| CARVIEW |
Select Language
HTTP/1.1 200 OK
Connection: keep-alive
Server: nginx/1.24.0 (Ubuntu)
Content-Type: text/html; charset=utf-8
Cache-Control: public, max-age=300
Content-Encoding: gzip
Via: 1.1 varnish, 1.1 varnish
Accept-Ranges: bytes
Age: 0
Date: Sat, 17 Jan 2026 13:30:23 GMT
X-Served-By: cache-dfw-kdal2120111-DFW, cache-bom-vanm7210070-BOM
X-Cache: MISS, MISS
X-Cache-Hits: 0, 0
X-Timer: S1768656623.958297,VS0,VE298
Vary: Accept, Accept-Encoding
transfer-encoding: chunked
biscuit-servant: Servant support for the Biscuit security token
[Skip to Readme]
biscuit-servant 🤖
biscuit-servant: Servant support for the Biscuit security token
Please see the README on GitHub at https://github.com/biscuit-auth/biscuit-haskell#readme
[Skip to Readme]
Downloads
- biscuit-servant-0.4.0.0.tar.gz [browse] (Cabal source package)
- Package description (as included in the package)
Maintainer's Corner
For package maintainers and hackage trustees
Candidates
| Versions [RSS] | 0.1.1.0, 0.2.0.0, 0.2.0.1, 0.2.1.0, 0.3.0.0, 0.3.0.1, 0.4.0.0 |
|---|---|
| Change log | ChangeLog.md |
| Dependencies | base (>=4.7 && <5), biscuit-haskell (>=0.4 && <0.5), bytestring (>=0.10 && <0.12), mtl (>=2.2 && <2.4), servant-server (>=0.18 && <0.21), text (>=1.2 && <3), wai (>=3.2 && <3.3) [details] |
| Tested with | ghc ==9.0.2 || ==9.2.4 || ==9.6.5 || ==9.8.2 |
| License | BSD-3-Clause |
| Copyright | 2021 Clément Delafargue |
| Author | Clément Delafargue |
| Maintainer | clement@delafargue.name |
| Uploaded | by clementd at 2024-07-31T14:46:18Z |
| Category | Security |
| Home page | https://github.com/biscuit-auth/biscuit-haskell#readme |
| Bug tracker | https://github.com/biscuit-auth/biscuit-haskell/issues |
| Source repo | head: git clone https://github.com/biscuit-auth/biscuit-haskell |
| Distributions | |
| Downloads | 593 total (21 in the last 30 days) |
| Rating | (no votes yet) [estimated by Bayesian average] |
| Your Rating |
|
| Status | Docs uploaded by user Build status unknown [no reports yet] |
Readme for biscuit-servant-0.4.0.0
[back to package description]
biscuit-servant 🤖 
Servant combinators to enable biscuit validation in your API trees
Usage
type AppM = WithAuthorizer Handler
type API = RequireBiscuit :> ProtectedAPI
-- /users
-- /users/:userId
type ProtectedAPI =
"users" :> ( Get '[JSON] [User]
:<|> Capture "userId" Int :> Get '[JSON] User
)
app :: PublicKey -> Application
app pk = serveWithContext @API Proxy (genBiscuitCtx pk) server
server :: Server API
server biscuit =
let handlers = userListHandler :<|> singleUserHandler
handleAuth =
handleBiscuit biscuit
-- `allow if right("admin");` will be the first policy
-- for every endpoint.
-- Policies added by endpoints (or sub-apis) will tried after this one.
. withPriorityAuthorizer [authorizer|allow if right("admin");|]
-- `deny if true;` will be the last policy for every endpoint.
-- Policies added by endpoints (or sub-apis) will tried before this one.
. withFallbackAuthorizer [authorizer|deny if true;|]
in hoistServer @ProtectedAPI Proxy handleAuth handlers
allUsers :: [User]
allUsers = [ User 1 "Danielle" "George"
, User 2 "Albert" "Einstein"
]
userListHandler :: AppM [User]
userListHandler = withAuthorizer [authorizer|allow if right("userList")|]
$ pure allUsers
singleUserHandler :: Int -> AppM User
singleUserHandler uid =
withAuthorizer [authorizer|allow if right("getUser", {uid})|] $
let user = find (\user -> userId user == uid) allUsers
in maybe (throwError error404) (\user -> pure user) user