packages feed

servant-auth-wordpress (empty) → 1.0.0.0

raw patch · 6 files changed

+204/−0 lines, 6 filesdep +basedep +mtldep +servant-serversetup-changed

Dependencies added: base, mtl, servant-server, text, time, wai, wordpress-auth

Files

+ CHANGELOG.md view
@@ -0,0 +1,5 @@+# ChangeLog++## v1.0.0.0++Initial Release
+ LICENSE view
@@ -0,0 +1,30 @@+Copyright Pavan Rikhi (c) 2018++All rights reserved.++Redistribution and use in source and binary forms, with or without+modification, are permitted provided that the following conditions are met:++    * Redistributions of source code must retain the above copyright+      notice, this list of conditions and the following disclaimer.++    * Redistributions in binary form must reproduce the above+      copyright notice, this list of conditions and the following+      disclaimer in the documentation and/or other materials provided+      with the distribution.++    * Neither the name of Pavan Rikhi nor the names of other+      contributors may be used to endorse or promote products derived+      from this software without specific prior written permission.++THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS+"AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT+LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR+A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT+OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,+SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT+LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,+DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY+THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT+(INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE+OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ README.md view
@@ -0,0 +1,16 @@+# servant-auth-wordpress++This package provides a Servant AuthHandler that validates Wordpress's+@LOGGED_IN@ authentication Cookie & the @wp_rest@ Nonce, returning either+an Authorized user with data or an Anonymous user, or calling an error+handler.++This allows you to access the currently logged in User when making AJAX+requests from a Wordpress site.++Check out the @wordpress-auth@ package for lower-level Wordpress Cookie &+Nonce manipulation.++## License++BSD 3-clause, exceptions possible.
+ Setup.hs view
@@ -0,0 +1,2 @@+import Distribution.Simple+main = defaultMain
+ servant-auth-wordpress.cabal view
@@ -0,0 +1,45 @@+cabal-version: 1.12++-- This file has been generated from package.yaml by hpack version 0.31.1.+--+-- see: https://github.com/sol/hpack+--+-- hash: 774a58469c47567c2bd34449f11d0de03d84be7de5c836df537173b5e8ba0ee4++name:           servant-auth-wordpress+version:        1.0.0.0+synopsis:       Authenticate Routes Using Wordpress Cookies+description:    This package provides a Servant AuthHandler that validates Wordpress's @LOGGED_IN@ authentication Cookie & the @wp_rest@ Nonce, returning either an Authorized user with data or an Anonymous user, or calling an error handler.+                .+                This allows you to access the currently logged in User when making AJAX requests from a Wordpress site.+                .+                Check out the @wordpress-auth@ package for lower-level Wordpress Cookie & Nonce manipulation.+category:       Web, Servant+homepage:       https://github.com/prikhi/wordpress-auth#readme+author:         Pavan Rikhi+maintainer:     pavan.rikhi@gmail.com+copyright:      BSD3+license:        BSD3+license-file:   LICENSE+build-type:     Simple+extra-source-files:+    README.md+    CHANGELOG.md++library+  exposed-modules:+      Servant.Auth.Wordpress+  other-modules:+      Paths_servant_auth_wordpress+  hs-source-dirs:+      src+  ghc-options: -Wall -Wcompat -Wincomplete-record-updates -Wincomplete-uni-patterns -Wredundant-constraints+  build-depends:+      base >=4.7 && <5+    , mtl >=2 && <3+    , servant-server >=0.14 && <0.16+    , text >=1 && <2+    , time >=1 && <2+    , wai >=3 && <4+    , wordpress-auth >=1 && <1.1+  default-language: Haskell2010
+ src/Servant/Auth/Wordpress.hs view
@@ -0,0 +1,106 @@+{- | This module presents a Servant 'AuthHandler' that validates+a @LOGGED_IN@ Wordpress Cookie & the @"wp_rest"@ Nonce.++You'll need to build a 'WPAuthConfig' for your application to pass to+the 'wpAuthHandler' function. The config defines some specifics about your+Wordpress site, as well as functions to pull a User's authentication data+& to handle authentication failures.++You must define the 'Servant.Server.Experimental.Auth.AuthServerData' type+instance yourself:++> type instance "AuthServerData" ("AuthProtect" \"wp\") = WPAuthorization (Entity User)++For more information, be sure to check out the+<https://haskell-servant.readthedocs.io/en/stable/tutorial/Authentication.html#generalized-authentication Generalized Authentication>+section of the servant tutorial.++If you want to build your own custom 'AuthHandler', check out the+"Wordpress.Auth" module.++-}+module Servant.Auth.Wordpress+    (+    -- * Auth Handlers+      wpAuthHandler+    , wpAuthorizedOnlyHandler+    , WPAuthorization(..)+    -- * Configs+    , WPAuthConfig(..)+    , CookieName(..)+    , AuthScheme(..)+    , WordpressKey+    , wpConfigKey+    , WordpressSalt+    , wpConfigSalt+    , UserAuthData(..)+    , WordpressUserId(..)+    , WordpressUserPass(..)+    , SessionToken(..)+    , decodeSessionTokens+    -- * Errors+    , WPAuthError(..)+    , CookieHeaderError(..)+    , CookieParseError(..)+    , CookieValidationError(..)+    )+where++import           Network.Wai                    ( Request+                                                , requestHeaders+                                                , queryString+                                                )+import           Servant                        ( Handler )+import           Servant.Server.Experimental.Auth+                                                ( AuthHandler+                                                , mkAuthHandler+                                                )+import           Wordpress.Auth                 ( WPAuthConfig(..)+                                                , UserAuthData(..)+                                                , WPAuthorization(..)+                                                , authorizeWordpressRequest+                                                , WPAuthError(..)+                                                , AuthScheme(..)+                                                , CookieName(..)+                                                , CookieHeaderError(..)+                                                , CookieParseError(..)+                                                , CookieValidationError(..)+                                                , WordpressUserId(..)+                                                , WordpressUserPass(..)+                                                , SessionToken(..)+                                                , decodeSessionTokens+                                                , WordpressKey+                                                , wpConfigKey+                                                , WordpressSalt+                                                , wpConfigSalt+                                                , findCookie+                                                )+++-- | A Servant Authentication Handler that valiates a @logged_in@ Cookie+-- & a @wp_rest@ Nonce.+wpAuthHandler+    :: WPAuthConfig Handler a -> AuthHandler Request (WPAuthorization a)+wpAuthHandler = mkAuthHandler . handler++-- | This is similar to 'wpAuthHandler' but it allows you to throw an error+-- for anonymous users with valid nonces - restricting handlers to only+-- logged in users.+wpAuthorizedOnlyHandler+    :: WPAuthConfig Handler a+    -> (WPAuthError -> Handler a)+    -> AuthHandler Request a+wpAuthorizedOnlyHandler cfg authFailure = mkAuthHandler $ \req -> do+    result <- handler cfg req+    case result of+        WPAuthorizedUser uData -> return uData+        WPAnonymousUser        -> do+            name <- getCookieName cfg+            authFailure+                $ either EHeader (const $ EHeader NoCookieMatches)+                $ findCookie name (requestHeaders req)+++handler :: WPAuthConfig Handler a -> Request -> Handler (WPAuthorization a)+handler cfg req =+    authorizeWordpressRequest cfg (requestHeaders req) (queryString req)