úΕ<ŠŠŧ      !"#$%&'()*+,-./0123456789:;<=>?@ABCDEFGHIJKLMNOPQRSTUVWXYZ[\]^_`abcdefghijklmnopqrstuvwxyz{|}~€‚ƒ„…†‡ˆ‰Š‹ŒŽ‘’“”•–—˜™š›œžŸ ĄĒĢĪĨĶ§ĻĐŠŦŽ­ŪŊ°ąēģīĩķ·ļđš1Helpers for aeson deriving without name prefixes.(c) Anton Gushcha, 2016MITncrashed@gmail.com experimentalPortableNone-6;=FKQSTV Ô2For aeson deriving, drop prefix t and map to lower3Helpers for swagger deriving without name prefixes.(c) Anton Gushcha, 2016MITncrashed@gmail.com experimentalPortableNone-6;=FKQSTVįStrip given prefix from fields(Helpers for response pagination support.(c) Anton Gushcha, 2016MITncrashed@gmail.com experimentalPortableNone-6;=FKQSTVpCollection of a with attached ids of type i and additional page info.PayloadCount of available pagesNumber of items on a page7Query parameter that carries pagination page size value  A page number 3Query parameter that carries pagination page number  "API for token based authorisation.(c) Anton Gushcha, 2016MITncrashed@gmail.com experimentalPortableNone-6;=FKQSTV†]F"Request body for user registrationId of user group"Id of user that is used in the API‚Token header that we require for authorization marked by permissions that are expected from the token to pass guarding functions.;Simplified version that takes plain symbols as permissions.‚Token header that we require for authorization marked by permissions that are expected from the token to pass guarding functions.+Single use code used for authorisation via › and š endpoints Special tag for password restore Amount of seconds!,Special tag for a permission that a user has" User email#Password for login$User name for login%2Shortcut for Maybe Token with attached permissions;Simplified version that takes plain symbols as permissions.&2Shortcut for Maybe Token with attached permissions'9Token that doesn't have attached compile-time permissions(jToken is simple string marked by permissions that are expected from the token to pass guarding functions.;Simplified version that takes plain symbols as permissions.)jToken is simple string marked by permissions that are expected from the token to pass guarding functions.,,Helper type family to wrap all symbols into 0-4Convertation of permission symbol into runtim string/NType level permission type that allows to construct complex permission labels=Response with user infoJ'Response with users info and paginationTRequest body for patching useralData of user group, groups allows to group permissions and assign them to particular users in batch manner.%Also a group hierarchy can be formed.m Data type that is used to patch as,Special case when you want to set parent to ŧz Body for œ~Nothing is default server valuežKCheck that first set of permissions is subset of second, throw error if not―.Foldl type level list of bools, identicall to ūŋ7Check that first set of permissions is subset of secondĀCheck whether a b$ is contained in permission list of a…DUnlifting compile-time permissions into list of run-time permissionsÁ,Allows to find user info by login, requires Ē@ permission. Throws 404 if cannot find account with such login.‡`Get the user id of the owner of specified token. 401 error is raised if the token doesn't have  'auth-userid' token.ˆwCheck permissions of the token, if the passed token doesn't have permissions that are passed via body, server returns ÂX. 401 status is returned if the token owner is not permitted to check self permissions.‰"Get list of user groups, requires Ē for tokenŠ1Delete all info about given user group, requires Ī for token‹,Patch info about given user group, requires Ģ for tokenŒ.Replace info about given user group, requires Ģ for token#Inserting new user group, requires Ģ for tokenŽ(Getting info about user group, requires Ē for token`Generate single usage codes that user can write down and use later for emergency authorisation.