packages feed

servant-auth-token 0.4.1.1 → 0.4.2.0

raw patch · 4 files changed

+43/−3 lines, 4 filesPVP ok

version bump matches the API change (PVP)

API changes (from Hackage documentation)

+ Servant.Server.Auth.Token: authCheckPermissionsMethod :: AuthHandler m => MToken' '["auth-check"] -> OnlyField "permissions" [Permission] -> m Bool
+ Servant.Server.Auth.Token: authGetUserIdMethod :: AuthHandler m => MToken' '["auth-userid"] -> m (OnlyId UserId)

Files

CHANGELOG.md view
@@ -1,3 +1,14 @@+0.4.2.0+=======++* Add implementation for `AuthCheckPermissionsMethod` and `AuthGetUserIdMethod` endpoints.++0.4.1.1+=======++* Relax `aeson` and `opt-parse-applicative` bounds.+* Add `monad-control` instances.+ 0.4.1.0 ======= 
servant-auth-token.cabal view
@@ -1,5 +1,5 @@ name:                servant-auth-token-version:             0.4.1.1+version:             0.4.2.0 synopsis:            Servant based API and server for token based authorisation description:         Please see README.md homepage:            https://github.com/ncrashed/servant-auth-token#readme
src/Servant/Server/Auth/Token.hs view
@@ -57,6 +57,8 @@   , authGroupPatch   , authGroupDelete   , authGroupList+  , authCheckPermissionsMethod+  , authGetUserIdMethod   -- * Low-level API   , getAuthToken   ) where@@ -109,6 +111,8 @@   :<|> authGroupPatch   :<|> authGroupDelete   :<|> authGroupList+  :<|> authCheckPermissionsMethod+  :<|> authGetUserIdMethod  -- | Implementation of "signin" method authSignin :: AuthHandler m@@ -539,3 +543,21 @@         pagedListItems = catMaybes groups       , pagedListPages = ceiling $ (fromIntegral total :: Double) / fromIntegral size       }++-- | Check that the token has required permissions and return 'False' if it doesn't.+authCheckPermissionsMethod :: AuthHandler m+  => MToken' '["auth-check"] -- ^ Authorisation header with token+  -> OnlyField "permissions" [Permission] -- ^ Body with permissions to check+  -> m Bool -- ^ 'True' if all permissions are OK, 'False' if some permissions are not set for token and 401 error if the token doesn't have 'auth-check' permission.+authCheckPermissionsMethod token (OnlyField perms) = do+  guardAuthToken token+  let check = const True <$> guardAuthToken' (unToken <$> token) perms+  check `catchError` (\e -> if errHTTPCode e == 401 then pure True else throwError e)++-- | Get user ID for the owner of the speified token.+authGetUserIdMethod :: AuthHandler m+  => MToken' '["auth-userid"] -- ^ Authorisation header with token+  -> m (OnlyId UserId)+authGetUserIdMethod token = do+  guardAuthToken token+  OnlyField . respUserId <$> authToken (downgradeToken token)
stack.yaml view
@@ -39,24 +39,31 @@ - '.' - 'servant-auth-token-acid' - 'servant-auth-token-persistent'+- 'servant-auth-token-leveldb' - 'example/acid' - 'example/persistent'+- 'example/leveldb' # - location: #     git: https://github.com/NCrashed/servant-auth-token-api.git #     commit: d011f7bfecd18d07ff67ce9f67f8741e110a2719 #   extra-dep: true-- '../servant-auth-token-api'+# - '../servant-auth-token-api'  # Dependency packages to be pulled from upstream that are not in the resolver # (e.g., acme-missiles-0.3) extra-deps: - aeson-injector-1.0.7.0+- concurrent-extra-0.7.0.10 - http-api-data-0.3.5 - natural-transformation-0.4+- safecopy-store-0.9.2 - servant-0.9+- servant-auth-token-api-0.4.1.0 - servant-docs-0.9-- servant-auth-token-api-0.3.1.0 - servant-server-0.9+- store-0.3.1+- store-core-0.3+- th-utilities-0.2.0.1  # Override default flag values for local packages and extra-deps flags: {}