2.9 Password Protection
The web-server/dispatchers/dispatch-passwords module defines a dispatcher constructor
that performs HTTP Basic authentication filtering.
Equivalent to (-> request? (or/c false/c string?)). The
return is the authentication realm as a string if the request is not
authorized and #f if the request is authorized.
(make denied? [ #:authentication-responder authentication-responder]) → dispatcher/c denied? : denied?/c
authentication-responder : (url? header? . -> . response?) = (gen-authentication-responder "forbidden.html")
A dispatcher that checks if the request is denied based on
denied?. If so, then authentication-responder is
called with a header that requests credentials. If not, then
next-dispatcher is invoked.
Equivalent to
(-> string? (or/c false/c bytes?) (or/c false/c bytes?) (or/c false/c string?)).
The input is the URI as a string and the username and passwords as
bytes. The return is the authentication realm as a string if the user
is not authorized and #f if the request is authorized.
(make-basic-denied?/path authorized?) → denied?/c authorized? : authorized?/c
Creates a denied procedure from an authorized procedure.
(password-file->authorized? password-file)
→
(-> void) authorized?/c password-file : path-string?
Creates an authorization procedure based on the given password
file. The first returned value is a procedure that refreshes the
password cache used by the authorization procedure.
password-file is parsed as:
(list ([domain : string?] [path : string?] ; This string is interpreted as a regex (list [user : symbol?] [pass : string?]) ...) ...)
For example:
'(("secret stuff" "/secret(/.*)?" (bubba "bbq") (Billy "BoB")))