rally/runtime/auth_http
Types
pub type CodeAuthRoutes(context) {
CodeAuthRoutes(
session: fn(context) -> session.AuthSession,
verify_code: fn(String, context) -> Result(Int, Nil),
deliver_code: fn(String, context) -> Result(Nil, Nil),
sign_in_default_return_to: String,
sign_in_return_to: fn(String) -> String,
sign_out_default_return_to: String,
secure: Bool,
)
}Constructors
-
CodeAuthRoutes( session: fn(context) -> session.AuthSession, verify_code: fn(String, context) -> Result(Int, Nil), deliver_code: fn(String, context) -> Result(Nil, Nil), sign_in_default_return_to: String, sign_in_return_to: fn(String) -> String, sign_out_default_return_to: String, secure: Bool, )
pub type GoogleAuthRoutes(context) {
GoogleAuthRoutes(
session: fn(context) -> session.AuthSession,
credentials: fn(context) -> Result(GoogleCredentials, Nil),
sign_in: fn(GoogleCallback, context) -> Result(Int, Nil),
sign_in_default_return_to: String,
sign_in_return_to: fn(String) -> String,
secure: Bool,
)
}Constructors
-
GoogleAuthRoutes( session: fn(context) -> session.AuthSession, credentials: fn(context) -> Result(GoogleCredentials, Nil), sign_in: fn(GoogleCallback, context) -> Result(Int, Nil), sign_in_default_return_to: String, sign_in_return_to: fn(String) -> String, secure: Bool, )
pub type GoogleCallback {
GoogleCallback(code: String, credentials: GoogleCredentials)
}Constructors
-
GoogleCallback(code: String, credentials: GoogleCredentials)
pub type GoogleCredentials {
GoogleCredentials(
client_id: String,
client_secret: String,
redirect_uri: String,
)
}Constructors
-
GoogleCredentials( client_id: String, client_secret: String, redirect_uri: String, )
pub type RequestAuth(user) {
RequestAuth(
session: session.AuthSession,
load_user: fn(Int) -> Result(user, Nil),
can_access: fn(user) -> Bool,
)
}Constructors
-
RequestAuth( session: session.AuthSession, load_user: fn(Int) -> Result(user, Nil), can_access: fn(user) -> Bool, )
Values
pub fn authenticated_user(
req req: request.Request(body),
auth auth: RequestAuth(user),
) -> Result(user, Nil)pub fn authorized_user(
req req: request.Request(body),
auth auth: RequestAuth(user),
) -> Result(user, Nil)pub fn code_sent_redirect(
return_to: String,
) -> response.Response(mist.ResponseData)pub fn finish_google_sign_in(
req req: request.Request(body),
session session: session.AuthSession,
credentials credentials: GoogleCredentials,
sign_in sign_in: fn(GoogleCallback) -> Result(Int, Nil),
default_return_to default_return_to: String,
return_to return_to: fn(String) -> String,
secure secure: Bool,
) -> response.Response(mist.ResponseData)Finish the standard Google OAuth sign-in workflow. Rally verifies the state cookie and issues the Rally auth session. The app exchanges the provider code, verifies identity, and returns the local user.
pub fn form_value(
pairs: List(#(String, String)),
name: String,
) -> Result(String, Nil)pub fn google_not_configured_response() -> response.Response(
mist.ResponseData,
)pub fn invalid_sign_in_redirect(
return_to: String,
) -> response.Response(mist.ResponseData)pub fn issue_user_session(
session session: session.AuthSession,
return_to return_to: String,
user_id user_id: Int,
secure secure: Bool,
) -> response.Response(mist.ResponseData)pub fn protect(
req req: request.Request(body),
auth auth: RequestAuth(user),
render render: fn(user) -> response.Response(mist.ResponseData),
) -> response.Response(mist.ResponseData)pub fn read_sign_in_form(
req req: request.Request(mist.Connection),
invalid_return_to invalid_return_to: String,
) -> Result(
List(#(String, String)),
response.Response(mist.ResponseData),
)pub fn request_return_to(
req req: request.Request(body),
default_return_to default_return_to: String,
return_to return_to: fn(String) -> String,
) -> Stringpub fn request_sign_in_code(
req req: request.Request(mist.Connection),
deliver_code deliver_code: fn(String) -> Result(Nil, Nil),
default_return_to default_return_to: String,
return_to return_to: fn(String) -> String,
) -> response.Response(mist.ResponseData)Handle the standard email/code request workflow. Rally owns form parsing and redirects; the app owns user lookup, code storage, and delivery through the callback.
pub fn route_code_auth(
req req: request.Request(mist.Connection),
context context: context,
routes routes: CodeAuthRoutes(context),
) -> Result(response.Response(mist.ResponseData), Nil)pub fn route_google_auth(
req req: request.Request(body),
context context: context,
routes routes: GoogleAuthRoutes(context),
) -> Result(response.Response(mist.ResponseData), Nil)pub fn safe_local_path(
path: Result(String, Nil),
default default: String,
) -> Stringpub fn sign_in_redirect(
return_to: String,
) -> response.Response(mist.ResponseData)pub fn sign_in_with_code(
req req: request.Request(mist.Connection),
session session: session.AuthSession,
verify_code verify_code: fn(String) -> Result(Int, Nil),
default_return_to default_return_to: String,
return_to return_to: fn(String) -> String,
secure secure: Bool,
) -> response.Response(mist.ResponseData)Handle the standard email/code sign-in POST workflow. Rally owns form parsing, local return-path safety, invalid redirects, and session issuing. The app supplies credential verification and any product route narrowing for the already-local return path.
pub fn sign_out(
req req: request.Request(mist.Connection),
default_return_to default_return_to: String,
secure secure: Bool,
) -> response.Response(mist.ResponseData)pub fn start_google_sign_in(
req req: request.Request(body),
credentials credentials: GoogleCredentials,
default_return_to default_return_to: String,
return_to return_to: fn(String) -> String,
secure secure: Bool,
) -> response.Response(mist.ResponseData)Start the standard Google OAuth sign-in workflow. Rally owns local return-path safety, state cookies, and the provider redirect. The app owns OAuth credentials.