packages feed

wordpress-auth 1.0.0.0 → 1.0.0.1

raw patch · 3 files changed

+38/−34 lines, 3 filesdep ~base16-bytestringdep ~textPVP ok

version bump matches the API change (PVP)

Dependency ranges changed: base16-bytestring, text

API changes (from Hackage documentation)

Files

CHANGELOG.md view
@@ -1,5 +1,9 @@ # ChangeLog +## v1.0.0.1++Support 1.0 release of `base16-bytestring`.+ ## v1.0.0.0  Initial Release
src/Wordpress/Auth.hs view
@@ -22,9 +22,9 @@  Then you'll want to pull the specific cookie's text out of the Cookie header(see 'findCookie') & use then 'parseWordpressCookie' to build-a 'WPCookie'. You should then use the `username` field of the cookie to+a 'WPCookie'. You should then use the 'username' field of the cookie to query your Wordpress database for the User's @ID@('WordpressUserId')-& @user_pass@('WordpresUserPass') fields as well as the @session_tokens@+& @user_pass@('WordpressUserPass') fields as well as the @session_tokens@ User Meta('SessionToken').  Equiped with these and the current time(via@@ -214,7 +214,7 @@         { getCookieName :: m CookieName         -- ^ A monadic action that generates a `CookieName`. You can simply         -- return a constant value, or do something more complex like-        -- querying your database for the `siteurl` option.+        -- querying your database for the @siteurl@ option.         , loggedInScheme :: AuthScheme         -- ^ The @LOGGED_IN_KEY@ & @LOGGED_IN_SALT@ from your         -- @wp-config.php@.@@ -261,7 +261,7 @@     | UserDataNotFound     -- ^ The `getUserData` function returned `Nothing`.     | NoNonce-    -- ^ The `Request` has no @X-WP-Nonce@ header.+    -- ^ The @Request@ has no @X-WP-Nonce@ header.     | InvalidNonce     -- ^ The nonce couldn't be validated.     deriving (Show, Eq)@@ -300,7 +300,7 @@ -- headers. data CookieHeaderError     = NoCookieHeader-    -- ^ The `Request` has no `Cookie` header.+    -- ^ The Request has no @Cookie@ header.     | NoCookieMatches     -- ^ No Cookie matched the expected `CookieName`.     deriving (Show, Eq)@@ -316,11 +316,11 @@ -- Cookies  -- | This represents a Cookie set by a Wordpress authentication scheme--- (`auth`, `auth_sec`, & `logged_in`).+-- (@auth@, @auth_sec@, & @logged_in@). data WPCookie     = WPCookie         { username :: Text-        -- ^ The `user_login` column for the Wordpress User.+        -- ^ The @user_login@ column for the Wordpress User.         , expiration :: POSIXTime         -- ^ The expiration time of the Cookie.         , token :: CookieToken@@ -338,13 +338,13 @@ -- | Potential errors we may encounter while parsing a `WPCookie`. data CookieParseError     = MalformedCookie-    -- ^ The cookie did not have 4 fields separated by `|` characters.+    -- ^ The cookie did not have 4 fields separated by @|@ characters.     | InvalidExpiration     -- ^ The `expiration` field of the cookie is not an Integer.     deriving (Show, Eq) --- | Parse a `WPCookie` from the body text of an `auth`, `auth_sec`, or--- `logged_in` cookie.+-- | Parse a `WPCookie` from the body text of an @auth@, @auth_sec@, or+-- @logged_in@ cookie. parseWordpressCookie :: Text -> Either CookieParseError WPCookie parseWordpressCookie rawCookie = case T.splitOn "|" rawCookie of     [username, expiration_, token_, hmac] ->@@ -424,7 +424,7 @@  -- Hashing / Salting --- | A port of the `wp_hash` function. This performs an 'MD5.hmac' hash on+-- | A port of the @wp_hash@ function. This performs an 'MD5.hmac' hash on -- some text using a secret derived from the authentication scheme's key -- & salt constants. wordpressHash :: AuthScheme -> Text -> Text@@ -432,7 +432,7 @@     let secret = HashSecret $ wordpressSalt scheme     in  hmacText MD5.hmac secret $ HashMessage textToHash --- | A port of the `wp_salt` function. Builds a secret key for a hashing+-- | A port of the @wp_salt@ function. Builds a secret key for a hashing -- function using the auth scheme's key & salt. wordpressSalt :: AuthScheme -> Text wordpressSalt AuthScheme { schemeKey, schemeSalt } =@@ -442,7 +442,7 @@  -- Tokens --- | A User Session's Token. These can be found in the `usermeta` Wordpress+-- | A User Session's Token. These can be found in the @usermeta@ Wordpress -- table for rows where @meta_key="session_token"@. -- -- You'll probably want to use `decodeSessionTokens` to parse the tables's@@ -455,7 +455,7 @@     deriving (Show, Eq)  -- | Decode a serialized PHP array containing a User's Session Tokens.