Module documentation for 0.1.2.1
Middleware that secures WAI application
$ stack install wai-middleware-auth
$ cabal install wai-middleware-auth
Along with middleware this package ships with an executbale
can function as a protected file server or a reverse proxy. Right from the box
it supports OAuth2 authentication as well as it's custom implementations for
Google and Github.
Configuration is done using a yaml config file. Here is a sample file that will
wai-auth to run a file server with google and github authentication
app_root: "_env:APPROOT:http://localhost:3000" app_port: 3000 cookie_age: 3600 secret_key: "...+vwscbKR4DyPT" file_server: root_folder: "/path/to/html/files" redirect_to_index: true add_trailing_slash: true providers: github: client_id: "...94cc" client_secret: "...166f" app_name: "Dev App for wai-middleware-auth" email_white_list: - "^[a-zA-Z0-9._%+-]+@example.com$" google: client_id: "...qlj.apps.googleusercontent.com" client_secret: "...oxW" email_white_list: - "^[a-zA-Z0-9._%+-]+@example.com$"
Above configuration will also block access to users that don't have an email
example.com domain. There is also a
secret_key field which will be used
to encrypt the session cookie. In order to generate a new random key run this command:
$ echo $(wai-auth key --base64) azuCFq0zEBkLSXhQrhliZzZD8Kblo...
Make sure you have proper callback/redirect urls registered with google/github
After configuration file is ready, running application is very easy:
$ wai-auth --config-file=/path/to/config.yaml Listening on port 3000
Compatibility with hoauth2-1.3.0 - fixed: #4
Implemented compatibility with hoauth2 >= 1.0.0 - fixed: #3
- Disallow empty
userIdentityto produce a successfull login.
- Produces a 404 on
/favicon.icopage if not logged in: work around for issue with Chrome requesting it first and messing up the redirect url.
- Added JQuery to the template, since it's bootstrap's requirement.
Fixed whitelist email regex matching for Github and Google auth.
- Initial implementation.