Last active
August 31, 2016 14:28
-
-
Save dpwiz/3121322 to your computer and use it in GitHub Desktop.
Check Basic HTTP Authentication in Scotty
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| main :: IO () | |
| main = scotty 3000 app | |
| app :: ScottyM () | |
| app = do | |
| rcon <- liftIO $ R.connect R.defaultConnectInfo {R.connectPort = R.UnixSocket "redis.sock"} | |
| get "/favicon.ico" $ html "ಠ_ಠ" | |
| get "/:method" $ do | |
| r <- request | |
| auth <- liftIO $ auth r rcon | |
| unless (isJust auth) next | |
| liftIO someCode | |
| get "/:method" $ do | |
| status unauthorized401 | |
| header "WWW-Authenticate" "Basic realm=\"Incoming\"" | |
| html "<h1>Authentication required.</h1>" | |
| auth :: Request -> R.Connection -> IO (Maybe ByteString) | |
| auth (Request {requestHeaders=h}) rcon = do | |
| case [v | (k, v) <- h, k == "Authorization" ] of | |
| [value] -> R.runRedis rcon $ check (decode value) | |
| _ -> return Nothing | |
| where | |
| decode = BS.split ':' . decodeLenient . head . drop 1 . BS.split ' ' | |
| check [login, pwd] = FA.checkAuth login pwd |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
The times have changed since the gist. Please check out the more recent approach using middleware from
wai-extra: https://ro-che.info/articles/2016-04-14-scotty-http-basic-auth