wai-extra 3.0.18 → 3.0.19
raw patch · 5 files changed
+26/−16 lines, 5 files
Files
- ChangeLog.md +4/−0
- Network/Wai/Middleware/ForceSSL.hs +0/−2
- Network/Wai/Middleware/HttpAuth.hs +18/−10
- Network/Wai/Parse.hs +3/−3
- wai-extra.cabal +1/−1
ChangeLog.md view
@@ -1,3 +1,7 @@+## 3.0.19++* Add a new function basicAuth', which passes request to the CheckCreds argument.+ ## 3.0.18 * ForceSSL: preserve port number when redirecting to https. [#582](https://github.com/yesodweb/wai/pull/582)
Network/Wai/Middleware/ForceSSL.hs view
@@ -17,8 +17,6 @@ import Data.Monoid ((<>)) import Network.HTTP.Types (hLocation, methodGet, status301, status307) -import Data.Word8 (_colon)- -- | For requests that don't appear secure, redirect to https -- -- Since 3.0.7
Network/Wai/Middleware/HttpAuth.hs view
@@ -5,6 +5,7 @@ module Network.Wai.Middleware.HttpAuth ( -- * Middleware basicAuth+ , basicAuth' , CheckCreds , AuthSettings , authRealm@@ -36,11 +37,19 @@ -- -- > basicAuth (\u p -> return $ u == "michael" && p == "mypass") "My Realm" ----- Since 1.3.4+-- @since 1.3.4 basicAuth :: CheckCreds -> AuthSettings -> Middleware-basicAuth checkCreds AuthSettings {..} app req sendResponse = do+basicAuth checkCreds = basicAuth' (\_ -> checkCreds)++-- | Like 'basicAuth', but also passes a request to the authentication function.+--+-- @since 3.0.19+basicAuth' :: (Request -> CheckCreds)+ -> AuthSettings+ -> Middleware+basicAuth' checkCreds AuthSettings {..} app req sendResponse = do isProtected <- authIsProtected req allowed <- if isProtected then check else return True if allowed@@ -51,8 +60,7 @@ case (lookup hAuthorization $ requestHeaders req) >>= extractBasicAuth of Nothing -> return False- Just (username, password) -> checkCreds username password-+ Just (username, password) -> checkCreds req username password -- | Basic authentication settings. This value is an instance of -- @IsString@, so the recommended approach to create a value is to@@ -61,23 +69,23 @@ -- -- > "My Realm" { authIsProtected = someFunc } :: AuthSettings ----- Since 1.3.4+-- @since 1.3.4 data AuthSettings = AuthSettings { authRealm :: !ByteString -- ^ --- -- Since 1.3.4+ -- @since 1.3.4 , authOnNoAuth :: !(ByteString -> Application) -- ^ Takes the realm and returns an appropriate 401 response when -- authentication is not provided. --- -- Since 1.3.4+ -- @since 1.3.4 , authIsProtected :: !(Request -> IO Bool) -- ^ Determine if access to the requested resource is restricted. -- -- Default: always returns @True@. --- -- Since 1.3.4+ -- @since 1.3.4 } instance IsString AuthSettings where@@ -99,7 +107,7 @@ -- | Extract basic authentication data from usually __Authorization__ -- header value. Returns username and password ----- Since 3.0.5+-- @since 3.0.5 extractBasicAuth :: ByteString -> Maybe (ByteString, ByteString) extractBasicAuth bs = let (x, y) = S.break isSpace bs@@ -115,7 +123,7 @@ -- | Extract bearer authentication data from __Authorization__ header -- value. Returns bearer token ----- Since 3.0.5+-- @since 3.0.5 extractBearerAuth :: ByteString -> Maybe ByteString extractBearerAuth bs = let (x, y) = S.break isSpace bs
Network/Wai/Parse.hs view
@@ -184,7 +184,7 @@ clearMaxRequestNumFiles :: ParseRequestBodyOptions -> ParseRequestBodyOptions clearMaxRequestNumFiles p = p { prboMaxNumFiles=Nothing } --- | Set the maximum filesize per file.+-- | Set the maximum filesize per file (in bytes). -- -- @since 3.0.16.0 setMaxRequestFileSize :: Int64 -> ParseRequestBodyOptions -> ParseRequestBodyOptions@@ -320,7 +320,7 @@ -- | Parse a content type value, turning a single @ByteString@ into the actual -- content type and a list of pairs of attributes. ----- Since 1.3.2+-- @since 1.3.2 parseContentType :: S.ByteString -> (S.ByteString, [(S.ByteString, S.ByteString)]) parseContentType a = do let (ctype, b) = S.break (== semicolon) a@@ -346,7 +346,7 @@ -- Note: This function does not limit the memory it allocates. -- When dealing with untrusted data (as is usually the case when -- receiving input from the internet), it is recommended to--- use the parseRequestBodyEx function instead.+-- use the 'parseRequestBodyEx' function instead. parseRequestBody :: BackEnd y -> Request -> IO ([Param], [File y])
wai-extra.cabal view
@@ -1,5 +1,5 @@ Name: wai-extra-Version: 3.0.18+Version: 3.0.19 Synopsis: Provides some basic WAI handlers and middleware. description: Provides basic WAI handler and middleware functionality: