NN      !"#$%&'()*+,-./0123456789:;<=>?@ABCDEFGHIJKLMNOPQRSTUVWXYZ[\]^_`abcdefghijklmnopqrstuvwxyz{|}~            None"#1;<=>?CFKQSTUVe !"None"#1;<=>?CFKQSTUVvXAppConfig contains the config options for command line arguments in snaplet-based apps..Command line options for snaplet applications.rCalls snap-server's extendedCommandLineConfig to add snaplet options to the built-in server command line options.None"#1;<=>?CFKQSTUV #$%&'()*+,-.#$%None"#1;<=>?CFKQSTUV/0123456/01None"#1;<=>?CFKQSTUV 789:;<=>?@78None"#1;<=>?CFKQRSTUVxb,An opaque data type holding internal snaplet configuration data. It is exported publicly because the getOpaqueConfig function in MonadSnaplet makes implementing new instances of MonadSnaplet more convenient.AHolds the actual route pattern passed to addRoutes for the current handler. Nothing during initialization and before route dispatech.BThis is the universal reload action for the top-level site. We can't update this in place to be a reloader for each individual snaplet because individual snaplets can't be reloaded in isolation without losing effects that subsequent hooks may have had.Snaplet's type parameter sE here is user-defined and can be any Haskell type. A value of type  Snaplet s countains a couple of things:a value of type s, called the "user state".some bookkeeping data the framework uses to plug things together, like the snaplet's configuration, the snaplet's root directory on the filesystem, the snaplet's root URL, and so on.CjSee the _reloader comment for why we have to use this to reload single snaplets in isolation. This action won't actually run the initializer at all. It will only modify the existing state. It is the responsibility of the snaplet author to avoid using this in situations where it will destroy data in its state that was created by subsequent hook actions.D1Joins a reversed list of directories into a path.E1Joins a reversed list of directories into a path. %Monad used for initializing snaplets.FTWrapper around IO actions that modify state elements created during initialization. vInformation about a partially constructed initializer. Used to automatically aggregate handlers and cleanup actions.G,Handler routes built up and passed to route.HGeneric filtering of handlersIkThis snaplet config is the incrementally built config for whatever snaplet is currently being constructed.JFWe can't just hae a simple MVar here because MVars can't be chrooted. Snaplet infrastructure is available during runtime request processing through the Handler monad. There aren't very many standalone functions to read about here, but this is deceptive. The key is in the type class instances. Handler is an instance of Kb, which means it is the monad you will use to write all your application routes. It also has a  B instance, which gives you all the functionality described above. The m type parameter used in the MonadSnaplet type signatures will usually be either Initializer or Handler, but other monads may sometimes be useful.Minimal complete definition:, , , and . Runs a child snaplet action in the current snaplet's context. If you think about snaplet lenses using a filesystem path metaphor, the lens supplied to this snaplet must be a relative path. In other words, the lens's base state must be the same as the current snaplet.Like   but doesn't impose the requirement that the action being run be a descendant of the current snaplet. Using our filesystem metaphor again, the lens for this function must be an absolute path--it's base must be the same as the current base. A variant of  O accepting a lens from snaplet to snaplet. Unlike the lens used in the above  } function, this lens formulation has an identity, which makes it useful in certain circumstances. The lenses generated by LA will not work with this function, however the lens returned by  will. with = with' . subSnapletThe absolute version of &Gets the lens for the current snaplet.xGets the current snaplet's opaque config data type. You'll only use this function when writing MonadSnaplet instances.qTransforms a lens of the type you get from makeLenses to an similar lens that is more suitable for internal use.WGets a list of the names of snaplets that are direct ancestors of the current snaplet.*Gets the snaplet's path on the filesystem.Gets the current snaple's name.1Gets a human readable description of the snaplet.7Gets the config data structure for the current snaplet.kGets the base URL for the current snaplet. Directories get added to the current snaplet path by calls to  nestSnaplet.1Constructs a url relative to the current snaplet. Gets the  Snaplet v" from the current snaplet's state. Puts a new  Snaplet v in the current snaplet's state.  Modifies the  Snaplet v in the current snaplet's state.! Gets the  Snaplet v@ from the current snaplet's state and applies a function to it.MLike runBase0, but it doesn't require an MVar to be executed."Gets the route pattern that matched for the handler. This lets you find out exactly which of the strings you used in addRoutes matched.#Sets the route pattern that matched for the handler. Use this when to override the default pattern which is the key to the alist passed to addRoutes.N/Check whether the request comes from localhost.$1Pass if the request is not coming from localhost.%Handler that reloads the site.