úÎ!° ĨXŧ      !"#$%&'()*+,-./0123456789:;<=>?@ABCDEFGHIJKLMNOPQRSTUVWXYZ[\]^_`abcdefghijklmnopqrstuvwxyz{|}~€‚ƒ„…†‡ˆ‰Š‹ŒŽ‘’“”•–—˜™š›œžŸ ĄĒĢĪĨĶ§ĻĐŠŦŽ­ŪŊ°ąēģīĩķ·ļđš1Helpers for aeson deriving without name prefixes.(c) Anton Gushcha, 2016MITncrashed@gmail.com experimentalPortableNone-6;=FKQSTV .servant-auth-token-api2For aeson deriving, drop prefix t and map to lower3Helpers for swagger deriving without name prefixes.(c) Anton Gushcha, 2016MITncrashed@gmail.com experimentalPortableNone-6;=FKQSTV™servant-auth-token-apiStrip given prefix from fields(Helpers for response pagination support.(c) Anton Gushcha, 2016MITncrashed@gmail.com experimentalPortableNone-6;=FKQSTV–servant-auth-token-apiCollection of a with attached ids of type i and additional page info.servant-auth-token-apiPayloadservant-auth-token-apiCount of available pagesservant-auth-token-apiNumber of items on a pageservant-auth-token-api7Query parameter that carries pagination page size value servant-auth-token-api A page number servant-auth-token-api3Query parameter that carries pagination page number  "API for token based authorisation.(c) Anton Gushcha, 2016MITncrashed@gmail.com experimentalPortableNone-6;=FKQSTVĒ Fservant-auth-token-api"Request body for user registrationservant-auth-token-apiId of user groupservant-auth-token-api"Id of user that is used in the APIservant-auth-token-api‚Token header that we require for authorization marked by permissions that are expected from the token to pass guarding functions.;Simplified version that takes plain symbols as permissions.servant-auth-token-api‚Token header that we require for authorization marked by permissions that are expected from the token to pass guarding functions.servant-auth-token-api+Single use code used for authorisation via › and š endpointsservant-auth-token-api Special tag for password restore servant-auth-token-apiAmount of seconds!servant-auth-token-api,Special tag for a permission that a user has"servant-auth-token-api User email#servant-auth-token-apiPassword for login$servant-auth-token-apiUser name for login%servant-auth-token-api2Shortcut for Maybe Token with attached permissions;Simplified version that takes plain symbols as permissions.&servant-auth-token-api2Shortcut for Maybe Token with attached permissions'servant-auth-token-api9Token that doesn't have attached compile-time permissions(servant-auth-token-apijToken is simple string marked by permissions that are expected from the token to pass guarding functions.;Simplified version that takes plain symbols as permissions.)servant-auth-token-apijToken is simple string marked by permissions that are expected from the token to pass guarding functions.,servant-auth-token-api,Helper type family to wrap all symbols into 0-servant-auth-token-api4Convertation of permission symbol into runtim string/servant-auth-token-apiNType level permission type that allows to construct complex permission labels=servant-auth-token-apiResponse with user infoJservant-auth-token-api'Response with users info and paginationTservant-auth-token-apiRequest body for patching useraservant-auth-token-apilData of user group, groups allows to group permissions and assign them to particular users in batch manner.%Also a group hierarchy can be formed.mservant-auth-token-api Data type that is used to patch asservant-auth-token-api,Special case when you want to set parent to ŧzservant-auth-token-api Body for œ~servant-auth-token-apiNothing is default server valuežservant-auth-token-apiKCheck that first set of permissions is subset of second, throw error if not―servant-auth-token-api.Foldl type level list of bools, identicall to ūŋservant-auth-token-api7Check that first set of permissions is subset of secondĀservant-auth-token-apiCheck whether a b$ is contained in permission list of a…servant-auth-token-apiDUnlifting compile-time permissions into list of run-time permissionsÁservant-auth-token-api,Allows to find user info by login, requires Ē@ permission. Throws 404 if cannot find account with such login.‡servant-auth-token-api`Get the user id of the owner of specified token. 401 error is raised if the token doesn't have  'auth-userid' token.ˆservant-auth-token-apiwCheck permissions of the token, if the passed token doesn't have permissions that are passed via body, server returns ÂX. 401 status is returned if the token owner is not permitted to check self permissions.