Web Server: HTTP Server
Dispatchers
On this page:
denied?/ c
make
authorized?/ c
make-basic-denied?/ path
  top← prev  up  next → 

2.9 Password Protection

 (require web-server/dispatchers/dispatch-passwords)
The web-server/dispatchers/dispatch-passwords module defines a dispatcher constructor that performs HTTP Basic authentication filtering.

denied?/c : contract?
Equivalent to (-> request? (or/c false/c string?)). The return is the authentication realm as a string if the request is not authorized and #f if the request is authorized.

(make denied? 
  [#:authentication-responder authentication-responder]) 
  dispatcher/c
  denied? : denied?/c
  authentication-responder : (url? header? . -> . response?)
   = (gen-authentication-responder "forbidden.html")
A dispatcher that checks if the request is denied based on denied?. If so, then authentication-responder is called with a header that requests credentials. If not, then next-dispatcher is invoked.

authorized?/c : contract?
Equivalent to (-> string? (or/c false/c bytes?) (or/c false/c bytes?) (or/c false/c string?)). The input is the URI as a string and the username and passwords as bytes. The return is the authentication realm as a string if the user is not authorized and #f if the request is authorized.

(make-basic-denied?/path password-file)
  
(-> void) authorized?/c
  password-file : path-string?
Creates an authorization procedure based on the given password file. The first returned value is a procedure that refreshes the password cache used by the authorization procedure.

password-file is parsed as:
(list ([domain : string?]
       [path : string?] ; This string is interpreted as a regex
       (list [user : symbol?]
             [pass : string?])
       ...)
      ...)
For example:

'(("secret stuff" "/secret(/.*)?" (bubba "bbq") (Billy "BoB")))

  top← prev  up  next →