2.9 Password Protection
The web-server/dispatchers/dispatch-passwords module defines a dispatcher constructor that performs HTTP Basic authentication filtering.
Equivalent to (-> request? (or/c false/c string?)). The return is the authentication realm as a string if the request is not authorized and #f if the request is authorized.
(make denied? [ #:authentication-responder authentication-responder]) → dispatcher/c denied? : denied?/c
authentication-responder : (url? header? . -> . response?) = (gen-authentication-responder "forbidden.html")
A dispatcher that checks if the request is denied based on denied?. If so, then authentication-responder is called with a header that requests credentials. If not, then next-dispatcher is invoked.
Equivalent to (-> string? (or/c false/c bytes?) (or/c false/c bytes?) (or/c false/c string?)). The input is the URI as a string and the username and passwords as bytes. The return is the authentication realm as a string if the user is not authorized and #f if the request is authorized.
(make-basic-denied?/path authorized?) → denied?/c authorized? : authorized?/c
Creates a denied procedure from an authorized procedure.
(-> void) authorized?/c password-file : path-string?
Creates an authorization procedure based on the given password file. The first returned value is a procedure that refreshes the password cache used by the authorization procedure.
password-file is parsed as:
(list ([domain : string?] [path : string?] ; This string is interpreted as a regex (list [user : symbol?] [pass : string?]) ...) ...)
'(("secret stuff" "/secret(/.*)?" (bubba "bbq") (Billy "BoB")))