-- Hoogle documentation, generated by Haddock
-- See Hoogle, http://www.haskell.org/hoogle/
-- | Yesod Middleware for HTTP Basic Authentication
--
@package yesod-auth-basic
@version 0.1.0.0
-- | A Yesod middleware for
--
-- This middleware performs a single authentication lookup per request
-- and uses the Yesod request-local caching mechanisms to store valid
-- auth credentials found in the Authorization header.
--
-- The recommended way to use this module is to override the
-- maybeAuthId to defaultMaybeBasicAuthId and supply a
-- lookup function.
--
--
-- instance YesodAuth App where
-- type AuthId App = Text
-- getAuthId = return . Just . credsIdent
-- maybeAuthId = defaultMaybeBasicAuthId checkCreds
-- where
-- checkCreds = k s -> return $ (k == "user")
-- && (s == "secret")
--
--
-- WWW-Authenticate challenges are currently not implemented. The current
-- workaround is to override the error handler:
--
--
-- instance Yesod App where
-- errorHandler NotAuthenticated = selectRep $
-- provideRep $ do
-- addHeader WWW-Authenticate $ T.concat
-- [ "RedirectJSON realm="Realm", param="myurl.com"" ]
-- -- send error response here
-- ...
-- errorHandler e = defaultErrorHandler e
-- ...
--
--
-- Proper response status on failed authentication is not implemented.
-- The current workaround is to override the Yesod typeclass
-- isAuthorized function to handle required auth routes. e.g.
--
--
-- instance Yesod App where
-- isAuthorized SecureR _ =
-- maybeAuthId >>= return . maybe AuthenticationRequired (const Authorized)
-- isAuthorized _ _ = Authorized
--
module Yesod.Auth.Http.Basic
-- | Retrieve the AuthId using Authorization header.
--
-- If valid credentials are found and authorized the auth id is cached.
--
-- TODO use more general type than Text to represent the auth id
defaultMaybeBasicAuthId :: (MonadIO m, MonadThrow m, MonadBaseControl IO m) => CheckCreds -> AuthSettings -> HandlerT site m (Maybe Text)
instance Typeable CachedBasicAuthId