Safe Haskell	None
Language	GHC2021

IHP.LoginSupport.Helper.Controller

Synopsis

currentUser :: (?context :: ControllerContext, ?request :: Request, ?respond :: Respond, HasNewSessionUrl user, Typeable user, user ~ CurrentUserRecord) => user
currentUserOrNothing :: (?request :: Request, user ~ CurrentUserRecord, Typeable user) => Maybe user
currentUserId :: (?context :: ControllerContext, ?request :: Request, ?respond :: Respond, HasNewSessionUrl user, HasField "id" user userId, Typeable user, user ~ CurrentUserRecord) => userId
currentUserIdOrNothing :: (?request :: Request, PrimaryKey (GetTableName CurrentUserRecord) ~ UUID) => Maybe (Id CurrentUserRecord)
ensureIsUser :: (?context :: ControllerContext, ?request :: Request, ?respond :: Respond, HasNewSessionUrl user, Typeable user, user ~ CurrentUserRecord) => IO ()
class HasNewSessionUrl (user :: k)
currentAdmin :: (?context :: ControllerContext, ?request :: Request, ?respond :: Respond, HasNewSessionUrl admin, Typeable admin, admin ~ CurrentAdminRecord) => admin
currentAdminOrNothing :: (?request :: Request, admin ~ CurrentAdminRecord, Typeable admin) => Maybe admin
currentAdminId :: (?context :: ControllerContext, ?request :: Request, ?respond :: Respond, HasNewSessionUrl admin, HasField "id" admin adminId, Typeable admin, admin ~ CurrentAdminRecord) => adminId
currentAdminIdOrNothing :: (?request :: Request, PrimaryKey (GetTableName CurrentAdminRecord) ~ UUID) => Maybe (Id CurrentAdminRecord)
ensureIsAdmin :: (?context :: ControllerContext, ?request :: Request, ?respond :: Respond, HasNewSessionUrl admin, Typeable admin, admin ~ CurrentAdminRecord) => IO ()
login :: (?request :: Request, KnownSymbol (GetModelName user), HasField "id" user (Id user), PrimaryKey (GetTableName user) ~ UUID) => user -> IO ()
sessionKey :: KnownSymbol (GetModelName user) => ByteString
logout :: (?request :: Request, KnownSymbol (GetModelName user)) => user -> IO ()
type family CurrentUserRecord
type family CurrentAdminRecord
module IHP.AuthSupport.Authentication
enableRowLevelSecurityIfLoggedIn :: (?context :: ControllerContext, ?request :: Request, PrimaryKey (GetTableName CurrentUserRecord) ~ UUID) => IO ()

Documentation

currentUser :: (?context :: ControllerContext, ?request :: Request, ?respond :: Respond, HasNewSessionUrl user, Typeable user, user ~ CurrentUserRecord) => user Source #

Returns the current user. Redirects to login if not logged in.

currentUserOrNothing :: (?request :: Request, user ~ CurrentUserRecord, Typeable user) => Maybe user Source #

Returns the current user or Nothing if not logged in.

Reads from the WAI request vault, populated by authMiddleware.

Requires AuthMiddleware (authMiddleware @User) in Config.hs.

currentUserId :: (?context :: ControllerContext, ?request :: Request, ?respond :: Respond, HasNewSessionUrl user, HasField "id" user userId, Typeable user, user ~ CurrentUserRecord) => userId Source #

Returns the ID of the current user. Redirects to login if not logged in.

currentUserIdOrNothing :: (?request :: Request, PrimaryKey (GetTableName CurrentUserRecord) ~ UUID) => Maybe (Id CurrentUserRecord) Source #

Returns the current user's UUID or Nothing if not logged in.

This only requires userIdMiddleware, no database query is needed.

userId <- currentUserIdOrNothing

ensureIsUser :: (?context :: ControllerContext, ?request :: Request, ?respond :: Respond, HasNewSessionUrl user, Typeable user, user ~ CurrentUserRecord) => IO () Source #

Ensures that a user is logged in. Redirects to login page if not.

class HasNewSessionUrl (user :: k) Source #

Minimal complete definition

newSessionUrl

currentAdmin :: (?context :: ControllerContext, ?request :: Request, ?respond :: Respond, HasNewSessionUrl admin, Typeable admin, admin ~ CurrentAdminRecord) => admin Source #

Returns the current admin. Redirects to login if not logged in.

currentAdminOrNothing :: (?request :: Request, admin ~ CurrentAdminRecord, Typeable admin) => Maybe admin Source #

Returns the current admin or Nothing if not logged in.

Reads from the WAI request vault, populated by authMiddleware.

Requires AdminAuthMiddleware (adminAuthMiddleware @Admin) in Config.hs.

currentAdminId :: (?context :: ControllerContext, ?request :: Request, ?respond :: Respond, HasNewSessionUrl admin, HasField "id" admin adminId, Typeable admin, admin ~ CurrentAdminRecord) => adminId Source #

Returns the ID of the current admin. Redirects to login if not logged in.

currentAdminIdOrNothing :: (?request :: Request, PrimaryKey (GetTableName CurrentAdminRecord) ~ UUID) => Maybe (Id CurrentAdminRecord) Source #

Returns the current admin's UUID or Nothing if not logged in.

This only requires adminIdMiddleware, no database query is needed.

ensureIsAdmin :: (?context :: ControllerContext, ?request :: Request, ?respond :: Respond, HasNewSessionUrl admin, Typeable admin, admin ~ CurrentAdminRecord) => IO () Source #

Ensures that an admin is logged in. Redirects to login page if not.

login :: (?request :: Request, KnownSymbol (GetModelName user), HasField "id" user (Id user), PrimaryKey (GetTableName user) ~ UUID) => user -> IO () Source #

Log in a user

Stores the user's UUID in the session as raw ASCII bytes (36 bytes).

Examples:

action ExampleAction = do
    user <- query @User |> fetchOne
    login user

    redirectToPath "/"

sessionKey :: KnownSymbol (GetModelName user) => ByteString Source #

logout :: (?request :: Request, KnownSymbol (GetModelName user)) => user -> IO () Source #

Log out a user

Example:

action LogoutAction = do
    let user = currentUser
    logout user

    redirectToPath "/"

type family CurrentUserRecord Source #

type family CurrentAdminRecord Source #

module IHP.AuthSupport.Authentication

enableRowLevelSecurityIfLoggedIn :: (?context :: ControllerContext, ?request :: Request, PrimaryKey (GetTableName CurrentUserRecord) ~ UUID) => IO () Source #

After this call the security policies defined in your Schema.sql will be applied to the controller actions called after this

Example:

instance InitControllerContext WebApplication where
    initContext = do
        enableRowLevelSecurityIfLoggedIn

Let's assume we have a policy defined in our Schema.sql that only allows users to see and edit rows in the projects table that have projects.user_id = current_user_id:

CREATE POLICY "Users can manage their projects" ON projects USING (user_id = ihp_user_id()) WITH CHECK (user_id = ihp_user_id());

Now any database queries to our projects table will have this policy applied.

E.g. this action will now only show the users projects, even though no explicit filterWhere (#userId, currentUserId) is specified on the query:

action ProjectsAction = do
    projects <- query @Project |> fetch