(prototype) authentication, route for getting pending bangs

author: Lia Lenckowski <lialenck@protonmail.com> 2023-07-29 15:27:21 +0200
committer: Lia Lenckowski <lialenck@protonmail.com> 2023-07-29 15:27:21 +0200
commit: 9dc2650910bcca92980f0b16fbd5e9e8c94c0473 (patch)
tree: 28b6072c665e2dcdcd9eb9e5c891ce5a58236d88 /src/Auth.hs
parent: bdcd8fa39bc697d5ab2f10c6d600a78bfcbfdf34 (diff)
download: fastbangs-9dc2650910bcca92980f0b16fbd5e9e8c94c0473.tar
fastbangs-9dc2650910bcca92980f0b16fbd5e9e8c94c0473.tar.bz2
fastbangs-9dc2650910bcca92980f0b16fbd5e9e8c94c0473.tar.zst
1 files changed, 20 insertions, 0 deletions
diff --git a/src/Auth.hs b/src/Auth.hs
new file mode 100644
index 0000000..397dd75
--- /dev/null
+++ b/src/Auth.hs
@@ -0,0 +1,20 @@
+{-# LANGUAGE OverloadedStrings, LambdaCase #-}
+
+module Auth (
+    ensureAuth
+) where
+
+import Control.Monad (unless)
+import Crypto.Hash (hash, Digest, SHA512)
+import Data.ByteArray.Encoding (convertToBase, Base(Base64))
+import Data.ByteString (ByteString)
+import Data.Text.Encoding (encodeUtf8)
+import Yesod
+
+ensureAuth :: MonadHandler m => m ()
+ensureAuth = lookupBasicAuth >>= \case
+    Nothing -> notAuthenticated
+    Just (user, pw) -> unless (hashSha512 pw == hardcodedPw && user == "bleb") notAuthenticated
+  where hashSha512 pw = convertToBase Base64 $ (hash $ encodeUtf8 pw :: Digest SHA512)
+        hardcodedPw :: ByteString
+        hardcodedPw = "l2gTDo5UCimSIQcdK4IrAvJtCIE7KPB7IyS5N7EN4ic78/1mI+8pikPTQTn06+W1XTOk39TgqGEX5KfpAQVm4w=="
author	Lia Lenckowski <lialenck@protonmail.com>	2023-07-29 15:27:21 +0200
committer	Lia Lenckowski <lialenck@protonmail.com>	2023-07-29 15:27:21 +0200
commit	9dc2650910bcca92980f0b16fbd5e9e8c94c0473 (patch)
tree	28b6072c665e2dcdcd9eb9e5c891ce5a58236d88 /src/Auth.hs
parent	bdcd8fa39bc697d5ab2f10c6d600a78bfcbfdf34 (diff)
download	fastbangs-9dc2650910bcca92980f0b16fbd5e9e8c94c0473.tar fastbangs-9dc2650910bcca92980f0b16fbd5e9e8c94c0473.tar.bz2 fastbangs-9dc2650910bcca92980f0b16fbd5e9e8c94c0473.tar.zst