--- These are usually stored as the `session_tokens` usermeta.+-- These are usually stored as the @session_tokens@ usermeta. -- -- It may be an associative array of tokens to expiration times, or tokens -- to an associative array of sub-fields:@@ -542,7 +542,7 @@ -- hash of the current or previous tick. validateNonce     :: AuthScheme -- ^ The Wordpress site's @nonce@ scheme constants - @NONCE_KEY@ & @NONCE_SALT@.-    -> Maybe CookieToken -- ^ A token from the `logged_in` cookie.+    -> Maybe CookieToken -- ^ A token from the @logged_in@ cookie.     -> NonceTick  -- ^ The current tick number.     -> Maybe WordpressUserId -- ^ The ID of the currently logged in User.     -> Text  -- ^ The @action@ of the nonce (e.g., @"wp_rest"@ for API requests).@@ -584,22 +584,22 @@         }     deriving (Show, Eq) --- | An auth scheme's `_KEY` constant, usually defined in your Wordpress--- site's @wp-config.php@. E.g., `LOGGED_IN_KEY`+-- | An auth scheme's @_KEY@ constant, usually defined in your Wordpress+-- site's @wp-config.php@. E.g., @LOGGED_IN_KEY@ newtype WordpressKey     = WordpressKey { unKey :: Text }     deriving (Show, Eq)--- | An auth scheme's `_SALT` constant, usually defined in your Wordpress--- site's @wp-config.php@. E.g., `LOGGED_IN_SALT`+-- | An auth scheme's @_SALT@ constant, usually defined in your Wordpress+-- site's @wp-config.php@. E.g., @LOGGED_IN_SALT@ newtype WordpressSalt     = WordpressSalt { unSalt :: Text }     deriving (Show, Eq) --- | Build the `_KEY` value for an authentiation scheme.+-- | Build the @_KEY@ value for an authentiation scheme. wpConfigKey :: Text -> WordpressKey wpConfigKey = WordpressKey --- | Build the `_SALT` value for an authentiation scheme.+-- | Build the @_SALT@ value for an authentiation scheme. wpConfigSalt :: Text -> WordpressSalt wpConfigSalt = WordpressSalt @@ -629,6 +629,6 @@ hashText hasher =     decodeUtf8 . Base16.encode . hasher . encodeUtf8 . hashMessage --- Join the different text to hash together by `|` like Wordpress expects.+-- Join the different text to hash together by @|@ like Wordpress expects. joinHashParts :: [Text] -> Text joinHashParts = T.intercalate "|"
wordpress-auth.cabal view
@@ -1,13 +1,13 @@ cabal-version: 1.12 --- This file has been generated from package.yaml by hpack version 0.31.1.+-- This file has been generated from package.yaml by hpack version 0.34.4. -- -- see: https://github.com/sol/hpack ----- hash: c33e1a894c3fedf7883654d7bd9f0199378cdece3892f962cd629ba877ddaba9+-- hash: 82c4605ae4faddea533a20c6753a62d06b98d4f614812c8df4dbf45f001774d6  name:           wordpress-auth-version:        1.0.0.0+version:        1.0.0.1 synopsis:       Validate Wordpress Cookies & Nonces; Build Wordpress Hashes & Salts description:    This package is used for validating Cookie data & Nonces from Wordpress.                 .@@ -38,15 +38,15 @@   ghc-options: -Wall -Wcompat -Wincomplete-record-updates -Wincomplete-uni-patterns -Wredundant-constraints   build-depends:       base >=4.7 && <5-    , base16-bytestring >=0.1 && <0.2+    , base16-bytestring <1.1     , bytestring >=0.10 && <0.12-    , cookie >=0.4 && <0.5-    , cryptohash-md5 >=0.11 && <0.12-    , cryptohash-sha256 >=0.11 && <0.12+    , cookie ==0.4.*+    , cryptohash-md5 ==0.11.*+    , cryptohash-sha256 ==0.11.*     , hs-php-session >=0.0.9 && <0.1-    , http-types >=0.12 && <0.13-    , mtl >=2 && <3-    , text >=1 && <2-    , time >=1 && <2-    , uri-encode >=1.5 && <1.6+    , http-types ==0.12.*+    , mtl ==2.*+    , text ==1.*+    , time ==1.*+    , uri-encode ==1.5.*   default-language: Haskell2010