&TThis function brackets a Handler action in resource acquisition and release. Like O,, this is provided because MonadCatchIO's bracketg function doesn't work properly in the case of a short-circuit return from the action being bracketed.In order to prevent confusion regarding the effects of the aquisition and release actions on the Handler state, this function doesn't accept Handler actions for the acquire or release actions.This function will run the release action in all cases where the acquire action succeeded. This includes the following behaviors from the bracketed Snap action. Normal completion.Short-circuit completion, either from calling P or  finishWithAn exception being thrown.Q8Lets you access the current snaplet's state through the R interface.S8Lets you access the current snaplet's state through the T interface.'Opaque newtype which gives us compile-time guarantees that the user is using makeSnaplet and either nestSnaplet or embedSnaplet correctly. %A relative lens identifying a snapletAction from the lense's snaplet(An "absolute" lens identifying a snapletAction from the lense's snapletTUBAVWXYZ[\]C^_`abcdefDE gFh iJjkIHGlmnop qr  s !M"#N$%&'tuvwxyz{  U[ZYXWVAB\^C] gFh imlGHIkjJnop qr  'tNone"#1;<=>?CFKNQSTUV8#|} for InitializerState.~ for InitializerState.gets for InitializerState.(jLets you retrieve the list of routes currently set up by an Initializer. This can be useful in debugging.)OReturn the current environment string. This will be the environment given to 5& or from the command line when using 7B. Usefully for changing behavior during development and testing.*Converts a plain hook into a Snaplet hook.*WAdds an IO action that modifies the current snaplet state to be run at the end of initialization on the state that was created. This makes it easier to allow one snaplet's state to be modified by another snaplet's initializer. A good example of this is when a snaplet has templates that define its views. The Heist snaplet provides the  addTemplatesG function which allows other snaplets to set up their own templates.  addTemplates% is implemented using this function.+IVariant of addPostInitHook for when you have things wrapped in a Snaplet.'Helper function for transforming hooks.'Helper function for transforming hooks.)Modifies the Initializer's SnapletConfig.pIf a snaplet has a filesystem presence, this function creates and copies the files if they dont' already exist.,6All snaplet initializers must be wrapped in a call to  makeSnapletp, which handles standardized housekeeping common to all snaplets. Common usage will look something like this: fooInit :: SnapletInit b Foo fooInit = makeSnaplet "foo" "An example snaplet" Nothing $ do -- Your initializer code here return $ Foo 42 Note that you're writing your initializer code in the Initializer monad, and makeSnaplet converts it into an opaque SnapletInit type. This allows us to use the type system to ensure that the API is used correctly.pInternal function that gets the SnapletConfig out of the initializer state and uses it to create a (Snaplet a).XBrackets an initializer computation, restoring curConfig after the computation returns.Handles modifications to InitializerState that need to happen before a snaplet is called with either nestSnaplet or embedSnaplet.-8Runs another snaplet's initializer and returns the initialized Snaplet value. Calling an initializer with nestSnaplet gives the nested snaplet access to the same base state that the current snaplet has. This makes it possible for the child snaplet to make use of functionality provided by sibling snaplets..pRuns another snaplet's initializer and returns the initialized Snaplet value. The difference between this and - is the first type parameter in the third argument. The "v1 v1" makes the child snaplet think that it is the top-level state, which means that it will not be able to use functionality provided by snaplets included above it in the snaplet tree. This strongly isolates the child snaplet, and allows you to eliminate the b type variable. The embedded snaplet can still get functionality from other snaplets, but only if it nests or embeds the snaplet itself.Note that this function does not change where this snaplet is located in the filesystem. The snaplet directory structure convention stays the same. Also, embedSnaplet limits the ways that snaplets can interact, so we usually recommend using nestSnaplet instead. However, we provide this function because sometimes reduced flexibility is useful. In short, if you don't understand what this function does for you from looking at its type, you probably don't want to use it.)Changes the base state of an initializer.$Changes the base state of a handler./YSets a snaplet's name. All snaplets have a default name set by the snaplet author. This function allows you to override that name. You will have to do this if you have more than one instance of the same kind of snaplet because snaplet names must be unique. This function must immediately surround the snaplet's initializer. For example: >fooState <- nestSnaplet "fooA" $ nameSnaplet "myFoo" $ fooInit0Adds routing to the current  . The new routes are merged with the main routing section and take precedence over existing routing that was previously defined.1 Wraps the baseo snaplet's routing in another handler, allowing you to run code before and after all routes in an application..Here are some examples of things you might do: mwrapSite (\site -> logHandlerStart >> site >> logHandlerFinished) wrapSite (\site -> ensureAdminUser >> site)2zAttaches an unload handler to the snaplet. The unload handler will be called when the server shuts down, or is reloaded.3Initializers should use this function for all informational or error messages to be displayed to the user. On application startup they will be sent to the console. When executed from the reloader, they will be sent back to the user in the HTTP response.;Builds an IO reload action for storage in the SnapletState.