Home/ Questions/Q 8485233
In Process

The Archive Base Latest Questions

Editorial Team
  • 0
Asked: 2026-06-10T20:35:06+00:00

I have a smallish Yesod application (using the scaffold). I’d like to add basic

  • 0

I have a smallish Yesod application (using the scaffold). I’d like to add basic HTTP authentication to all requests. Here’s what I tried so far:

  • I’ve read the docs on Yesod authentication, but there’s unfortunately no backend supporting this.
  • isAuthorized would be great, but I can’t see a way to read the headers there.
  • A WAI middleware would be elegant, but I can’t find any documentation describing how to use one with a full Yesod application. It’s also pretty clear that writing one is not completely trivial.

Was this already done? How should I approach this?

Share

Leave an answer

You must login to add an answer.

Need An Account,

1 Answer

  1. Editorial Team

    I’ve come up with a non-ideal solution: I prepend an action to all my handler functions. Maybe it’ll be useful for someone, maybe someone can improve upon this. Here’s the code:

    httpBasicAuth :: Handler ()
httpBasicAuth = do
  request <- waiRequest
  case lookup "Authorization" (requestHeaders request) of
    Just "Basic base64encodedusernameandpassword" -> return ()
    _ -> do
      setHeader "WWW-Authenticate" "Basic Realm=\"My Realm\""
      permissionDenied "Authentication required"

    And using it:

    fooR :: Handler ()
fooR = httpBasicAuth >> do
  sendResponseStatus status200 ()

    I’ll be more than happy to move the “accepted” checkmark if a better solution is posted.

    • 0