| Safe Haskell | Safe-Inferred |
|---|---|
| Language | Haskell2010 |
Yesod.Auth
Synopsis
- data Auth
- type AuthRoute = Route Auth
- data family Route a
- data AuthPlugin master = AuthPlugin {
- apName :: Text
- apDispatch :: Method -> [Piece] -> AuthHandler master TypedContent
- apLogin :: (Route Auth -> Route master) -> WidgetFor master ()
- getAuth :: a -> Auth
- class (Yesod master, PathPiece (AuthId master), RenderMessage master FormMessage) => YesodAuth master where
- type AuthId master
- authLayout :: (MonadHandler m, HandlerSite m ~ master) => WidgetFor master () -> m Html
- loginDest :: master -> Route master
- logoutDest :: master -> Route master
- authenticate :: (MonadHandler m, HandlerSite m ~ master) => Creds master -> m (AuthenticationResult master)
- getAuthId :: (MonadHandler m, HandlerSite m ~ master) => Creds master -> m (Maybe (AuthId master))
- authPlugins :: master -> [AuthPlugin master]
- loginHandler :: AuthHandler master Html
- renderAuthMessage :: master -> [Text] -> AuthMessage -> Text
- redirectToReferer :: master -> Bool
- redirectToCurrent :: master -> Bool
- authHttpManager :: (MonadHandler m, HandlerSite m ~ master) => m Manager
- onLogin :: (MonadHandler m, master ~ HandlerSite m) => m ()
- onLogout :: (MonadHandler m, master ~ HandlerSite m) => m ()
- maybeAuthId :: (MonadHandler m, master ~ HandlerSite m) => m (Maybe (AuthId master))
- onErrorHtml :: (MonadHandler m, HandlerSite m ~ master) => Route master -> Text -> m Html
- runHttpRequest :: (MonadHandler m, HandlerSite m ~ master, MonadUnliftIO m) => Request -> (Response BodyReader -> m a) -> m a
- class (YesodAuth master, YesodPersist master) => YesodAuthPersist master where
- type AuthEntity master :: Type
- getAuthEntity :: (MonadHandler m, HandlerSite m ~ master) => AuthId master -> m (Maybe (AuthEntity master))
- data Creds master = Creds {
- credsPlugin :: Text
- credsIdent :: Text
- credsExtra :: [(Text, Text)]
- setCreds :: (MonadHandler m, YesodAuth (HandlerSite m)) => Bool -> Creds (HandlerSite m) -> m ()
- setCredsRedirect :: (MonadHandler m, YesodAuth (HandlerSite m)) => Creds (HandlerSite m) -> m TypedContent
- clearCreds :: (MonadHandler m, YesodAuth (HandlerSite m)) => Bool -> m ()
- loginErrorMessage :: (MonadHandler m, YesodAuth (HandlerSite m)) => Route (HandlerSite m) -> Text -> m TypedContent
- loginErrorMessageI :: Route Auth -> AuthMessage -> AuthHandler master TypedContent
- data AuthenticationResult master
- = Authenticated (AuthId master)
- | UserError AuthMessage
- | ServerError Text
- defaultMaybeAuthId :: (MonadHandler m, HandlerSite m ~ master, YesodAuthPersist master, Typeable (AuthEntity master)) => m (Maybe (AuthId master))
- defaultLoginHandler :: AuthHandler master Html
- maybeAuthPair :: (YesodAuthPersist master, Typeable (AuthEntity master), MonadHandler m, HandlerSite m ~ master) => m (Maybe (AuthId master, AuthEntity master))
- maybeAuth :: (YesodAuthPersist master, val ~ AuthEntity master, Key val ~ AuthId master, PersistEntity val, Typeable val, MonadHandler m, HandlerSite m ~ master) => m (Maybe (Entity val))
- requireAuthId :: (MonadHandler m, YesodAuth (HandlerSite m)) => m (AuthId (HandlerSite m))
- requireAuthPair :: (YesodAuthPersist master, Typeable (AuthEntity master), MonadHandler m, HandlerSite m ~ master) => m (AuthId master, AuthEntity master)
- requireAuth :: (YesodAuthPersist master, val ~ AuthEntity master, Key val ~ AuthId master, PersistEntity val, Typeable val, MonadHandler m, HandlerSite m ~ master) => m (Entity val)