+Runs a top-level snaplet in the Snap monad.4Lets you change a snaplet's initial state. It's almost like a reload, except that it doesn't run the initializer. It just modifies the result of the initializer. This can be used to let you define actions for reloading individual snaplets.NInternal function for running Initializers. If any exceptions were thrown by the initializer, this function catches them, runs any cleanup actions that had been registered, and returns an expanded error message containing the exception details as well as all messages generated by the initializer before the exception was thrown.5Given an environment and a Snaplet initializer, produce a concatenated log of all messages generated during initialization, a snap handler, and a cleanup action. The environment is an arbitrary string such as "devel" or "production". This string is used to determine the name of the configuration files used by each snaplet. If an environment of Nothing is used, then runSnaplet defaults to "devel".6Given a configuration and a snap handler, complete it and produce the completed configuration as well as a new toplevel handler with things like compression and a 500 handler set up.7Initialize and run a Snaplet. This function parses command-line arguments, runs the given Snaplet initializer, and starts an HTTP server running the Snaplet's toplevel  .8Like 70, but don't try to parse command-line arguments.9gAllows you to get all of your app's config data in the IO monad without the web server infrastructure.#Recursive worker for loadAppConfig. The directory where the snaplet's reference files are stored. Nothing if the snaplet doesn't come with any files that need to be installed.+Directory where the files should be copied.,A default id for this snaplet. This is only used when the end-user has not already set an id using the nameSnaplet function.-A human readable description of this snaplet.The path to the directory holding the snaplet's reference filesystem content. This will almost always be the directory returned by Cabal's getDataDir command, but it has to be passed in because it is defined in a package-specific import. Setting this value to Nothing doesn't preclude the snaplet from having files in in the filesystem, it just means that they won't be copied there automatically.Snaplet initializer.-|The root url for all the snaplet's routes. An empty string gives the routes the same root as the parent snaplet's routes.Lens identifying the snaplet,The initializer function for the subsnaplet..|The root url for all the snaplet's routes. An empty string gives the routes the same root as the parent snaplet's routes.NOTE: Because of the stronger isolation provided by embedSnaplet, you should be more careful about using an empty string here.Lens identifying the snaplet,The initializer function for the subsnaplet./The snaplet name The snaplet initializer function1Handler modifier function7BThe configuration of the server - you can usually pass a default  via .!The snaplet initializer function.8BThe configuration of the server - you can usually pass a default  via .!The snaplet initializer function.9tThe name of the config file to look for. In snap applications, this is something based on the environment...i.e.  devel.cfg.+Path to the root directory of your project.()*+,-./0123456789None"#1;<=>?CFKQSTUV2  !"#$%&'()*+,-./01234567892 "# ! ',-./2*+3()01 $%4&56789None"#1;<=>?CFKQSTUV:wThe state for the Heist snaplet. To use the Heist snaplet in your app include this in your application state and use  heistInitf to initialize it. The type parameter b will typically be the base state type for your application.nGeneric initializer function that allows compiled/interpreted template serving to be specified by the caller.Internal worker function used by variants of heistInit. This is necessary because of the divide between SnapletInit and Initializer.\Hook that converts the Heist type from Configuring to Running at the end of initialization.>Handler that triggers a template reload. For large sites, this can be desireable because it may be much quicker than the full site reload provided at the adminreload route. This allows you to reload only the heist templates This handler is automatically set up by heistInit, but if you use heistInit', then you can create your own route with it.:;=<>:;<=None"#1;<=>?ACFKQSTUV?RBClears data stored by the cache tag. The cache tag automatically reloads its data when the specified TTL expires, but sometimes you may want to trigger a manual reload. This function lets you do that.CThe   for :1. This function is a convenience wrapper around D that uses defaultHeistState and sets up routes for all the templates. It sets up a "heistReload" route that reloads the heist templates when you request it from localhost.DA lower level   for :. This initializer requires you to specify the initial HeistConfig. It also does not add any routes for templates, allowing you complete control over which templates get routed.ESets the snaplet to default to interpreted mode. Initially, the initializer sets the value to compiled mode. This function allows you to override that setting. Note that this is just a default. It only has an effect if you use one of the generic functions: X, Y, Z, or [. If you call the non-generic versions directly, then this value will not be checked and you will get the mode implemented by the function you called.FAdds templates to the Heist HeistConfig. Other snaplets should use this function to add their own templates. The templates are automatically read from the templates directory in the current snaplet's filesystem root.GAdds templates to the Heist HeistConfig, and lets you specify where they are found in the filesystem. Note that the path to the template directory is an absolute path. This allows you more flexibility in where your templates are located, but means that you have to explicitly call getSnapletFilePath if you want your snaplet to use templates within its normal directory structure.NAdds more HeistConfig data using mappend with whatever is currently there. This is the preferred method for adding all four kinds of splices as well as new templates.'Internal helper function for rendering.'Internal helper function for rendering.W]Chooses between a compiled action and an interpreted action based on the configured default.XZLike render/cRender, but chooses between the two appropriately based on the default mode.Y^Like renderAs/cRenderAs, but chooses between the two appropriately based on the default mode.ZbLike heistServe/cHeistServe, but chooses between the two appropriately based on the default mode.