servant-auth-token: Servant based API and server for token based authorisation

[ bsd3, library, web ] [ Propose Tags ] [ Report a vulnerability ]

Please see README.md

[Skip to Readme]

Modules

[Index]

Servant
- Server
  - Auth
    - Servant.Server.Auth.Token

Downloads

servant-auth-token-0.4.1.0.tar.gz [browse] (Cabal source package)
Package description (as included in the package)

Maintainer's Corner

Package maintainers

NCrashed

For package maintainers and hackage trustees

edit package information

Candidates

No Candidates

Versions [RSS]	0.1.0.0, 0.1.1.0, 0.1.2.0, 0.2.0.0, 0.2.0.1, 0.3.0.0, 0.3.1.0, 0.3.2.0, 0.4.0.0, 0.4.1.0, 0.4.1.1, 0.4.2.0, 0.4.3.0, 0.4.4.0, 0.4.4.1, 0.4.5.0, 0.4.6.0, 0.4.7.0, 0.4.7.1, 0.5.0.0, 0.5.1.0, 0.5.2.0, 0.5.3.0, 0.5.4.0, 0.5.5.0, 0.5.6.0 (info)
Change log	CHANGELOG.md
Dependencies	aeson-injector (>=1.0.4 && <1.1), base (>=4.7 && <5), bytestring (>=0.10 && <0.11), containers (>=0.5 && <0.6), mtl (>=2.2 && <2.3), pwstore-fast (>=2.4 && <2.5), servant-auth-token-api (>=0.4 && <0.5), servant-server (>=0.9 && <0.10), text (>=1.2 && <1.3), time (>=1.5 && <1.7), transformers (>=0.4 && <0.6), uuid (>=1.3 && <1.4) [details]
License	BSD-3-Clause
Copyright	2016 Anton Gushcha
Author	NCrashed
Maintainer	ncrashed@gmail.com
Category	Web
Home page	https://github.com/ncrashed/servant-auth-token#readme
Source repo	head: git clone https://github.com/ncrashed/servant-auth-token
Uploaded	by NCrashed at 2017-02-13T16:28:18Z
Distributions
Reverse Dependencies	5 direct, 1 indirect [details]
Downloads	14696 total (88 in the last 30 days)
Rating	(no votes yet) [estimated by Bayesian average]
Your Rating	λ λ λ
Status	Docs available [build log] Last success reported on 2017-02-13 [all 1 reports]

Readme for servant-auth-token-0.4.1.0

[back to package description]

servant-auth-token

The repo contains server implementation of servant-auth-token-api.

How to add to your server

At the moment you have two options for backend storage:

persistent backend - persistent backend, simple to integrate with your app.
acid-state backend - acid-state backend is light solution for in memory storage, but it is more difficult to integrate it with your app.
Possible candidates for other storage backends: VCache, leveldb, JSON files. To see how to implement them, see HasStorage type class.

Now you can use 'guardAuthToken' to check authorization headers in endpoints of your server:

-- | Read a single customer from DB
customerGet :: CustomerId -- ^ Customer unique id
  -> MToken '["customer-read"] -- ^ Required permissions for auth token
  -> ServerM Customer -- ^ Customer data
customerGet i token = do
  guardAuthToken token
  runDB404 "customer" $ getCustomer i