-
Notifications
You must be signed in to change notification settings - Fork 1
/
Copy pathApi.hs
65 lines (54 loc) · 2.2 KB
/
Api.hs
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
{-# LANGUAGE DataKinds #-}
{-# LANGUAGE DeriveGeneric #-}
{-# LANGUAGE FlexibleContexts #-}
{-# LANGUAGE FlexibleInstances #-}
{-# LANGUAGE InstanceSigs #-}
{-# LANGUAGE MultiParamTypeClasses #-}
{-# LANGUAGE OverloadedStrings #-}
{-# LANGUAGE PolyKinds #-}
{-# LANGUAGE ScopedTypeVariables #-}
{-# LANGUAGE TypeFamilies #-}
{-# LANGUAGE TypeOperators #-}
-- Servant API definition and implementation. In a larger project,
-- implementation would likely be split out into separate files.
module Api where
import qualified Data.Text as T
import Servant
import Servant.Foreign
import Servant.Server.Experimental.Auth (AuthServerData)
import Types
-- Provide the missing HasForeign instance for AuthProtect, such that it is
-- compatible with JS generation and servant-options. See
--
-- * https://github.com/sordina/servant-options/issues/2
-- * https://github.com/haskell-servant/servant-auth/issues/8
instance forall lang ftype api.
( HasForeign lang ftype api
, HasForeignType lang ftype T.Text
)
=> HasForeign lang ftype (AuthProtect "google-jwt" :> api) where
type Foreign ftype (AuthProtect "google-jwt" :> api) = Foreign ftype api
foreignFor lang Proxy Proxy subR =
foreignFor lang Proxy (Proxy :: Proxy api) req
where
req = subR{ _reqHeaders = HeaderArg arg : _reqHeaders subR }
arg = Arg
{ _argName = PathSegment "Authorization"
, _argType = typeFor lang (Proxy :: Proxy ftype) (Proxy :: Proxy T.Text)
}
-- Associate the Account type with any route tagged "google-jwt".
type instance AuthServerData (AuthProtect "google-jwt") = Account
-- The main Servant API type.
type MyAPI =
-- Routes that need to be protected are tagged with AuthProtect
AuthProtect "google-jwt" :> "email" :> Get '[JSON] T.Text
-- Unprotected routes are allowed
:<|> "unprotected" :> Get '[JSON] T.Text
myApiProxy :: Proxy MyAPI
myApiProxy = Proxy
myApi :: Server MyAPI
myApi =
-- Protected routes will only be called if a valid account was present.
(\account -> return (acctEmail account))
-- Unprotected routes function per normal
:<|> return "unprotected"