- getPool :: ConnectionPool
Get database connection pool
- defaultExpire :: !NominalDiffTime
For authorisation, defines amounts of seconds
when token becomes invalid.
- restoreExpire :: !NominalDiffTime
For password restore, defines amounts of seconds
when restore code becomes invalid.
- restoreCodeSender :: !(RespUserInfo -> RestoreCode -> IO ())
User specified implementation of restore code sending. It could
be a email sender or SMS message or mobile application method, whatever
the implementation needs.
- restoreCodeGenerator :: !(IO RestoreCode)
User specified generator for restore codes. By default the server
generates UUID that can be unacceptable for SMS restoration routine.
- maximumExpire :: !(Maybe NominalDiffTime)
Upper bound of expiration time that user can request
for a token.
- passwordsStrength :: !Int
For authorisation, defines amount of hashing
of new user passwords (should be greater or equal 14).
The passwords hashed 2^strength times. It is needed to
prevent almost all kinds of brute force attacks, rainbow
tables and dictionary attacks.
- passwordValidator :: !(Text -> Maybe Text)
Validates user password at registration / password change.
If the function returns Just
, then a 400 error is raised with
specified text.
Default value doesn't validate passwords at all.
- servantErrorFormer :: !(ServantErr -> ServantErr)
Transformation of errors produced by the auth server
- defaultPageSize :: !Word
Default size of page for pagination
- singleUseCodeSender :: !(RespUserInfo -> SingleUseCode -> IO ())
User specified method of sending single usage code for authorisation.
See also: endpoints AuthSigninGetCodeMethod
and AuthSigninPostCodeMethod
.
By default does nothing.
- singleUseCodeExpire :: !NominalDiffTime
Time the generated single usage code expires after.
By default 1 hour.
- singleUseCodeGenerator :: !(IO SingleUseCode)
User specified generator for single use codes.
By default the server generates UUID that can be unacceptable for SMS way of sending.
- singleUseCodePermamentMaximum :: !Word
Number of not expiring single use codes that user can have at once.
Used by AuthGetSingleUseCodes
endpoint. Default is 100.
- singleUseCodeDefaultCount :: !Word
Number of not expiring single use codes that generated by default when client doesn't
specify the value.
Used by AuthGetSingleUseCodes
endpoint. Default is 20.