@hackage / servant-auth-token

Servant based API and server for token based authorisation

Latest0.5.6.0

About

Metadata

  • Last updated , by NCrashed
  • License BSD-3-Clause
  • Categories Web Development

  • Maintained by: ncrashed@gmail.com

  • Lottery factor: 0

Links

Installation

Readme

servant-auth-token

Build Status

The repo contains server implementation of servant-auth-token-api.

How to add to your server

At the moment you have two options for backend storage:

  • persistent backend - persistent backend, simple to integrate with your app.

  • acid-state backend - acid-state backend is light solution for in memory storage, but it is more difficult to integrate it with your app.

  • Possible candidates for other storage backends: VCache, leveldb, JSON files. To see how to implement them, see HasStorage type class.

Now you can use 'guardAuthToken' to check authorization headers in endpoints of your server:

-- | Read a single customer from DB
customerGet :: CustomerId -- ^ Customer unique id
  -> MToken '["customer-read"] -- ^ Required permissions for auth token
  -> ServerM Customer -- ^ Customer data
customerGet i token = do
  guardAuthToken token
  runDB404 "customer" $ getCustomer i