ŧz for "codes-count" parameter means some default value defined by server. Server can restrict maximum count of such codes.LServer should invalidate previous codes on subsequent calls of the endpoint.‹Special authorisation tag can be used to disable the feature, merely don't give the tag to users and they won't be able to generate codes. See also: š for utilisation of the codes.ZGenerate new password for user. There is two phases, first, the method is called without codeē parameter. The system sends email with a restore code to user email or sms (its depends on server). After that a call of the method with the code is needed to change password.‘Delete user from DB, requires Ī< and will cause cascade deletion, that is your usually want’1Replace user with the user in the body, requires Ģ for token“Updating loginemailpassword, requires Ģ for token”"Getting info about user, requires Ē for token•$Getting list of all users, requires Ē for token–Creation of new user, requires Ą for token—JClose session, after call of the method the token in header is not valid.˜+Get client info that is binded to the token™AClient cat expand the token lifetime, no permissions are requiredš'Authorisation via code of single usage.*Logic of authorisation via this method is:Client sends GET request to › endpointcServer generates single use token and sends it via SMS or email (server specific implementation)Client sends POST request to š endpoint Server responds with auth token.BClient uses the token with other requests as authorisation header@Client can extend lifetime of token by periodically pinging of ™ endpoint)Client can invalidate token instantly by —$Client can get info about user with ˜ endpoint.›'Authorisation via code of single usage.*Logic of authorisation via this method is:Client sends GET request to › endpointcServer generates single use token and sends it via SMS or email (server specific implementation)Client sends POST request to š endpoint Server responds with auth token.BClient uses the token with other requests as authorisation header@Client can extend lifetime of token by periodically pinging of ™ endpoint)Client can invalidate token instantly by —$Client can get info about user with ˜ endpoint.œHow to get a token, expire of ŧ+ means some default value (server config).*Logic of authorisation via this method is:eClient sends POST request to the endpoint with user specified login and password and optional expire#Server responds with token or errorBClient uses the token with other requests as authorisation header@Client can extend lifetime of token by periodically pinging of ™ endpoint)Client can invalidate token instantly by —$Client can get info about user with ˜ endpoint.How to get a token, expire of ŧ+ means some default value (server config).*Logic of authorisation via this method is:dClient sends GET request to the endpoint with user specified login and password and optional expire#Server responds with token or errorBClient uses the token with other requests as authorisation header@Client can extend lifetime of token by periodically pinging of ™ endpoint)Client can invalidate token instantly by —$Client can get info about user with ˜ endpoint.žGeneric authorization APIŸ`Proxy type for auth API, used to pass the type-level info into client/docs generation functions ,Permission that allows everything by defaultĄ0Permission that allows registration of new usersĒ6Permission that allows to query info about other usersĢ2Permission that allows to update fields of an userĪAPermission that allows to delete users and cause cascade deletionĨNPermission that allows to check permissions of token that has the permission.Ķ8Permission that allows to get user ID of owner of token.§&Select only operations of the Auth APIĻ Servant.Docs documentation of the Auth APIĐ:Cast token to permissions that are lower than original one=The cast is safe, the permissions are cheked on compile time.