‰servant-auth-token-api"Get list of user groups, requires Ē for tokenŠservant-auth-token-api1Delete all info about given user group, requires Ī for token‹servant-auth-token-api,Patch info about given user group, requires Ģ for tokenŒservant-auth-token-api.Replace info about given user group, requires Ģ for tokenservant-auth-token-api#Inserting new user group, requires Ģ for tokenŽservant-auth-token-api(Getting info about user group, requires Ē for tokenservant-auth-token-api`Generate single usage codes that user can write down and use later for emergency authorisation.ŧz for "codes-count" parameter means some default value defined by server. Server can restrict maximum count of such codes.LServer should invalidate previous codes on subsequent calls of the endpoint.‹Special authorisation tag can be used to disable the feature, merely don't give the tag to users and they won't be able to generate codes. See also: š for utilisation of the codes.servant-auth-token-apiZGenerate new password for user. There is two phases, first, the method is called without codeē parameter. The system sends email with a restore code to user email or sms (its depends on server). After that a call of the method with the code is needed to change password.‘servant-auth-token-apiDelete user from DB, requires Ī< and will cause cascade deletion, that is your usually want’servant-auth-token-api1Replace user with the user in the body, requires Ģ for token“servant-auth-token-apiUpdating loginemailpassword, requires Ģ for token”servant-auth-token-api"Getting info about user, requires Ē for token•servant-auth-token-api$Getting list of all users, requires Ē for token–servant-auth-token-apiCreation of new user, requires Ą for token—servant-auth-token-apiJClose session, after call of the method the token in header is not valid.˜servant-auth-token-api+Get client info that is binded to the token™servant-auth-token-apiAClient cat expand the token lifetime, no permissions are requiredšservant-auth-token-api'Authorisation via code of single usage.*Logic of authorisation via this method is:Client sends GET request to › endpointcServer generates single use token and sends it via SMS or email (server specific implementation)Client sends POST request to š endpoint Server responds with auth token.BClient uses the token with other requests as authorisation header@Client can extend lifetime of token by periodically pinging of ™ endpoint)Client can invalidate token instantly by —$Client can get info about user with ˜ endpoint.›servant-auth-token-api'Authorisation via code of single usage.*Logic of authorisation via this method is:Client sends GET request to › endpointcServer generates single use token and sends it via SMS or email (server specific implementation)Client sends POST request to š endpoint Server responds with auth token.BClient uses the token with other requests as authorisation header@Client can extend lifetime of token by periodically pinging of ™ endpoint)Client can invalidate token instantly by —$Client can get info about user with ˜ endpoint.œservant-auth-token-apiHow to get a token, expire of ŧ+ means some default value (server config).*Logic of authorisation via this method is:eClient sends POST request to the endpoint with user specified login and password and optional expire#Server responds with token or errorBClient uses the token with other requests as authorisation header@Client can extend lifetime of token by periodically pinging of ™ endpoint)Client can invalidate token instantly by —$Client can get info about user with ˜ endpoint.servant-auth-token-apiHow to get a token, expire of ŧ+ means some default value (server config).*Logic of authorisation via this method is:dClient sends GET request to the endpoint with user specified login and password and optional expire#Server responds with token or errorBClient uses the token with other requests as authorisation header@Client can extend lifetime of token by periodically pinging of ™ endpoint)Client can invalidate token instantly by —$Client can get info about user with ˜ endpoint.žservant-auth-token-apiGeneric authorization APIŸservant-auth-token-api`Proxy type for auth API, used to pass the type-level info into client/docs generation functions servant-auth-token-api,Permission that allows everything by defaultĄservant-auth-token-api0Permission that allows registration of new usersĒservant-auth-token-api6Permission that allows to query info about other usersĢservant-auth-token-api2Permission that allows to update fields of an userĪservant-auth-token-apiAPermission that allows to delete users and cause cascade deletionĨservant-auth-token-apiNPermission that allows to check permissions of token that has the permission.