[nLike heistServeSingle/cHeistServeSingle, but chooses between the two appropriately based on the default mode.bhThis instance is here because we don't want the heist package to depend on anything from snap packages. CPath to templatesDPath to templatesInitial HeistConfigF&The url prefix for the template routesGURL prefix for template routesPath to templatesOName of the templateP Content typeName of the templateSName of the templateT Content typeName of the templateWA compiled actionAn interpreted actionXName of the templateY Content typeName of the template(:;<=>?@ABCDEFGHIJKLMNOPQRSTUVWXYZ[\]^_`a(:;<=CD>EHBFGIKJMLXYZ[WNSTUVOPQR]_a\^`A?@None"#1;<=>?CFKQSTUVcA single snaplet should never need more than one instance of Heist as a subsnaplet. This type class allows you to make it easy for other snaplets to get the lens that identifies the heist snaplet. Here's an example of how the heist snaplet might be declared: "data App = App { _heist :: Snaplet (Heist App) } makeLenses ''App instance HasHeist App where heistLens = subSnaplet heist appInit = makeSnaplet "app" "" Nothing $ do h <- nestSnaplet "heist" heist $ heistInit "templates" addConfig h heistConfigWithMyAppSplices return $ App hdmA lens to the Heist snaplet. The b parameter to Heist will typically be the base state of your application.eAdds templates to the Heist HeistState. Other snaplets should use this function to add their own templates. The templates are automatically read from the templates directory in the current snaplet's filesystem root.fAdds templates to the Heist HeistState, and lets you specify where they are found in the filesystem. Note that the path to the template directory is an absolute path. This allows you more flexibility in where your templates are located, but means that you have to explicitly call getSnapletFilePath if you want your snaplet to use templates within its normal directory structure.gAMore general function allowing arbitrary HeistState modification.hAMore general function allowing arbitrary HeistState modification.i,Runs a function on with the Heist snaplet's .jGeneric version of 'render'/'cRender'.kGeneric version of 'renderAs'/'cRenderAs'.lGeneric version of 'heistServe'/'cHeistServe'.mGeneric version of &'heistServeSingle'/'cHeistServeSingle'.n]Chooses between a compiled action and an interpreted action based on the configured default.o\Renders a compiled template as text/html. If the given template is not found, this returns empty.pjRenders a compiled template as the given content type. If the given template is not found, this returns empty.qA compiled version of u.r Analogous to fileServeSingle<. If the given template is not found, this throws an error.sSRenders a template as text/html. If the given template is not found, this returns empty.taRenders a template as the given content type. If the given template is not found, this returns empty.u4A handler that serves all the templates (similar to serveDirectoryL). If the template specified in the request path is not found, it returns empty. Also, this function does not serve any templates beginning with an underscore. This gives you a way to prevent some templates from being served. For example, you might have a template that contains only the navbar of your pages, and you probably wouldn't want that template to be visible to the user as a standalone template. So if you put it in a file called "_nav.tpl", this function won't serve it.v2Handler for serving a single template (similar to fileServeSingle=). If the given template is not found, this throws an error.wRenders a template with a given set of splices. This is syntax sugar for a common combination of heistLocal, bindSplices, and render.x=Runs an action with additional splices bound into the Heist .yRuns a handler with a modified . You might want to use this if you had a set of splices which were customised for a specific action. To do that you would do: :heistLocal (bindSplices mySplices) handlerThatNeedsSplicese&The url prefix for the template routesfURL prefix for template routesPath to templateshHeistState modifying functioniHeistState function to runj Template namekContent type to render with Template namem Template namenA compiled actionAn interpreted actiono Template namepContent type to render with Template namer Template names Template nametContent type to render with Template namev Template namew Template nameSplices to bindxSplices to bindHandler to runyHeistState modifying functionHandler to run":>?@ABCDEHNcdefghijklmnopqrstuvwxy":cdCD>EHefNghijklmnopqrstuvyxwA@?BcdNone"#1;<=>?CFKQSTUV:?ABCDNcdefghistuvwxy:cdA?CDefNghistuvyxwBNone"#1;<=>?CFKQSTUV:@ABNcdefghijklmn:cdA@efNghijklmnBNone"#1;<=>?CFKQSTUVzThe   for :1. This function is a convenience wrapper around  heistInit' that uses defaultHeistState and sets up routes for all the templates. It sets up a "heistReload" route that reloads the heist templates when you request it from localhost.{\Renders a compiled template as text/html. If the given template is not found, this returns empty.|jRenders a compiled template as the given content type. If the given template is not found, this returns empty.