packages feed

servant-auth-server-0.1.0.0: src/Servant/Auth/Server.hs

module Servant.Auth.Server
  (
  -- | This package provides implementations for some common authentication
  -- methods. Authentication yields a trustworthy (because generated by the
  -- server) value of an some arbitrary type:
  --
  -- > type MyApi = Protected
  -- >
  -- > type Protected = Auth '[JWT, Cookie] User :> Get '[JSON] UserAccountDetails
  -- >
  -- > server :: Server Protected
  -- > server (Authenticated usr) = ... -- here we know the client really is
  -- >                                  -- who she claims to be
  -- > server _ = throwAll err401
  --
  -- Additional configuration happens via 'Context'.

  ----------------------------------------------------------------------------
  -- * Auth
  -- | Basic types
    Auth
  , AuthResult(..)

  ----------------------------------------------------------------------------
  -- * JWT
  -- | JSON Web Tokens (JWT) are a compact and secure way of transferring
  -- information between parties. In this library, they are signed by the
  -- server (or by some other party posessing the relevant key), and used to
  -- indicate the bearer's identity or authorization.
  --
  -- Arbitrary information can be encoded - just declare instances for the
  -- 'FromJWT' and 'ToJWT' classes. Don't go overboard though - be aware that
  -- usually you'll be trasmitting this information on each request (and
  -- response!).
  --
  -- Note that, while the tokens are signed, they are not encrypted. Do not put
  -- any information you do not wish the client to know in them!

  -- ** Combinator
  -- | Re-exported from 'servant-auth'
  , JWT

  -- ** Classes
  , FromJWT(..)
  , ToJWT(..)

  -- ** Related types
  , IsMatch(..)

  -- ** Settings
  , JWTSettings(..)
  , defaultJWTSettings


  ----------------------------------------------------------------------------
  -- * Cookie
  -- | Cookies are also a method of identifying and authenticating a user. They
  -- are particular common when the client is a browser

  -- ** Combinator
  -- | Re-exported from 'servant-auth'
  , Cookie

  -- ** Settings
  , CookieSettings(..)
  , defaultCookieSettings

  -- ** Related types
  , IsSecure(..)

  , AreAuths

  ----------------------------------------------------------------------------
  -- * BasicAuth
  -- ** Combinator
  -- | Re-exported from 'servant-auth'
  , BasicAuth

  -- ** Classes
  , FromBasicAuthData(..)

  -- ** Settings
  , BasicAuthCfg

  -- ** Related types
  , BasicAuthData(..)
  , IsPasswordCorrect(..)

  ----------------------------------------------------------------------------
  -- * Utilies
  , ThrowAll(throwAll)
  , generateKey
  , makeJWT

  -- ** Re-exports
  , Default(def)
  ) where

import Data.Default.Class                       (Default (def))
import Servant.Auth
import Servant.Auth.Server.Internal             ()
import Servant.Auth.Server.Internal.BasicAuth
import Servant.Auth.Server.Internal.Class
import Servant.Auth.Server.Internal.ConfigTypes
import Servant.Auth.Server.Internal.JWT
import Servant.Auth.Server.Internal.ThrowAll
import Servant.Auth.Server.Internal.Types

import Servant (BasicAuthData(..))
import Crypto.JOSE   as Jose

-- | Generate a key suitable for use with 'defaultConfig'.
generateKey :: IO Jose.JWK
generateKey = Jose.genJWK $ Jose.OctGenParam 256