users- A library simplifying user management for web applications

Safe HaskellNone




The core type class

class IsUserBackend b => UserStorageBackend b where Source #

An abstract backend for managing users. A backend library should implement the interface and an end user should build applications on top of this interface.

Associated Types

type UserId b :: * Source #

The storage backends userid


initUserBackend :: b -> IO () Source #

Initialise the backend. Call once on application launch to for example create missing database tables

destroyUserBackend :: b -> IO () Source #

Destory the backend. WARNING: This is only for testing! It deletes all tables and data.

housekeepBackend :: b -> IO () Source #

This cleans up invalid sessions and other tokens. Call periodically as needed.

getUserIdByName :: b -> Text -> IO (Maybe (UserId b)) Source #

Retrieve a user id from the database

getUserById :: b -> UserId b -> IO (Maybe User) Source #

Retrieve a user from the database

listUsers :: b -> Maybe (Int64, Int64) -> SortBy UserField -> IO [(UserId b, User)] Source #

List all users unlimited, or limited, sorted by a UserField

countUsers :: b -> IO Int64 Source #

Count all users

createUser :: b -> User -> IO (Either CreateUserError (UserId b)) Source #

Create a user

updateUser :: b -> UserId b -> (User -> User) -> IO (Either UpdateUserError ()) Source #

Modify a user

deleteUser :: b -> UserId b -> IO () Source #

Delete a user

authUser :: b -> Text -> PasswordPlain -> NominalDiffTime -> IO (Maybe SessionId) Source #

Authentificate a user using username/email and password. The NominalDiffTime describes the session duration

withAuthUser :: b -> Text -> (User -> Bool) -> (UserId b -> IO r) -> IO (Maybe r) Source #

Authentificate a user and execute a single action.

verifySession :: b -> SessionId -> NominalDiffTime -> IO (Maybe (UserId b)) Source #

Verify a SessionId. The session duration can be extended by NominalDiffTime

createSession :: b -> UserId b -> NominalDiffTime -> IO (Maybe SessionId) Source #

Force create a session for a user. This is useful for support/admin login. If the user does not exist, this will fail.

destroySession :: b -> SessionId -> IO () Source #

Destroy a session

requestPasswordReset :: b -> UserId b -> NominalDiffTime -> IO PasswordResetToken Source #

Request a PasswordResetToken for a given user, valid for NominalDiffTime

verifyPasswordResetToken :: b -> PasswordResetToken -> IO (Maybe User) Source #

Check if a PasswordResetToken is still valid and retrieve the owner of it

applyNewPassword :: b -> PasswordResetToken -> Password -> IO (Either TokenError ()) Source #

Apply a new password to the owner of PasswordResetToken iff the token is still valid

requestActivationToken :: b -> UserId b -> NominalDiffTime -> IO ActivationToken Source #

Request an ActivationToken for a given user, valid for NominalDiffTime

activateUser :: b -> ActivationToken -> IO (Either TokenError ()) Source #

Activate the owner of ActivationToken iff the token is still valid

User representation

data User Source #

Core user datatype




data Password Source #

Password representation. When updating or creating a user, use makePassword to create one. The implementation details of this type are ONLY for use in backend implementations.

makePassword :: PasswordPlain -> Password Source #

Construct a password from plaintext by hashing it

hidePassword :: User -> User Source #

Strip the password from the user type.

verifyPassword :: PasswordPlain -> Password -> Bool Source #

Check a plaintext password against a password

Token types

Error types

data TokenError Source #

Errors that happen on storage level during token actions



Helper typed

data SortBy t Source #

Sorting direction


SortAsc t 
SortDesc t