{-# LANGUAGE AllowAmbiguousTypes #-}

{-|
Module: IHP.Job.Dashboard.Auth
Description:  Authentication for Job dashboard
-}
module IHP.Job.Dashboard.Auth (
    AuthenticationMethod(..),
    NoAuth(..),
    BasicAuth(..),
    BasicAuthStatic(..),
) where

import IHP.Prelude
import IHP.ControllerPrelude
import qualified IHP.EnvVar as EnvVar

-- | Defines one method, 'authenticate', called before every action. Use to authenticate user.
--
-- Three implementations are provided:
-- - 'NoAuth' : No authentication
-- - 'BasicAuth' : HTTP Basic Auth using environment variables
-- - 'BasicAuthStatic' : HTTP Basic Auth using static values
--
-- Define your own implementation to use custom authentication for production.
class AuthenticationMethod a where
    authenticate :: (?context :: ControllerContext, ?modelContext :: ModelContext) => IO ()

-- | Don't use any authentication for jobs.
data NoAuth

-- | Authenticate using HTTP Basic Authentication by looking up username/password values
-- in environment variables given as type-level strings.
data BasicAuth (userEnv :: Symbol) (passEnv :: Symbol)

-- | Authenticate using HTTP Basic Authentication using username/password given as type level strings.
-- Meant for development only!
data BasicAuthStatic (user :: Symbol) (pass :: Symbol)

instance AuthenticationMethod NoAuth where
    authenticate :: (?context::ControllerContext, ?modelContext::ModelContext) => IO ()
authenticate = () -> IO ()
forall a. a -> IO a
forall (f :: * -> *) a. Applicative f => a -> f a
pure ()

instance (KnownSymbol userEnv, KnownSymbol passEnv) => AuthenticationMethod (BasicAuth userEnv passEnv) where
    authenticate :: (?context::ControllerContext, ?modelContext::ModelContext) => IO ()
authenticate = do
        (Maybe Text, Maybe Text)
creds <- (,) (Maybe Text -> Maybe Text -> (Maybe Text, Maybe Text))
-> IO (Maybe Text) -> IO (Maybe Text -> (Maybe Text, Maybe Text))
forall (f :: * -> *) a b. Functor f => (a -> b) -> f a -> f b
<$> ByteString -> IO (Maybe Text)
forall (monad :: * -> *) result.
(MonadIO monad, EnvVarReader result) =>
ByteString -> monad (Maybe result)
EnvVar.envOrNothing (forall (symbol :: Symbol). KnownSymbol symbol => ByteString
symbolToByteString @userEnv) IO (Maybe Text -> (Maybe Text, Maybe Text))
-> IO (Maybe Text) -> IO (Maybe Text, Maybe Text)
forall a b. IO (a -> b) -> IO a -> IO b
forall (f :: * -> *) a b. Applicative f => f (a -> b) -> f a -> f b
<*> ByteString -> IO (Maybe Text)
forall (monad :: * -> *) result.
(MonadIO monad, EnvVarReader result) =>
ByteString -> monad (Maybe result)
EnvVar.envOrNothing (forall (symbol :: Symbol). KnownSymbol symbol => ByteString
symbolToByteString @passEnv)
        case (Maybe Text, Maybe Text)
creds of
            (Just Text
user, Just Text
pass) -> (?context::ControllerContext) => Text -> Text -> Text -> IO ()
Text -> Text -> Text -> IO ()
basicAuth Text
user Text
pass Text
"jobs"
            (Maybe Text, Maybe Text)
_ -> Text -> IO ()
forall a. Text -> a
error Text
"Did not find HTTP Basic Auth credentials for Jobs Dashboard."

instance (KnownSymbol user, KnownSymbol pass) => AuthenticationMethod (BasicAuthStatic user pass) where
    authenticate :: (?context::ControllerContext, ?modelContext::ModelContext) => IO ()
authenticate = (?context::ControllerContext) => Text -> Text -> Text -> IO ()
Text -> Text -> Text -> IO ()
basicAuth (String -> Text
forall a b. ConvertibleStrings a b => a -> b
cs (String -> Text) -> String -> Text
forall a b. (a -> b) -> a -> b
$ Proxy user -> String
forall (n :: Symbol) (proxy :: Symbol -> *).
KnownSymbol n =>
proxy n -> String
symbolVal (Proxy user -> String) -> Proxy user -> String
forall a b. (a -> b) -> a -> b
$ forall {k} (t :: k). Proxy t
forall (t :: Symbol). Proxy t
Proxy @user) (String -> Text
forall a b. ConvertibleStrings a b => a -> b
cs (String -> Text) -> String -> Text
forall a b. (a -> b) -> a -> b
$ Proxy pass -> String
forall (n :: Symbol) (proxy :: Symbol -> *).
KnownSymbol n =>
proxy n -> String
symbolVal (Proxy pass -> String) -> Proxy pass -> String
forall a b. (a -> b) -> a -> b
$ forall {k} (t :: k). Proxy t
forall (t :: Symbol). Proxy t
Proxy @pass) Text
"jobs"