- data AuthException = InvalidFacebookResponse
- type MonadAuthHandler master m = (MonadHandler m, YesodAuth master, master ~ HandlerSite m, Auth ~ SubHandlerSite m, MonadUnliftIO m)
- type AuthHandler master a = forall m. MonadAuthHandler master m => m a
- credsKey :: Text
- provideJsonMessage :: Monad m => Text -> Writer (Endo [ProvidedRep m]) ()
- messageJson401 :: MonadHandler m => Text -> m Html -> m TypedContent
- asHtml :: Html -> Html
Subsite
Instances
| ParseRoute Auth Source # | |
Defined in Yesod.Auth.Routes | |
| RenderRoute Auth Source # | |
| RouteAttrs Auth Source # | |
Defined in Yesod.Auth.Routes | |
| YesodAuth master => YesodSubDispatch Auth master Source # | |
Defined in Yesod.Auth Methods yesodSubDispatch :: YesodSubRunnerEnv Auth master -> Application # | |
| Read (Route Auth) Source # | |
| Show (Route Auth) Source # | |
| Eq (Route Auth) Source # | |
| data Route Auth Source # | |
The type-safe URLs associated with a site argument.
Instances
data AuthPlugin master Source #
Constructors
| AuthPlugin | |
Fields
| |
class (Yesod master, PathPiece (AuthId master), RenderMessage master FormMessage) => YesodAuth master where Source #
Minimal complete definition
loginDest, logoutDest, (authenticate | getAuthId), authPlugins
Methods
authLayout :: (MonadHandler m, HandlerSite m ~ master) => WidgetFor master () -> m Html Source #
specify the layout. Uses defaultLayout by default
loginDest :: master -> Route master Source #
Default destination on successful login, if no other destination exists.
logoutDest :: master -> Route master Source #
Default destination on successful logout, if no other destination exists.
authenticate :: (MonadHandler m, HandlerSite m ~ master) => Creds master -> m (AuthenticationResult master) Source #
Perform authentication based on the given credentials.
Default implementation is in terms of getAuthId
@since: 1.4.4
getAuthId :: (MonadHandler m, HandlerSite m ~ master) => Creds master -> m (Maybe (AuthId master)) Source #
Deprecated: Define authenticate instead; getAuthId will be removed in the next major version
Determine the ID associated with the set of credentials.
Default implementation is in terms of authenticate
authPlugins :: master -> [AuthPlugin master] Source #
Which authentication backends to use.
loginHandler :: AuthHandler master Html Source #
What to show on the login page.
By default this calls defaultLoginHandler, which concatenates
plugin widgets and wraps the result in authLayout. Override if
you need fancy widget containers, additional functionality, or an
entirely custom page. For example, in some applications you may
want to prevent the login page being displayed for a user who is
already logged in, even if the URL is visited explicitly; this can
be done by overriding loginHandler in your instance declaration
with something like:
instance YesodAuth App where
...
loginHandler = do
ma <- lift maybeAuthId
when (isJust ma) $
lift $ redirect HomeR -- or any other Handler code you want
defaultLoginHandlerArguments
| :: master | |
| -> [Text] | languages |
| -> AuthMessage | |
| -> Text |
Used for i18n of messages provided by this package.
redirectToReferer :: master -> Bool Source #
After login and logout, redirect to the referring page, instead of
loginDest and logoutDest. Default is False.
redirectToCurrent :: master -> Bool Source #
When being redirected to the login page should the current page
be set to redirect back to. Default is True.
