Skip to content
This repository has been archived by the owner on Oct 29, 2021. It is now read-only.

Can't figure out how to use the BasicAuth portion of this package #137

Open
ProofOfKeags opened this issue Jan 11, 2019 · 7 comments
Open

Can't figure out how to use the BasicAuth portion of this package #137

ProofOfKeags opened this issue Jan 11, 2019 · 7 comments
Labels
question

Comments

@ProofOfKeags
Copy link

I was trying to figure out how to use this package to do basic auth and I'm probably missing something but am having trouble.

I have defined the following type instance for BasicAuthCfg

type instance BasicAuthCfg = BasicAuthData -> IO (AuthResult UUID)

and the following typeclass instance for FromBasicAuthData

instance FromBasicAuthData UUID where
  fromBasicAuthData authData checkBasicAuthFunction = checkBasicAuthFunction authData

but how do I pass in the implementation above referenced checkBasicAuthFunction :: BasicAuthCfg ?
@ProofOfKeags
Copy link
Author

Additionally it seems like I HAVE to use cookies/JWT with BasicAuth even though I don't really want to. I was under the impression that this package generalized the Auth process, and that I could pick which Auth mechanisms I wanted (or didn't want) to use. Is this possible or is this package SOLELY for Cookie/JWT auth?

@bengineml
Copy link

You will actually use the function you implemented (BasicAuthData -> IO (AuthResult UUID)) by making it part of the config you pass to serveWithContext.

From my project:

checkBasicAuth :: BasicAuthData -> IO (AuthResult UUID)
checkBasicAuth = undefined -- your implementation goes here

app :: Environment -> JWK -> Application
app env jwk =
  let
    jwts = defaultJWTSettings jwk
    cfg = defaultCookieSettings :. jwts :. checkBasicAuth env jwts :. EmptyContext
  in
    --- Here we actually make concrete
    serveWithContext appApiProxy cfg (appToServer env jwts)

@bengineml
Copy link

I'm unfortunately unable to answer your questions as to whether basic auth can be used on its own. It seems like any use of the Auth auths v combinator requires a ToJWT v instance.

Perhaps somebody else can provide some more clarity on using auth methods independently.

@ProofOfKeags
Copy link
Author

I appreciate the response! I think I understand how that works now, but it does seem to appear that these auth mechanisms are not at all independent.

@domenkozar
Copy link
Collaborator

domenkozar commented Jan 16, 2019
edited
Loading

You need to implement ToJWT/FromJWT, but those instances won't be used afaik, since no cookies are involved (they are needed because cookies use JWT and that's for all HTTP requests). See #119

@domenkozar
Copy link
Collaborator

Note also #140

@CaptJakk does that clarify your questions?

@ProofOfKeags
Copy link
Author

does #140 mean that you don't need a ToJWT/FromJWT instance anymore?

Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees
No one assigned
Labels
question
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@domenkozar @ProofOfKeags @bengineml