Skip to Main Content
Developing Web Applications with Haskell and Yesod
book

Developing Web Applications with Haskell and Yesod

by Michael Snoyman
April 2012
Intermediate to advanced content levelIntermediate to advanced
294 pages
6h 27m
English
O'Reilly Media, Inc.
Content preview from Developing Web Applications with Haskell and Yesod

Chapter 14. Authentication and Authorization

Authentication and authorization are two very related, and yet separate, concepts. While the former deals with identifying a user, the latter determines what a user is allowed to do. Unfortunately, since both terms are often abbreviated as “auth,” the concepts are often conflated.

Yesod provides built-in support for a number of third-party authentication systems, such as OpenID, BrowserID, and OAuth. These are systems where your application trusts some external system for validating a user’s credentials. Additionally, there is support for more commonly used username/password and email/password systems. The former route ensures simplicity for users (no new passwords to remember) and implementors (no need to deal with an entire security architecture), while the latter gives the developer more control.

On the authorization side, we are able to take advantage of REST and type-safe URLs to create simple, declarative systems. Additionally, since all authorization code is written in Haskell, you have the full flexibility of the language at your disposal.

This chapter will cover how to set up an “auth” solution in Yesod and discuss some trade-offs in the different authentication options.

Overview

The yesod-auth package provides a unified interface for a number of different authentication plug-ins. The only real requirement for these backends is that they identify a user based on some unique string. In OpenID, for instance, this would be the actual ...

Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
and much more.
Start your free trial

You might also like

Developing Web Apps with Haskell and Yesod, 2nd Edition

Developing Web Apps with Haskell and Yesod, 2nd Edition

Michael Michael Snoyman Snoyman

Publisher Resources

ISBN: 9781449336868Supplemental ContentErrata Page