2.11 Password Protection

Equivalent to (-> request? (or/c false/c string? )). The return is the authentication realm as a string if the request is not authorized and #f if the request is authorized.

procedure
( make denied?
[ #:authentication-responderauthentication-responder])
→dispatcher/c
denied?:denied?/c

authentication-responder : (url? header? . -> .response? )
= (gen-authentication-responder "forbidden.html")

A dispatcher that checks if the request is denied based on denied?. If so, then authentication-responder is called with a header that requests credentials. If not, then next-dispatcher is invoked.

value
authorized?/c :contract?

Equivalent to (-> string? (or/c false/c bytes? )(or/c false/c bytes? )(or/c false/c string? )). The input is the URI as a string and the username and passwords as bytes. The return is the authentication realm as a string if the user is not authorized and #f if the request is authorized.

procedure
( make-basic-denied?/path authorized?)→denied?/c
authorized?:authorized?/c

Creates a denied procedure from an authorized procedure.

procedure
( password-file->authorized? password-file)

→
(-> void ) authorized?/c
password-file:path-string?

Creates an authorization procedure based on the given password file. The first returned value is a procedure that refreshes the password cache used by the authorization procedure.

password-file is parsed as:

(list ([domain:string? ]
[path:string? ];This string is interpreted as a regex
(list [user:symbol? ]
[pass:string? ])
... )
... )

For example:

'(("secret stuff""/secret(/.*)?"(bubba"bbq")(Billy"BoB")))

top ← prev up next →