packages feed

wai-middleware-auth 0.1.1.0 → 0.1.1.1

raw patch · 5 files changed

+27/−12 lines, 5 filesPVP ok

version bump matches the API change (PVP)

API changes (from Hackage documentation)

Files

CHANGELOG.md view
@@ -1,8 +1,15 @@+0.1.1.1+=======++* Disallow empty `userIdentity` to produce a successfull login.+* Produces a 404 on `/favicon.ico` page if not logged in: work around for issue+  with Chrome requesting it first and messing up the redirect url.+* Added JQuery to the template, since it's bootstrap's requirement.+ 0.1.1.0 =======  * Fixed whitelist email regex matching for Github and Google auth.-  0.1.0.0 =======
app/Main.hs view
@@ -3,7 +3,6 @@ {-# LANGUAGE TemplateHaskell   #-} module Main where import qualified Data.ByteString                           as S--- import           Data.ByteString.Base64                    as B64 import           Data.Monoid                               ((<>)) import           Data.Serialize                            (put, runPut) import           Network.Wai.Auth.Executable
src/Network/Wai/Middleware/Auth.hs view
@@ -210,14 +210,26 @@                 (providerName:pathSuffix)                   | Just provider <- HM.lookup providerName asProviders -> do                     appRoot <- asGetAppRoot req-                    let onSuccess userIdentity = do+                    let onFailure status errMsg =+                          return $+                          responseBuilder status [] $+                          asProvidersTemplate+                            (Just $ decodeUtf8With lenientDecode errMsg)+                            authRouteRender+                            asProviders+                    let onSuccess "" =+                          onFailure+                            status501+                            "Empty user identity is not allowed"+                        onSuccess userIdentity = do                           CTime now <- epochTime                           cookie <-                             saveAuthState $                             AuthLoggedIn $                             AuthUser                             { authUserIdentity = userIdentity-                            , authProviderName = encodeUtf8 $ getProviderName provider+                            , authProviderName =+                                encodeUtf8 $ getProviderName provider                             , authLoginTime = now                             }                           return $@@ -226,13 +238,6 @@                               [("Location", protectedPath), cookie]                               (fromByteString "Redirecting to " <>                                fromByteString protectedPath)-                    let onFailure status errMsg =-                          return $-                          responseBuilder status [] $-                          asProvidersTemplate-                            (Just $ decodeUtf8With lenientDecode errMsg)-                            authRouteRender-                            asProviders                     let providerUrlRenderer (ProviderUrl suffix) =                           mkRouteRender                             (Just appRoot)@@ -248,6 +253,9 @@                         onSuccess                         onFailure                 _ -> respond $ responseLBS status404 [] "Unknown URL"+          -- Workaround for Chrome asking for favicon.ico, causing a wrong+          -- redirect url to be stored in a cookie.+          ["favicon.ico"] -> respond $ responseLBS status404 [] "No favicon.ico"           _ -> do             cookie <-               saveAuthState $
src/Network/Wai/Middleware/Auth/Provider.hs view
@@ -200,6 +200,7 @@     <title>WAI Auth Middleware - Authentication Providers.     <link rel="stylesheet" href="https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/bootstrap.min.css" integrity="sha384-BVYiiSIFeK1dGmJRAkycuHAHRg32OmUcww7on3RYdg4Va+PmSTsz/K68vbdEjh4u" crossorigin="anonymous">     <link rel="stylesheet" href="https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/bootstrap-theme.min.css" integrity="sha384-rHyoN1iRsVXV4nD0JutlnGaslCJuC7uwjduW9SVrLvRYooPp2bWYgmgJQIXwl/Sp" crossorigin="anonymous">+    <script src="https://ajax.googleapis.com/ajax/libs/jquery/3.1.1/jquery.min.js">     <script src="https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/js/bootstrap.min.js" integrity="sha384-Tc5IQib027qvyjSMfHjOMaLkfuWVxZxUPnCJA7l2mCWNIpG9mGCD8wGNIcPD7Txa" crossorigin="anonymous">     <style>       .provider-logo {
wai-middleware-auth.cabal view
@@ -1,5 +1,5 @@ name:                wai-middleware-auth-version:             0.1.1.0+version:             0.1.1.1 synopsis:            Authentication middleware that secures WAI application description:         See README license:             MIT