wai-middleware-auth 0.1.1.0 → 0.1.1.1
raw patch · 5 files changed
+27/−12 lines, 5 filesPVP ok
version bump matches the API change (PVP)
API changes (from Hackage documentation)
Files
- CHANGELOG.md +8/−1
- app/Main.hs +0/−1
- src/Network/Wai/Middleware/Auth.hs +17/−9
- src/Network/Wai/Middleware/Auth/Provider.hs +1/−0
- wai-middleware-auth.cabal +1/−1
CHANGELOG.md view
@@ -1,8 +1,15 @@+0.1.1.1+=======++* Disallow empty `userIdentity` to produce a successfull login.+* Produces a 404 on `/favicon.ico` page if not logged in: work around for issue+ with Chrome requesting it first and messing up the redirect url.+* Added JQuery to the template, since it's bootstrap's requirement.+ 0.1.1.0 ======= * Fixed whitelist email regex matching for Github and Google auth.- 0.1.0.0 =======
app/Main.hs view
@@ -3,7 +3,6 @@ {-# LANGUAGE TemplateHaskell #-} module Main where import qualified Data.ByteString as S--- import Data.ByteString.Base64 as B64 import Data.Monoid ((<>)) import Data.Serialize (put, runPut) import Network.Wai.Auth.Executable
src/Network/Wai/Middleware/Auth.hs view
@@ -210,14 +210,26 @@ (providerName:pathSuffix) | Just provider <- HM.lookup providerName asProviders -> do appRoot <- asGetAppRoot req- let onSuccess userIdentity = do+ let onFailure status errMsg =+ return $+ responseBuilder status [] $+ asProvidersTemplate+ (Just $ decodeUtf8With lenientDecode errMsg)+ authRouteRender+ asProviders+ let onSuccess "" =+ onFailure+ status501+ "Empty user identity is not allowed"+ onSuccess userIdentity = do CTime now <- epochTime cookie <- saveAuthState $ AuthLoggedIn $ AuthUser { authUserIdentity = userIdentity- , authProviderName = encodeUtf8 $ getProviderName provider+ , authProviderName =+ encodeUtf8 $ getProviderName provider , authLoginTime = now } return $@@ -226,13 +238,6 @@ [("Location", protectedPath), cookie] (fromByteString "Redirecting to " <> fromByteString protectedPath)- let onFailure status errMsg =- return $- responseBuilder status [] $- asProvidersTemplate- (Just $ decodeUtf8With lenientDecode errMsg)- authRouteRender- asProviders let providerUrlRenderer (ProviderUrl suffix) = mkRouteRender (Just appRoot)@@ -248,6 +253,9 @@ onSuccess onFailure _ -> respond $ responseLBS status404 [] "Unknown URL"+ -- Workaround for Chrome asking for favicon.ico, causing a wrong+ -- redirect url to be stored in a cookie.+ ["favicon.ico"] -> respond $ responseLBS status404 [] "No favicon.ico" _ -> do cookie <- saveAuthState $
src/Network/Wai/Middleware/Auth/Provider.hs view
@@ -200,6 +200,7 @@ <title>WAI Auth Middleware - Authentication Providers. <link rel="stylesheet" href="https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/bootstrap.min.css" integrity="sha384-BVYiiSIFeK1dGmJRAkycuHAHRg32OmUcww7on3RYdg4Va+PmSTsz/K68vbdEjh4u" crossorigin="anonymous"> <link rel="stylesheet" href="https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/bootstrap-theme.min.css" integrity="sha384-rHyoN1iRsVXV4nD0JutlnGaslCJuC7uwjduW9SVrLvRYooPp2bWYgmgJQIXwl/Sp" crossorigin="anonymous">+ <script src="https://ajax.googleapis.com/ajax/libs/jquery/3.1.1/jquery.min.js"> <script src="https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/js/bootstrap.min.js" integrity="sha384-Tc5IQib027qvyjSMfHjOMaLkfuWVxZxUPnCJA7l2mCWNIpG9mGCD8wGNIcPD7Txa" crossorigin="anonymous"> <style> .provider-logo {
wai-middleware-auth.cabal view
@@ -1,5 +1,5 @@ name: wai-middleware-auth-version: 0.1.1.0+version: 0.1.1.1 synopsis: Authentication middleware that secures WAI application description: See README license: MIT