}4A handler that serves all the templates (similar to serveDirectoryL). If the template specified in the request path is not found, it returns empty. Also, this function does not serve any templates beginning with an underscore. This gives you a way to prevent some templates from being served. For example, you might have a template that contains only the navbar of your pages, and you probably wouldn't want that template to be visible to the user as a standalone template. So if you put it in a file called "_nav.tpl", this function won't serve it.~2Handler for serving a single template (similar to fileServeSingle=). If the given template is not found, this throws an error.zPath to templates{ Template name|Content type to render with Template name~ Template name:>@ABDNcdefghiz{|}~:cdA@zD>efNghi{|}~BNone"#01;<=>?CFKQSTUV6Authentication settings defined at initialization timeCurrently not used/checked#Name of the desired remember cookieBHow long to remember when the option is used in rest of the API. % means remember until end of session.4Lockout strategy: ([MaxAttempts], [LockoutDuration]) Location of app's encryption key<Type representing the concept of a User in your application.8This will be replaced by a role-based permission system.Internal representation of a UserM. By convention, we demand that the application is able to directly fetch a User using this identifier.Think of this type as a secure, authenticated user. You should normally never see this type unless a user has been authenticated.Authentication failures indicate what went wrong during authentication. They may provide useful information to the developer, although it is generally not advisable to show the user the exact details about why login failed.Locked out until given time[Password is clear when supplied by the user and encrypted later when returned from the db.1Default strength level to pass into makePassword.QThe underlying encryption function, in case you need it for external processing.MThe underlying verify function, in case you need it for external processing.Turn a  password into an 0 password, ready to be stuffed into a database.+Default AuthUser that has all empty values.iSet a new password for the given user. Given password should be clear-text; it will be encrypted into a .Default settings for Auth. asMinPasswdLen = 8 asRememberCookieName = "_remember" asRememberPeriod = Just (2*7*24*60*60) = 2 weeks asLockout = Nothing asSiteKey = "site_key.txt"bFunction to get auth settings from a config file. This function can be used by the authors of auth snaplet backends in the initializer to let the user configure the auth snaplet from a config file. All options are optional and default to what's in defAuthSettings if not supplied. Here's what the default options would look like in the config file: minPasswordLen = 8 rememberCookie = "_remember" rememberPeriod = 1209600 # 2 weeks lockout = [5, 86400] # 5 attempts locks you out for 86400 seconds siteKey = "site_key.txt" CleartextEncrypted reference8 None"#1;<=>?CFKQSTUV2OK      !"#$%&'()*+,-./0123456789:;<=>?@ABCDEFGHIJKLMNOPQRSTUVWXYZ[\]^_`abcdefghijklmnopqrst  !"#$%&'()*+,-./0123456789None"#1;<=>?CFKQSTUV:1High speed, mutable random number generator state,Perform given action, mutating the RNG stateCreate a new RNG'Generates a random salt of given length Generate a randomized CSRF tokenuNone"#1;<=>?CFKQSTUV !Arbitrary payload with timestamp.Get the cookie payload.%Decode secure cookie payload wih key.Inject the payload.4Encode SecureCookie with key into injectable payloadExpire secure cookie(Validate session against timeout policy.If timeout is set to , never trigger a time-out.TOtherwise, do a regular time-out check based on current time and given timestamp. Cookie nameEncryption keyTimeout in secondsEncryption keyEncrypted payload Cookie name Cookie domainEncryption keyMax age in secondsSerializable payloadEncryption keyPayload Cookie name Cookie domain None"#1;<=>?CFKQSTUVD "Load a session from given payload.Will always be called before any other operation. If possible, cache and do nothing when called multiple times within the same request cycle.1Commit session, return a possibly updated paylaod Reset session Touch session$Insert a key-value pair into sessionLookup a key in sessionDelete a key in session5Return a session-specific CSRF protection token. See  mkCSRFToken! for help in creating the value.1Return all key-value pairs as an association list+Any Haskell record that is a member of the $ typeclass can be stuffed inside a . to enable all session-related functionality.hTo use sessions in your application, just find a Backend that would produce one for you inside of your  Initializer. See initCookieSessionManager in 3 for a built-in option that would get you started.   None"#1;<=>?CFKQSTUV GWrap around a handler, committing any changes in the session at the end:Commit changes to session within the current request cycle+Set a key-value pair in the current session"Get a key from the current session%Remove a key from the current session2Returns a CSRF Token unique to the current session.Return session contents as an association list=Deletes the session cookie, effectively resetting the session/Touch the session so the timeout gets refreshedv!Load the session into the manager None"#1;<=>?CFKQSTUV w1A session payload to be stored in a SecureCookie.x)The manager data type to be stuffed into yPer request cache for z{6A long encryption key used for secure cookie transport|"Cookie name for the session system}Cookie domain for session system. You may want to set it to dot prefixed domain name like ".example.com", so the cookie is available to sub domains.~DSession cookies will be considered "stale" after this many seconds.