On this page:
denied?/  c
make
authorized?/  c
make-basic-denied?/  path
password-file->authorized?

2.9 Password Protection

 (require web-server/dispatchers/dispatch-passwords)
  package: web-server-lib
The web-server/dispatchers/dispatch-passwords module defines a dispatcher constructor that performs HTTP Basic authentication filtering.

Equivalent to (-> request? (or/c false/c string?)). The return is the authentication realm as a string if the request is not authorized and #f if the request is authorized.

procedure

(make denied? 
  [#:authentication-responder authentication-responder]) 
  dispatcher/c
  denied? : denied?/c
  authentication-responder : (url? header? . -> . response?)
   = (gen-authentication-responder "forbidden.html")
A dispatcher that checks if the request is denied based on denied?. If so, then authentication-responder is called with a header that requests credentials. If not, then next-dispatcher is invoked.

Equivalent to (-> string? (or/c false/c bytes?) (or/c false/c bytes?) (or/c false/c string?)). The input is the URI as a string and the username and passwords as bytes. The return is the authentication realm as a string if the user is not authorized and #f if the request is authorized.

procedure

(make-basic-denied?/path authorized?)  denied?/c

  authorized? : authorized?/c
Creates a denied procedure from an authorized procedure.

procedure

(password-file->authorized? password-file)

  
(-> void) authorized?/c
  password-file : path-string?
Creates an authorization procedure based on the given password file. The first returned value is a procedure that refreshes the password cache used by the authorization procedure.

password-file is parsed as:
(list ([domain : string?]
       [path : string?] ; This string is interpreted as a regex
       (list [user : symbol?]
             [pass : string?])
       ...)
      ...)
For example:

'(("secret stuff" "/secret(/.*)?" (bubba "bbq") (Billy "BoB")))