Since: 1.4.21
authHttpManager :: (MonadHandler m, HandlerSite m ~ master) => m Manager Source #
Return an HTTP connection manager that is stored in the foundation
type. This allows backends to reuse persistent connections. If none of
the backends you're using use HTTP connections, you can safely return
error "authHttpManager" here.
onLogin :: (MonadHandler m, master ~ HandlerSite m) => m () Source #
Called on a successful login. By default, calls
addMessageI "success" NowLoggedIn.
onLogout :: (MonadHandler m, master ~ HandlerSite m) => m () Source #
Called on logout. By default, does nothing
maybeAuthId :: (MonadHandler m, master ~ HandlerSite m) => m (Maybe (AuthId master)) Source #
Retrieves user credentials, if user is authenticated.
By default, this calls defaultMaybeAuthId to get the user ID from the
session. This can be overridden to allow authentication via other means,
such as checking for a special token in a request header. This is
especially useful for creating an API to be accessed via some means
other than a browser.
Since: 1.2.0
default maybeAuthId :: (MonadHandler m, master ~ HandlerSite m, YesodAuthPersist master, Typeable (AuthEntity master)) => m (Maybe (AuthId master)) Source #
onErrorHtml :: (MonadHandler m, HandlerSite m ~ master) => Route master -> Text -> m Html Source #
Called on login error for HTTP requests. By default, calls
addMessage with "error" as status and redirects to dest.
runHttpRequest :: (MonadHandler m, HandlerSite m ~ master, MonadUnliftIO m) => Request -> (Response BodyReader -> m a) -> m a Source #
runHttpRequest gives you a chance to handle an HttpException and retry The default behavior is to simply execute the request which will throw an exception on failure
The HTTP Request is given in case it is useful to change behavior based on inspecting the request.
This is an experimental API that is not broadly used throughout the yesod-auth code base
class (YesodAuth master, YesodPersist master) => YesodAuthPersist master where Source #
Class which states that the given site is an instance of YesodAuth
and that its AuthId is a lookup key for the full user information in
a YesodPersist database.
The default implementation of getAuthEntity assumes that the AuthId
for the YesodAuth superclass is in fact a persistent Key for the
given value. This is the common case in Yesod, and means that you can
easily look up the full information on a given user.
Since: 1.4.0
Minimal complete definition
Nothing
Associated Types
type AuthEntity master :: Type Source #
If the AuthId for a given site is a persistent ID, this will give the
value for that entity. E.g.:
type AuthId MySite = UserId AuthEntity MySite ~ User
Since: 1.2.0
type AuthEntity master = KeyEntity (AuthId master)
Methods
getAuthEntity :: (MonadHandler m, HandlerSite m ~ master) => AuthId master -> m (Maybe (AuthEntity master)) Source #
default getAuthEntity :: (YesodPersistBackend master ~ backend, PersistRecordBackend (AuthEntity master) backend, Key (AuthEntity master) ~ AuthId master, PersistStore backend, MonadHandler m, HandlerSite m ~ master) => AuthId master -> m (Maybe (AuthEntity master)) Source #
Plugin interface
User credentials
Constructors
| Creds | |
Fields
| |
Arguments
| :: (MonadHandler m, YesodAuth (HandlerSite m)) | |
| => Bool | if HTTP redirects should be done |
| -> Creds (HandlerSite m) | new credentials |
| -> m () |
Sets user credentials for the session after checking them with authentication backends.
Arguments
| :: (MonadHandler m, YesodAuth (HandlerSite m)) | |
| => Creds (HandlerSite m) | new credentials |
| -> m TypedContent |
Arguments
| :: (MonadHandler m, YesodAuth (HandlerSite m)) | |
| => Bool | if HTTP, redirect to |
| -> m () |
Clears current user credentials for the session.