#handle to a random number generatorzThis is what the w& will be for the CookieSession backendSession data are kept in a  for this backend0Initialize a cookie-backed session, returning a 6 to be stuffed inside your application's state. This G will enable the use of all session storage functionality defined in !Get the current client-side valueSet the client-side value Path to site-wide encryption keySession cookie nameSession cookie domain+Session time-out (replay attack protection)wxy{|}~zNone"#1;<=>?CFKQSTUVlGAbstract data type holding all necessary information for auth operationStorage back-end"A lens pointer to a SessionManager"A per-request logged-in user cachePassword length range"Cookie name for the remember token1Domain for which remember cookie will be created.0Remember period in seconds. Defaults to 2 weeks.7A unique encryption key used to encrypt remember cookie5Lockout after x tries, re-allow entry after y secondsRandom number generator5All storage backends need to implement this typeclassCreate or update the given  record. A | of Nothing indicates that a new user should be created, otherwise the user information for that userId should be updated.0Creates a new user from a username and password.An auth backendUsernamePassword None"#1;<=>?CFKQSTUVF_3Create a new user from just a username and password4Check whether a user with the given username exists.ELookup a user by her username, check given password and perform loginCRemember user from the remember token if possible and perform loginLogout the active userDReturn the current user; trying to remember from cookie if possible.Convenience wrapper around  rememberUser that returns a bool resultCreate or update a given userDestroy the given user Mutate an , marking failed authentication'This will save the user to the backend. Mutate an #, marking successful authentication'This will save the user to the backend.EAuthenticate and log the user into the current session if successful.iThis is a mid-level function exposed to allow roll-your-own ways of looking up a user from the database.This function will: Check the password'Login the user into the current sessionCMark success/failure of the authentication trial on the user recordLogin and persist the given  in the active session_Meant to be used if you have other means of being sure that the person is who she says she is.Set the current user's  in the active sessionRemove 7 from active session, effectively logging the user out.Get the current user's  from the active session Check password for a given user.Returns Nothing if check is successful and an IncorrectPassword error otherwise'Wrap lookups around request-local cache5Register a new user by specifying login and password Param fieldsA K% handler that processes a login form.%The request paremeters are passed to  performLoginWTo make your users stay logged in for longer than the session replay prevention timeout, you must pass a field name as the third parameter and that field must be set to a value of "1" by the submitting form. This lets you use a user selectable check box. Or if you want user remembering always turned on, you can use a hidden form field.>Simple handler to log the user out. Deletes user from session.Require that an authenticated $ is present in the current session.bThis function has no DB cost - only checks to see if a user_id is present in the current session.5Run a function on the backend, and return the result.@This uses an existential type so that the backend type doesn't escape AuthManager. The reason that the type is Handler b (AuthManager v) a and not a is because anything that uses the backend will return an IO something, which you can liftIO, or a Handler b (AuthManager v) a if it uses other handler things.AThis function generates a random password reset token and stores it in the database for the user. Call this function when a user forgets their password. Then use the token to autogenerate a link that the user can visit to reset their password. This function also sets a timestamp so the reset token can be expired.Clears a user's password reset token. Call this when the user successfully changes their password to ensure that the password reset link cannot be used again.aHelper function used for setting and clearing the password reset token and associated timestamp. UsernamePasswordThe username to be checkedUsername/login for userShould be ClearTextSet remember token?+An existing user, somehow looked up from dbA ClearText password+An existing user, somehow looked up from dbLooked up from the back-endCheck against this password8Lookup action to perform if request local cache is empty Login fieldPassword fieldUsername fieldPassword field9Remember field; Nothing if you want no remember function. Upon failure Upon successWhat to do after logging outLens reference to an  AuthManager,Do this if no authenticated user is present.,Do this if an authenticated user is present.%The function to run with the handler. None"#1;<=>?CFKQSTUV[ =Add all standard auth splices to a Heist-enabled application.MThis adds the following splices: <ifLoggedIn> <ifLoggedOut> <loggedInUser> PList containing compiled splices for ifLoggedIn, ifLoggedOut, and loggedInUser. :Function to generate interpreted splices from an AuthUser. Compiled splices for AuthUser. zA splice that can be used to check for existence of a user. If a user is present, this will run the contents of the node. C<ifLoggedIn> Show this when there is a logged in user </ifLoggedIn>zA splice that can be used to check for existence of a user. If a user is present, this will run the contents of the node. C<ifLoggedIn> Show this when there is a logged in user </ifLoggedIn> |A splice that can be used to check for absence of a user. If a user is not present, this will run the contents of the node. E<ifLoggedOut> Show this when there is a logged in user </ifLoggedOut>|A splice that can be used to check for absence of a user. If a user is not present, this will run the contents of the node. E<ifLoggedOut> Show this when there is a logged in user </ifLoggedOut>KA splice that will simply print the current user's login, if there is one.KA splice that will simply print the current user's login, if there is one.A lens reference to        None"#1;<=>?CFKQSTUVdVJSON user back-end stores the user data and indexes for login and token based logins.the actual datastorefast lookup for login fieldfast lookup for email fieldfast lookup for remember tokensuser id counterInitialize a JSON file backed @Load/create a datafile into memory cache and return the manager.FThis data type can be used by itself for batch/non-handler processing.