yesod-auth-bcrypt-0.2.0: BCrypt salted and hashed passwords in a database as auth for yesod

Copyright(c) Patrick Brisbin 2010
Licenseas-is
Maintainerpbrisbin@gmail.com
StabilityStable
PortabilityPortable
Safe HaskellNone
LanguageHaskell98

Yesod.Auth.BCrypt

Contents

Description

A yesod-auth AuthPlugin designed to look users up in Persist where their user ID and a Bcrypt hash + salt of their password is stored.

Example usage:

-- import the function import Auth.HashDB -- make sure you have an auth route mkYesodData "MyApp" [$parseRoutes| / RootR GET /auth AuthR Auth getAuth |] -- make your app an instance of YesodAuth using this plugin instance YesodAuth MyApp where type AuthId MyApp = UserId loginDest _ = RootR logoutDest _ = RootR getAuthId = getAuthIdHashDB AuthR (Just . UniqueUser) authPlugins = [authHashDB (Just . UniqueUser)] -- include the migration function in site startup withServer :: (Application -> IO a) -> IO a withServer f = withConnectionPool $ \p -> do runSqlPool (runMigration migrateUsers) p let h = DevSite p

Note that function which converts username to unique identifier must be same.

Your app must be an instance of YesodPersist. and the username, salted-and-hashed-passwords should be added to the database.

Synopsis

Documentation

class HashDBUser siteuser where Source

Interface for data type which holds user info. It's just a collection of getters and setters

Methods

siteuserPasswordHash :: siteuser -> Maybe Text Source

Retrieve password hash from user data

setSaltAndPasswordHash Source

Arguments

:: Text

Hash and Salt

-> siteuser 
-> siteuser 

a callback for setPassword

Instances

data family Unique record

Unique keys besides the Key

Instances

setPassword :: HashDBUser siteuser => Text -> siteuser -> IO siteuser Source

Set password for user. This function should be used for setting passwords. It generates random salt and calculates proper hashes.

Authentification

validateUser Source

Arguments

:: (YesodPersist yesod, PersistEntity siteuser, HashDBUser siteuser, PersistEntityBackend siteuser ~ YesodPersistBackend yesod, PersistUnique (YesodPersistBackend yesod)) 
=> Unique siteuser

User unique identifier

-> Text

Password in plaint-text

-> HandlerT yesod IO Bool 

Given a user ID and password in plaintext, validate them against the database values.

authHashDB :: (YesodAuth m, YesodPersist m, HashDBUser siteuser, PersistEntity siteuser, PersistEntityBackend siteuser ~ YesodPersistBackend m, PersistUnique (YesodPersistBackend m)) => (Text -> Maybe (Unique siteuser)) -> AuthPlugin m Source

Prompt for username and password, validate that against a database which holds the username and a hash of the password

getAuthIdHashDB Source

Arguments

:: (YesodAuth master, YesodPersist master, HashDBUser siteuser, PersistEntity siteuser, Key siteuser ~ AuthId master, PersistEntityBackend siteuser ~ YesodPersistBackend master, PersistUnique (YesodPersistBackend master)) 
=> (AuthRoute -> Route master)

your site's Auth Route

-> (Text -> Maybe (Unique siteuser))

gets user ID

-> Creds master

the creds argument

-> HandlerT master IO (Maybe (AuthId master)) 

A drop in for the getAuthId method of your YesodAuth instance which can be used if authHashDB is the only plugin in use.

Predefined data type

data Siteuser Source

Generate data base instances for a valid user

Constructors

Siteuser 

Fields

siteuserUsername :: !Text
 
siteuserPassword :: !Text
 
siteuserEmail :: !(Maybe Text)
 

Instances

type SiteuserId = Key Siteuser Source

data family EntityField record $a

An EntityField is parameterised by the Haskell record it belongs to and the additional type of that field

Instances

migrateSiteusers :: Migration Source