AuthSigninGetCodeMethod and AuthSigninPostCodeMethod.

By default does nothing.

singleUseCodeExpire :: !NominalDiffTime

Time the generated single usage code expires after.

By default 1 hour.

singleUseCodeGenerator :: !(IO SingleUseCode)

User specified generator for single use codes.

By default the server generates UUID that can be unacceptable for SMS way of sending.

singleUseCodePermamentMaximum :: !Word

Number of not expiring single use codes that user can have at once.

Used by AuthGetSingleUseCodes endpoint. Default is 100.

singleUseCodeDefaultCount :: !Word

Number of not expiring single use codes that generated by default when client doesn't specify the value.

Used by AuthGetSingleUseCodes endpoint. Default is 20.

Instances

defaultAuthConfig :: ConnectionPool -> AuthConfig Source

Default configuration for authorisation server