Ķservant-auth-token-api8Permission that allows to get user ID of owner of token.§servant-auth-token-api&Select only operations of the Auth APIĻservant-auth-token-api Servant.Docs documentation of the Auth APIĐservant-auth-token-api:Cast token to permissions that are lower than original one=The cast is safe, the permissions are cheked on compile time.Šservant-auth-token-api;Cast token to permissions that are lower than original one.=The cast is safe, the permissions are cheked on compile time.i !"#$%&'()*+,-./01=>?@ABCJKLMTUVWXYZabcdefmnopqrsz{|}~…†‡ˆ‰Š‹ŒŽ‘’“”•–—˜™š›œžŸ ĄĒĢĪĨĶ§ĻĐŠižœ›š™˜—–•”“’‘ŽŒ‹Š‰ˆ‡ŸĻ/01-.…†,)*+(&%'ĐŠ$#"! =>?@ABCTUVWXYZJKLMz{|}~abcdefmnopqrs ĨĪĒĢĶĄ§Ã       !"#$%&'()*+,-../0123456789:;<=>?@AABCDEFGHIJKLMMNOPQRSTUVVWXYZ[\]^_`abbcdefghijklmmnopqrstuvwxyyz{|}~€‚ƒ„…†‡ˆ‰Š‹ŒŽ‘’“”•–—˜™š›œžŸ ĄĒĢĪĨĶ§ĻĐŠŦŽ­ŪŊ°ąēģīĩķ·ļđšŧ·ž―ūŋĀÁÂÃÄ5servant-auth-token-api-0.5.3.0-G7WAobpzAxoCnmh0eSO2Q9*Servant.API.Auth.Token.Internal.DeriveJson&Servant.API.Auth.Token.Internal.Schema!Servant.API.Auth.Token.PaginationServant.API.Auth.Token$aeson-1.3.1.1-LdmaAINcZTA5oQVEQu2QJq Data.Aeson.TH deriveJSON derivePrefixschemaOptionsDropPrefix PagedListpagedListItemspagedListPagesPageSize PageSizeParamPage PageParam$fToParamTYPEQueryParam'$fToParamTYPEQueryParam'0$fGenericPagedList$fShowPagedList$fToSamplePagedList$fToSchemaPagedList$fFromJSONPagedList$fToJSONPagedList ReqRegister reqRegLoginreqRegPassword reqRegEmailreqRegPermissions reqRegGroups UserGroupIdUserId TokenHeader' TokenHeader SingleUseCode RestoreCodeSeconds PermissionEmailPasswordLoginMToken'MToken SimpleTokenToken'TokenunToken PlainPermsUnliftPermSymbolunliftPermSymbol PermSymbol PermLabel PermConcat$fToSampleUnit$fUnliftPermSymbolPermConcat$fUnliftPermSymbolPermLabel$fToSampleToken$fToHttpApiDataToken$fFromHttpApiDataToken$fToParamSchemaToken $fEqToken $fShowToken$fGenericReqRegister$fShowReqRegister RespUserInfo respUserId respUserLogin respUserEmailrespUserPermissionsrespUserGroups$fToSampleReqRegister$fToSchemaReqRegister$fFromJSONReqRegister$fToJSONReqRegister$fGenericRespUserInfo$fShowRespUserInfo RespUsersInforespUsersItemsrespUsersPages$fToSampleRespUserInfo$fToSchemaRespUserInfo$fFromJSONRespUserInfo$fToJSONRespUserInfo$fGenericRespUsersInfo$fShowRespUsersInfo PatchUserpatchUserLoginpatchUserPasswordpatchUserEmailpatchUserPermissionspatchUserGroups$fToSampleRespUsersInfo$fToSchemaRespUsersInfo$fFromJSONRespUsersInfo$fToJSONRespUsersInfo$fGenericPatchUser$fShowPatchUser UserGroup userGroupNameuserGroupUsersuserGroupPermissionsuserGroupParent$fToSamplePatchUser$fToSchemaPatchUser$fFromJSONPatchUser$fToJSONPatchUser$fGenericUserGroup$fShowUserGroupPatchUserGrouppatchUserGroupNamepatchUserGroupUserspatchUserGroupPermissionspatchUserGroupParentpatchUserGroupNoParent$fToSampleUserGroup$fToSchemaUserGroup$fFromJSONUserGroup$fToJSONUserGroup$fGenericPatchUserGroup$fShowPatchUserGroupAuthSigninPostBodyauthSigninBodyLoginauthSigninBodyPasswordauthSigninBodySeconds$fToSamplePatchUserGroup$fToSchemaPatchUserGroup$fFromJSONPatchUserGroup$fToJSONPatchUserGroup$fGenericAuthSigninPostBody$fShowAuthSigninPostBody PermsList unliftPermsAuthGetUserIdMethodAuthCheckPermissionsMethodAuthGroupsMethodAuthDeleteGroupMethodAuthPatchGroupMethodAuthPutGroupMethodAuthPostGroupMethodAuthGetGroupMethodAuthGetSingleUseCodesAuthRestoreMethodAuthDeleteUserMethodAuthPutUserMethodAuthPatchUserMethodAuthGetUserMethodAuthUsersMethodAuthSignupMethodAuthSignoutMethodAuthTokenInfoMethodAuthTouchMethodAuthSigninPostCodeMethodAuthSigninGetCodeMethodAuthSigninPostMethodAuthSigninMethodAuthAPIauthAPI adminPerm registerPerm authInfoPermauthUpdatePermauthDeletePerm authCheckPermauthUserIdPermauthOperationsauthDocsdowngradeToken'downgradeToken $fToSample()$fToSampleText$fToSampleWord$fToCaptureTYPECapture'$fToCaptureTYPECapture'0$fToParamTYPEQueryParam'1$fToParamTYPEQueryParam'2$fToParamTYPEQueryParam'3$fToSampleAuthSigninPostBody$fToSchemaAuthSigninPostBody$fFromJSONAuthSigninPostBody$fToJSONAuthSigninPostBody $fPermsList: $fPermsList[]baseGHC.BaseNothing PermsSubsetTAll Data.FoldableandConatinAllPerm ContainPermAuthFindUserByLoginghc-prim GHC.TypesFalse