IHP Api Reference
Safe HaskellSafe-Inferred

IHP.LoginSupport.Helper.Controller

Synopsis

Documentation

currentUser :: forall user. (?context :: ControllerContext, HasNewSessionUrl user, Typeable user, user ~ CurrentUserRecord) => user Source #

currentUserOrNothing :: forall user. (?context :: ControllerContext, HasNewSessionUrl user, Typeable user, user ~ CurrentUserRecord) => Maybe user Source #

currentUserId :: forall user userId. (?context :: ControllerContext, HasNewSessionUrl user, HasField "id" user userId, Typeable user, user ~ CurrentUserRecord) => userId Source #

ensureIsUser :: forall user. (?context :: ControllerContext, HasNewSessionUrl user, Typeable user, user ~ CurrentUserRecord) => IO () Source #

class HasNewSessionUrl user Source #

Minimal complete definition

newSessionUrl

currentAdmin :: forall admin. (?context :: ControllerContext, HasNewSessionUrl admin, Typeable admin, admin ~ CurrentAdminRecord) => admin Source #

currentAdminOrNothing :: forall admin. (?context :: ControllerContext, HasNewSessionUrl admin, Typeable admin, admin ~ CurrentAdminRecord) => Maybe admin Source #

currentAdminId :: forall admin adminId. (?context :: ControllerContext, HasNewSessionUrl admin, HasField "id" admin adminId, Typeable admin, admin ~ CurrentAdminRecord) => adminId Source #

ensureIsAdmin :: forall (admin :: Type). (?context :: ControllerContext, HasNewSessionUrl admin, Typeable admin, admin ~ CurrentAdminRecord) => IO () Source #

login :: forall user id. (?context :: ControllerContext, KnownSymbol (GetModelName user), HasField "id" user id, Show id) => user -> IO () Source #

Log's in a user

Examples:

action ExampleAction = do
    user <- query @User |> fetchOne
    login user
    
    redirectToPath "/"

sessionKey :: forall user. KnownSymbol (GetModelName user) => ByteString Source #

logout :: forall user. (?context :: ControllerContext, KnownSymbol (GetModelName user)) => user -> IO () Source #

Log's out a user

Example:

action LogoutAction = do
    let user = currentUser
    logout user
    
    redirectToPath "/"

type family CurrentUserRecord Source #

type family CurrentAdminRecord Source #

module IHP.AuthSupport.Authentication

enableRowLevelSecurityIfLoggedIn :: (?context :: ControllerContext, Typeable CurrentUserRecord, HasNewSessionUrl CurrentUserRecord, HasField "id" CurrentUserRecord userId, ToField userId) => IO () Source #

After this call the security policies defined in your Schema.sql will be applied to the controller actions called after this

Example:

instance InitControllerContext WebApplication where
    initContext = do
        initAuthentication @User
        enableRowLevelSecurityIfLoggedIn

Let's assume we have a policy defined in our Schema.sql that only allows users to see and edit rows in the projects table that have projects.user_id = current_user_id:

CREATE POLICY "Users can manage their projects" ON projects USING (user_id = ihp_user_id()) WITH CHECK (user_id = ihp_user_id());

Now any database queries to our projects table will have this policy applied.

E.g. this action will now only show the users projects, even though no explicit filterWhere (#userId, currentUserId) is specified on the query:

action ProjectsAction = do
    projects <- query @Project |> fetch

currentRoleOrNothing :: forall user. (?context :: ControllerContext, HasNewSessionUrl user, Typeable user) => Maybe user Source #

currentRole :: forall user. (?context :: ControllerContext, HasNewSessionUrl user, Typeable user) => user Source #

currentRoleId :: forall user userId. (?context :: ControllerContext, HasNewSessionUrl user, HasField "id" user userId, Typeable user) => userId Source #

ensureIsRole :: forall (user :: Type). (?context :: ControllerContext, HasNewSessionUrl user, Typeable user) => IO () Source #