$Authentication settings for your app Lens into a  auth snaplet will use Where to store user data as JSONNone"#1;<=>?CFKQSTUVef     f     None"#1;<=>?CFKQSTUV WRemove the given file before running an IO computation. Obviously it can be used with  Assertion.!Utility function taken from Darcs2Helper to keep "runHandler" and "evalHandler" DRY.bHelper to allow multiple calls to "runHandler" or "evalHandler" without multiple initializations.Given a Snaplet Handler and a ? defining a test request, runs the Handler, producing an HTTP 1.BNote that the output of this function is slightly different from O defined in Snap.Test, because due to the fact running the initializer inside ' can throw an exception.A variant of runHandler that takes the Snaplet and InitializerState as produced by getSnaplet, so those can be re-used across requests. It does not run cleanup actions, so closeSnaplet should be used when finished.Given a Snaplet Handler, a '' specifying the initial state, and a V defining a test request, runs the handler, returning the monadic value it produces.Throws an exception if the  handler early-terminates with  or mzero.Note that the output of this function is slightly different from 'evalHandler defined in Snap.Test, because due to the fact running the initializer inside ' can throw an exception.A variant of evalHandler that takes the Snaplet and InitializerState as produced by getSnaplet, so those can be re-used across requests. It does not run cleanup actions, so closeSnaplet should be used when finished.JRun the given initializer, yielding a tuple where the first element is a  Snaplet be, or an error message whether the initializer threw an exception. This is only needed for runHandler'/evalHandler'.Run cleanup for an initializer. Should be run after finished using the state that getSnaplet returned. Only needed if using getSnaplet and evalHandler '/runHandler'.  !!"#$%&'()*+,-./0123456789:;<=>?@ABCDEFGHIJKLMNOPQRSTUVWXYZ[\]^_`abcdefghijklmnopqrstuvwxyz{|}~fgikmxyz{wstuvopqr}copqr                       ! "##$%&'(.-)*+,,-./01233(45678.-9:;<=>?@ABCDEFGHIJCDKLMNOPQRSPTU'VWXYZ[(\]^_`abcde)>*fghijjk+lmGnopqrstuPTvwPTxyz{|}~LMCCCDCDCDCDCDCDCDCDCDCDCDCDCDCDCDCDCDCDCDCDCDCDCDCDCDCDCDCDCDCDCDCDCDCDCDCDCDCDCDCDCDCDCDCDCDCDCDCDCDCDCDCDCDCDCDCDCDCDCDCDCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCC C C C C CCCCCCCCCCCCCCCCCCCC C!C"C#C$C%C&C'C(C)C*C+C,C-C.C/C012324252627289:;<=>?@ABCDEFGHIJKLMNOPQRSTUVWXYZ[\]^_`abcdefghijklmnopq r s t    u vwx y z s t  { |}~              C#snap-1.1.1.0-EOUsbwIIZeq44Cyz4zYmtUSnap.Snaplet.Config Snap.SnapletSnap.Snaplet.TestSnap.Snaplet.HeistNoClassSnap.Snaplet.HeistSnap.Snaplet.Heist.CompiledSnap.Snaplet.AuthSnap.Snaplet.Session.CommonSnap.Snaplet.Session#Snap.Snaplet.Session.SessionManager+Snap.Snaplet.Session.Backends.CookieSession#Snap.Snaplet.Auth.Backends.JsonFile Paths_snapSnap.Snaplet.Internal.LensedSnap.Snaplet.Internal.RSTSnap.Snaplet.Internal.LensTSnap.Snaplet.Internal.Types!Snap.Snaplet.Internal.InitializerSnap.Http.Server.Config defaultConfigSnap.Snaplet.Heist.InternalSnap.Snaplet.Heist.InterpretedSnap.Snaplet.Heist.GenericSnap.Snaplet.Auth.TypesSnap!Snap.Snaplet.Session.SecureCookieSnap.Snaplet.Session.Backends CookieSessionSessionSnap.Snaplet.Auth.AuthManagerSnap.Snaplet.Auth.HandlersSnap.Snaplet.Auth.SpliceHelpers AppConfigappEnvironmentappOptscommandLineAppConfig$fMonoidAppConfig$fSemigroupAppConfig SnapletConfigSnaplet InitializerInitializerStateHandler MonadSnapletwithwithTopwith'withTop'getLensgetOpaqueConfig SnapletLens snapletConfig snapletValue subSnapletgetSnapletAncestrygetSnapletFilePathgetSnapletNamegetSnapletDescriptiongetSnapletUserConfiggetSnapletRootURL snapletURLgetSnapletStateputSnapletStatemodifySnapletStategetsSnapletStategetRoutePatternsetRoutePatternfailIfNotLocal reloadSitebracketHandler SnapletInit getRoutesgetEnvironmentaddPostInitHookaddPostInitHookBase makeSnaplet nestSnaplet embedSnaplet nameSnaplet addRouteswrapSiteonUnload printInfo modifyMaster runSnaplet combineConfig serveSnapletserveSnapletNoArgParsing loadAppConfigHeist DefaultModeCompiled Interpreted heistReloaderSnapletISpliceSnapletCSplice SnapletHeistclearHeistCache heistInit heistInit'setInterpreted addTemplatesaddTemplatesAtgetCurHeistConfig getHeistStatemodifyHeistState'modifyHeistStatewithHeistState'withHeistState addConfigrenderrenderAs heistServeheistServeSinglecRender cRenderAs cHeistServecHeistServeSingle chooseModegRender gRenderAs gHeistServegHeistServeSingle heistLocal' heistLocal withSplices' withSplicesrenderWithSplices'renderWithSplices$fMonadSnapHeistTHasHeist heistLens AuthSettingsasMinPasswdLenasRememberCookieNameasRememberPeriod asLockout asSiteKeyAuthUseruserId userLogin userEmail userPassworduserActivatedAtuserSuspendedAtuserRememberTokenuserLoginCountuserFailedLoginCountuserLockedOutUntiluserCurrentLoginAtuserLastLoginAtuserCurrentLoginIpuserLastLoginIp userCreatedAt userUpdatedAtuserResetTokenuserResetRequestedAt userRolesuserMetaRoleUserIdunUid AuthFailure AuthError BackendErrorDuplicateLoginEncryptedPasswordIncorrectPassword LockedOutPasswordMissingUsernameMissing UserNotFoundPassword ClearText EncryptedencryptverifyencryptPassword checkPassword defAuthUser setPassworddefAuthSettingsauthSettingsFromConfigRNGwithRNGmkRNG randomToken mkCSRFToken SecureCookiegetSecureCookiedecodeSecureCookiesetSecureCookieencodeSecureCookieexpireSecureCookie