Since: 1.1.7
loginErrorMessage :: (MonadHandler m, YesodAuth (HandlerSite m)) => Route (HandlerSite m) -> Text -> m TypedContent Source #
For HTML, set the message and redirect to the route. For JSON, send the message and a 401 status
loginErrorMessageI :: Route Auth -> AuthMessage -> AuthHandler master TypedContent Source #
User functions
data AuthenticationResult master Source #
The result of an authentication based on credentials
Since: 1.4.4
Constructors
| Authenticated (AuthId master) | Authenticated successfully |
| UserError AuthMessage | Invalid credentials provided by user |
| ServerError Text | Some other error |
defaultMaybeAuthId :: (MonadHandler m, HandlerSite m ~ master, YesodAuthPersist master, Typeable (AuthEntity master)) => m (Maybe (AuthId master)) Source #
Retrieves user credentials from the session, if user is authenticated.
This function does not confirm that the credentials are valid, see
maybeAuthIdRaw for more information. The first call in a request
does a database request to make sure that the account is still in the database.
Since: 1.1.2
defaultLoginHandler :: AuthHandler master Html Source #
Default handler to show the login page.
This is the default loginHandler. It concatenates plugin widgets and
wraps the result in authLayout. See loginHandler for more details.
Since: 1.4.9
maybeAuthPair :: (YesodAuthPersist master, Typeable (AuthEntity master), MonadHandler m, HandlerSite m ~ master) => m (Maybe (AuthId master, AuthEntity master)) Source #
Similar to maybeAuth, but doesn’t assume that you are using a
Persistent database.
Since: 1.4.0
maybeAuth :: (YesodAuthPersist master, val ~ AuthEntity master, Key val ~ AuthId master, PersistEntity val, Typeable val, MonadHandler m, HandlerSite m ~ master) => m (Maybe (Entity val)) Source #
Similar to maybeAuthId, but additionally look up the value associated
with the user's database identifier to get the value in the database. This
assumes that you are using a Persistent database.
Since: 1.1.0
requireAuthId :: (MonadHandler m, YesodAuth (HandlerSite m)) => m (AuthId (HandlerSite m)) Source #
Similar to maybeAuthId, but redirects to a login page if user is not
authenticated or responds with error 401 if this is an API client (expecting JSON).
Since: 1.1.0
requireAuthPair :: (YesodAuthPersist master, Typeable (AuthEntity master), MonadHandler m, HandlerSite m ~ master) => m (AuthId master, AuthEntity master) Source #
Similar to requireAuth, but not tied to Persistent's Entity type.
Instead, the AuthId and AuthEntity are returned in a tuple.
Since: 1.4.0
requireAuth :: (YesodAuthPersist master, val ~ AuthEntity master, Key val ~ AuthId master, PersistEntity val, Typeable val, MonadHandler m, HandlerSite m ~ master) => m (Entity val) Source #
Similar to maybeAuth, but redirects to a login page if user is not
authenticated or responds with error 401 if this is an API client (expecting JSON).
Since: 1.1.0
Exception
data AuthException Source #
Constructors
| InvalidFacebookResponse |
Instances
| Exception AuthException Source # | |
Defined in Yesod.Auth Methods toException :: AuthException -> SomeException # fromException :: SomeException -> Maybe AuthException # displayException :: AuthException -> String # | |
| Show AuthException Source # | |
Defined in Yesod.Auth Methods showsPrec :: Int -> AuthException -> ShowS # show :: AuthException -> String # showList :: [AuthException] -> ShowS # | |
Helper
type MonadAuthHandler master m = (MonadHandler m, YesodAuth master, master ~ HandlerSite m, Auth ~ SubHandlerSite m, MonadUnliftIO m) Source #
type AuthHandler master a = forall m. MonadAuthHandler master m => m a Source #
Internal
Internal session key used to hold the authentication information.
Since: 1.2.3
provideJsonMessage :: Monad m => Text -> Writer (Endo [ProvidedRep m]) () Source #
messageJson401 :: MonadHandler m => Text -> m Html -> m TypedContent Source #
Orphan instances
| YesodAuth master => RenderMessage master AuthMessage Source # | |
Methods renderMessage :: master -> [Lang] -> AuthMessage -> Text # | |
| YesodAuth master => YesodSubDispatch Auth master Source # | |
Methods yesodSubDispatch :: YesodSubRunnerEnv Auth master -> Application # | |