Safe Haskell | None |
---|---|
Language | Haskell2010 |
Support for basic access authentication http://en.wikipedia.org/wiki/Basic_access_authentication
Synopsis
- basicAuth :: Happstack m => String -> Map String String -> m a -> m a
- basicAuthBy :: Happstack m => (ByteString -> ByteString -> Bool) -> String -> m a -> m a
- validLoginPlaintext :: Map String String -> ByteString -> ByteString -> Bool
Documentation
:: Happstack m | |
=> String | the realm name |
-> Map String String | the username password map |
-> m a | the part to guard |
-> m a |
A simple HTTP basic authentication guard.
If authentication fails, this part will call mzero
.
example:
main = simpleHTTP nullConf $ msum [ basicAuth "127.0.0.1" (fromList [("happstack","rocks")]) $ ok "You are in the secret club" , ok "You are not in the secret club." ]
:: Happstack m | |
=> (ByteString -> ByteString -> Bool) | function that returns true if the name password combination is valid |
-> String | the realm name |
-> m a | the part to guard |
-> m a |
Generalized version of basicAuth
.
The function that checks the username password combination must be supplied as first argument.
example:
main = simpleHTTP nullConf $ msum [ basicAuth' (validLoginPlaintext (fromList [("happstack","rocks")])) "127.0.0.1" $ ok "You are in the secret club" , ok "You are not in the secret club." ]
:: Map String String | the username password map |
-> ByteString | the username |
-> ByteString | the password |
-> Bool |
Function that looks up the plain text password for username in a Map and returns True if it matches with the given password.
Note: The implementation is hardened against timing attacks but not completely safe. Ideally you should build your own predicate, using a robust constant-time equality comparison from a cryptographic library like sodium.