Š;Cast token to permissions that are lower than original one.=The cast is safe, the permissions are cheked on compile time.i !"#$%&'()*+,-./01=>?@ABCJKLMTUVWXYZabcdefmnopqrsz{|}~…†‡ˆ‰Š‹ŒŽ‘’“”•–—˜™š›œžŸ ĄĒĢĪĨĶ§ĻĐŠižœ›š™˜—–•”“’‘ŽŒ‹Š‰ˆ‡ŸĻ/01-.…†,)*+(&%'ĐŠ$#"! =>?@ABCTUVWXYZJKLMz{|}~abcdefmnopqrs ĨĪĒĢĶĄ§ )*+-./01=>?@ABCJKLMTUVWXYZabcdefmnopqrsz{|}~…†Ã       !"#$%&'()*+,-../0123456789:;<=>?@AABCDEFGHIJKLMMNOPQRSTUVVWXYZ[\]^_`abbcdefghijklmmnopqrstuvwxyyz{|}~€‚ƒ„…†‡ˆ‰Š‹ŒŽ‘’“”•–—˜™š›œžŸ ĄĒĢĪĨĶ§ĻĐŠŦŽ­ŪŊ°ąēģīĩķ·ļđšŧ·ž―ūŋĀÁÂÃÄ5servant-auth-token-api-0.5.2.0-Fs1TEFQRuYyEZv0hn08HdK*Servant.API.Auth.Token.Internal.DeriveJson&Servant.API.Auth.Token.Internal.Schema!Servant.API.Auth.Token.PaginationServant.API.Auth.Token$aeson-1.2.4.0-BCbjHKPmbhgK9ldqys4mc6 Data.Aeson.TH deriveJSON derivePrefixschemaOptionsDropPrefix PagedListpagedListItemspagedListPagesPageSize PageSizeParamPage PageParam$fToParamTYPEQueryParam$fToParamTYPEQueryParam0$fGenericPagedList$fShowPagedList$fToSamplePagedList$fToSchemaPagedList$fFromJSONPagedList$fToJSONPagedList ReqRegister reqRegLoginreqRegPassword reqRegEmailreqRegPermissions reqRegGroups UserGroupIdUserId TokenHeader' TokenHeader SingleUseCode RestoreCodeSeconds PermissionEmailPasswordLoginMToken'MToken SimpleTokenToken'TokenunToken PlainPermsUnliftPermSymbolunliftPermSymbol PermSymbol PermLabel PermConcat$fToSampleUnit$fUnliftPermSymbolPermConcat$fUnliftPermSymbolPermLabel$fToSampleToken$fToHttpApiDataToken$fFromHttpApiDataToken$fToParamSchemaToken $fEqToken $fShowToken$fGenericReqRegister$fShowReqRegister RespUserInfo respUserId respUserLogin respUserEmailrespUserPermissionsrespUserGroups$fToSampleReqRegister$fToSchemaReqRegister$fFromJSONReqRegister$fToJSONReqRegister$fGenericRespUserInfo$fShowRespUserInfo RespUsersInforespUsersItemsrespUsersPages$fToSampleRespUserInfo$fToSchemaRespUserInfo$fFromJSONRespUserInfo$fToJSONRespUserInfo$fGenericRespUsersInfo$fShowRespUsersInfo PatchUserpatchUserLoginpatchUserPasswordpatchUserEmailpatchUserPermissionspatchUserGroups$fToSampleRespUsersInfo$fToSchemaRespUsersInfo$fFromJSONRespUsersInfo$fToJSONRespUsersInfo$fGenericPatchUser$fShowPatchUser UserGroup userGroupNameuserGroupUsersuserGroupPermissionsuserGroupParent$fToSamplePatchUser$fToSchemaPatchUser$fFromJSONPatchUser$fToJSONPatchUser$fGenericUserGroup$fShowUserGroupPatchUserGrouppatchUserGroupNamepatchUserGroupUserspatchUserGroupPermissionspatchUserGroupParentpatchUserGroupNoParent$fToSampleUserGroup$fToSchemaUserGroup$fFromJSONUserGroup$fToJSONUserGroup$fGenericPatchUserGroup$fShowPatchUserGroupAuthSigninPostBodyauthSigninBodyLoginauthSigninBodyPasswordauthSigninBodySeconds$fToSamplePatchUserGroup$fToSchemaPatchUserGroup$fFromJSONPatchUserGroup$fToJSONPatchUserGroup$fGenericAuthSigninPostBody$fShowAuthSigninPostBody PermsList unliftPermsAuthGetUserIdMethodAuthCheckPermissionsMethodAuthGroupsMethodAuthDeleteGroupMethodAuthPatchGroupMethodAuthPutGroupMethodAuthPostGroupMethodAuthGetGroupMethodAuthGetSingleUseCodesAuthRestoreMethodAuthDeleteUserMethodAuthPutUserMethodAuthPatchUserMethodAuthGetUserMethodAuthUsersMethodAuthSignupMethodAuthSignoutMethodAuthTokenInfoMethodAuthTouchMethodAuthSigninPostCodeMethodAuthSigninGetCodeMethodAuthSigninPostMethodAuthSigninMethodAuthAPIauthAPI adminPerm registerPerm authInfoPermauthUpdatePermauthDeletePerm authCheckPermauthUserIdPermauthOperationsauthDocsdowngradeToken'downgradeToken $fToSample()$fToSampleText$fToSampleWord$fToCaptureTYPECapture$fToCaptureTYPECapture0$fToParamTYPEQueryParam1$fToParamTYPEQueryParam2$fToParamTYPEQueryParam3$fToSampleAuthSigninPostBody$fToSchemaAuthSigninPostBody$fFromJSONAuthSigninPostBody$fToJSONAuthSigninPostBody $fPermsList: $fPermsList[]baseGHC.BaseNothing PermsSubsetTAll Data.FoldableandConatinAllPerm ContainPermAuthFindUserByLoginghc-prim GHC.TypesFalse