yesod-0.4.1: Creation of type-safe, RESTful web applications.

Yesod.Helpers.Auth

Contents

Synopsis

Subsite

data Auth Source

Each authentication subsystem (OpenId, Rpxnow, Email, Facebook) has its own settings. If those settings are not present, then relevant handlers will simply return a 404.

Constructors

Auth 

Fields

authIsOpenIdEnabled :: Bool
 
authRpxnowApiKey :: Maybe String
 
authEmailSettings :: Maybe AuthEmailSettings
 
authFacebook :: Maybe (String, String, [String])

client id, secret and requested permissions

Instances

YesodAuth master => YesodSubSite Auth master 

data AuthRoute Source

Constructors

Check 
Logout 
OpenIdR 
OpenIdForward 
OpenIdComplete 
RpxnowR 
FacebookR 
StartFacebookR 
EmailRegisterR 
EmailVerifyR Integer String 
EmailLoginR 
EmailPasswordR 

Instances

Settings

class Yesod master => YesodAuth master whereSource

Minimal complete definition: defaultDest and defaultLoginRoute.

Methods

defaultDest :: master -> Route masterSource

Default destination on successful login or logout, if no other destination exists.

defaultLoginRoute :: master -> Route masterSource

Default page to redirect user to for logging in.

onLogin :: Creds -> [(String, String)] -> GHandler Auth master ()Source

Callback for a successful login.

The second parameter can contain various information, depending on login mechanism.

randomKey :: master -> IO StringSource

Generate a random alphanumeric string.

This is used for verify string in email authentication.

data Creds Source

User credentials

Constructors

Creds 

Fields

credsIdent :: String

Identifier. Exact meaning depends on credsAuthType.

credsAuthType :: AuthType

How the user was authenticated

credsEmail :: Maybe String

Verified e-mail address.

credsDisplayName :: Maybe String

Display name.

credsId :: Maybe Integer

Numeric ID, if used.

credsFacebookToken :: Maybe AccessToken
 

Instances

data EmailCreds Source

Data stored in a database for each e-mail address.

Constructors

EmailCreds EmailId (Maybe SaltedPass) VerStatus VerKey 

data AuthType Source

Which subsystem authenticated the user.

Constructors

AuthOpenId 
AuthRpxnow 
AuthEmail 
AuthFacebook 

Instances

data AuthEmailSettings Source

For a sample set of settings for a trivial in-memory database, see inMemoryEmailSettings.

Constructors

AuthEmailSettings 

Fields

addUnverified :: Email -> VerKey -> IO EmailId
 
sendVerifyEmail :: Email -> VerKey -> VerUrl -> IO ()
 
getVerifyKey :: EmailId -> IO (Maybe VerKey)
 
verifyAccount :: EmailId -> IO ()
 
setPassword :: EmailId -> String -> IO ()
 
getEmailCreds :: Email -> IO (Maybe EmailCreds)
 
getEmail :: EmailId -> IO (Maybe Email)
 

inMemoryEmailSettings :: IO AuthEmailSettingsSource

A simplistic set of email settings, useful only for testing purposes. In particular, it doesn't actually send emails, but instead prints verification URLs to stderr.

Functions

maybeCreds :: RequestReader r => r (Maybe Creds)Source

Retrieves user credentials, if user is authenticated.

requireCreds :: YesodAuth master => GHandler sub master CredsSource

Retrieve user credentials. If user is not logged in, redirects to the defaultLoginRoute. Sets ultimate destination to current route, so user should be sent back here after authenticating.