checkTimeoutISessionManagerloadcommitresettouchinsertlookupdeletecsrftoListSessionManager withSession commitSession setInSessiongetFromSessiondeleteFromSession csrfToken sessionToList resetSession touchSessioninitCookieSessionManager$fSerializeCookieSession%$fISessionManagerCookieSessionManager$fEqCookieSession$fShowCookieSession $fEqPayload $fShowPayload $fOrdPayload$fSerializePayload AuthManagerbackendsession activeUser minPasswdLenrememberCookieNamerememberCookieDomainrememberPeriodsiteKeylockoutrandomNumberGenerator IAuthBackendsavelookupByUserId lookupByLogin lookupByEmaillookupByRememberTokendestroy createUserusernameExistsloginByUsernameloginByRememberTokenlogout currentUser isLoggedInsaveUser destroyUser markAuthFailmarkAuthSuccesscheckPasswordAndLogin forceLoginauthenticatePassword registerUser loginUser logoutUser requireUser withBackendsetPasswordResetTokenclearPasswordResetTokenaddAuthSplicescompiledAuthSplices userISplices userCSplices ifLoggedIn ifLoggedOut loggedInUserinitJsonFileAuthManager mkJsonAuthMgr$fFromJSONUserCache$fToJSONUserCache!$fIAuthBackendJsonFileAuthManagerwithTemporaryFile runHandler runHandler' evalHandler evalHandler' getSnaplet closeSnapletversion getBinDir getLibDir getDynLibDir getDataDir getLibexecDir getSysconfDirgetDataFileNameLensedunlensed lensedLocalglobally lensedAsStategetBaseembedlocally runLensedRSTrunRSTevalRSTexecRSTwithRSTmapRSTrwsBindLensTputBaselGetlPutrunLensT withLensT_scRoutePattern _reloader_snapletModifier buildPath getRootURLHook _handlers_hFilter _curConfigmasterReloader(snap-core-1.0.3.2-GysnAev0lX59OXXuKjD4nDSnap.Internal.Core MonadSnap"lens-4.16.1-DhUCjvjRnWv92AFYeDQEcrControl.Lens.TH makeLenses runPureBase isLocalhost bracketSnapbaseGHC.Basefail$fMonadReadervHandler mtl-2.2.1-DscMMmDQUE6GBfOSl4qMUHControl.Monad.Reader.Class MonadReader$fMonadStatevHandlerControl.Monad.State.Class MonadState_scRouteContext _scUserConfig_scDescription_scId _scFilePath _scAncestry _snapletValue_snapletConfigreloader scAncestry scDescription scFilePathscIdscRouteContextscRoutePattern scUserConfig _environment _initMessages_cleanup _isTopLevel StMHandler unStMHandler _unHandlersnapletModifiercleanup curConfig environmenthFilterhandlers initMessages isTopLeveliGetgetiModifymodifyiGets toSnapletHookupHookupHook' modifyCfgsetupFilesystem mkSnaplet bracketInitsetupSnapletCallchroot chrootHandler mkReloaderrunBaserunInitializerloadAppConfig'*snap-server-1.1.0.0-FmVTMlVJQDf68px0U4QazQ Snap.Internal.Http.Server.ConfigConfig gHeistInitheistInitWorker finalLoadHook ConfiguringRunning_defMode _heistCTS _heistState _masterConfig _heistConfigdefModeheistCTS heistConfig heistState masterConfigmapBoth iRenderHelper cRenderHelper heist-1.1-9cJ4pwMCPnWLEuZz00FLioHeist.Internal.Types.HeistState HeistStateNothingdefaultStrengthSnap.Internal.Routing routeLocalroutegetTimeoutModifier modifyTimeout extendTimeout setTimeout expireCookie readCookie getCookiegetQueryParams getPostParams getParams getQueryParam getPostParamgetParamrunSnap escapeHttpterminateConnectionipHeaderFilter'ipHeaderFilter withResponse withRequest localRequestsendFilePartialsendFile writeLazyText writeTextwriteLBSwriteBS writeBuilder addToOutputlogError redirect'redirectmodifyResponse modifyRequest putRequest putResponse getsResponse getResponse getsRequest getRequestifToppathArgpathdirmethodsmethodpasscatchFinishWith finishWithtransformRequestBodyreadRequestBodyrunRequestBodyliftSnapEscapeHttpHandler EscapeSnapTerminateConnection EscapeHttpNoHandlerExceptionSnap.Internal.ParsingprintUrlEncodedbuildUrlEncodedparseUrlEncodedurlEncodeBuilder urlEncode urlDecodeSnap.Internal.Http.Types rqRemotePort rqRemoteAddr parseHttpTimeformatHttpTimeclearContentLengthsetContentLengthmodifyResponseCookiedeleteResponseCookiegetResponseCookiesgetResponseCookieaddResponseCookiesetContentTypemodifyResponseBodysetResponseCodesetResponseStatussetResponseBody emptyResponse rqSetParamrqModifyParams rqQueryParam rqPostParamrqParam deleteHeader listHeaders getHeader setHeader addHeader HasHeadersheaders updateHeadersMethodGETHEADPOSTPUTDELETETRACEOPTIONSCONNECTPATCH HttpVersionCookie cookieName cookieValue cookieExpires cookieDomain cookiePath cookieSecurecookieHttpOnlyParamsRequest rqHostName rqClientAddr rqClientPort rqServerAddr rqServerPortrqLocalHostname rqIsSecure rqHeadersrqContentLengthrqMethod rqVersion rqCookies rqPathInfo rqContextPathrqURI rqQueryStringrqParams rqQueryParams rqPostParamsResponse rspStatusrspStatusReasonSnap.Types.HeadersHeadersSnap.Http.ServersetUnicodeLocalequickHttpServe httpServesimpleHttpServe rawHttpServesnapServerVersionhaProxy xForwardedFornoProxyfmapOptextendedCommandLineConfigcommandLineConfig optDescrscompleteConfiggetStartupConfiggetStartupSocketssetStartupHook setProxyTypesetOthersetDefaultTimeoutsetErrorHandler setVerbosesetCompressionsetUnixSocketAccessMode setUnixSocket setSSLKeysetSSLChainCert setSSLCert setSSLBind setSSLPortsetBindsetPort setLocale setErrorLog setAccessLog setHostnamegetStartupHook getProxyTypegetOthergetDefaultTimeoutgetErrorHandler getVerbosegetCompressiongetUnixSocketAccessMode getUnixSocket getSSLKeygetSSLChainCert getSSLCert getSSLBind getSSLPortgetBindgetPort getLocale getErrorLog getAccessLog getHostname emptyConfig ProxyType ConfigLog ConfigNoLog ConfigFileLog ConfigIoLog StartupInfo loadSessionPayloadCookieSessionManagertimeOut3unordered-containers-0.2.8.0-3iSQJVS3Sio885UUC852ojData.HashMap.BaseHashMap getPayload setPayload csCSRFToken csSession buildAuthUsersetSessionUserIdremoveSessionUserIdgetSessionUserId cacheOrLookupmodPasswordResetTokengetRememberTokensetRememberToken loginUser' cIfLoggedIn cIfLoggedOut cLoggedInUser UserCacheuidCache loginCache emailCache tokenCache uidCounterJsonFileAuthManagermemcachedbfileremoveFileMayNotExistexecHandlerComputationexecHandlerSnaplet!Snap.Internal.Test.RequestBuilderRequestBuilder