servant-auth-token-0.3.2.0: Servant based API and server for token based authorisation

Copyright(c) Anton Gushcha, 2016
LicenseMIT
Maintainerncrashed@gmail.com
Stabilityexperimental
PortabilityPortable
Safe HaskellNone
LanguageHaskell2010

Servant.Server.Auth.Token.Config

Description

 

Synopsis

Documentation

data AuthConfig Source #

Configuration specific for authorisation system

Constructors

AuthConfig 

Fields

  • getPool :: ConnectionPool

    Get database connection pool

  • defaultExpire :: !NominalDiffTime

    For authorisation, defines amounts of seconds when token becomes invalid.

  • restoreExpire :: !NominalDiffTime

    For password restore, defines amounts of seconds when restore code becomes invalid.

  • restoreCodeSender :: !(RespUserInfo -> RestoreCode -> IO ())

    User specified implementation of restore code sending. It could be a email sender or SMS message or mobile application method, whatever the implementation needs.

  • restoreCodeGenerator :: !(IO RestoreCode)

    User specified generator for restore codes. By default the server generates UUID that can be unacceptable for SMS restoration routine.

  • maximumExpire :: !(Maybe NominalDiffTime)

    Upper bound of expiration time that user can request for a token.

  • passwordsStrength :: !Int

    For authorisation, defines amount of hashing of new user passwords (should be greater or equal 14). The passwords hashed 2^strength times. It is needed to prevent almost all kinds of brute force attacks, rainbow tables and dictionary attacks.

  • passwordValidator :: !(Text -> Maybe Text)

    Validates user password at registration / password change.

    If the function returns Just, then a 400 error is raised with specified text.

    Default value doesn't validate passwords at all.

  • servantErrorFormer :: !(ServantErr -> ServantErr)

    Transformation of errors produced by the auth server

  • defaultPageSize :: !Word

    Default size of page for pagination

  • singleUseCodeSender :: !(RespUserInfo -> SingleUseCode -> IO ())

    User specified method of sending single usage code for authorisation.

    See also: endpoints AuthSigninGetCodeMethod and AuthSigninPostCodeMethod.

    By default does nothing.

  • singleUseCodeExpire :: !NominalDiffTime

    Time the generated single usage code expires after.

    By default 1 hour.

  • singleUseCodeGenerator :: !(IO SingleUseCode)

    User specified generator for single use codes.

    By default the server generates UUID that can be unacceptable for SMS way of sending.

  • singleUseCodePermamentMaximum :: !Word

    Number of not expiring single use codes that user can have at once.

    Used by AuthGetSingleUseCodes endpoint. Default is 100.

  • singleUseCodeDefaultCount :: !Word

    Number of not expiring single use codes that generated by default when client doesn't specify the value.

    Used by AuthGetSingleUseCodes endpoint. Default is 20.

Instances

defaultAuthConfig :: ConnectionPool -> AuthConfig Source #

Default configuration for authorisation server