Next: Introduction, Previous: (dir), Up: (dir) [Contents][Index]
This is the hermetic Reference Manual, version 0.1, generated automatically by Declt version 2.4 "Will Decker" on Wed Jun 20 11:56:25 2018 GMT+0.
• Introduction: | What hermetic is all about | |
• Systems: | The systems documentation | |
• Modules: | The modules documentation | |
• Files: | The files documentation | |
• Packages: | The packages documentation | |
• Definitions: | The symbols documentation | |
• Indexes: | Concepts, functions, variables and data types |
Simple authentication for Clack-based Common Lisp web applications.
See the demo app for a complete example.
To mitigate the risks of the NSA convincing people to hash passwords with things like SHA-256, only PBKDF2 (And eventually scrypt) is supported
:pbkdf2-sha1
:pbkdf2-sha256
:pbkdf2-sha512
setup
Hermetic is not opinionated, doesn't integrate into an existing database or
create any models. As such, it needs to be told how to find a user's
information to provide authentication. This is what setup
is for:
(setup
:user-p ;; str->bool, t if a username exists, nil otherwise
:user-pass ;; str->str, maps a username to a password (hash, hopefully)
:user-roles ;; str->(list sym), maps a username to a list of roles,
;; for example: (:user) (:user :tester :staff) (:user :admin)
:session ;; the /expression/ for the session object. ningle:*session* on
;; Ningle <https://github.com/fukamachi/ningle>.
:denied ;; A function that displays an "access denied" message
)
For example, if your users are stored in a simple in-memory hash-table as in the demo app:
(defmacro get-user (username)
`(gethash ,username *users*))
(setup
:user-p #'(lambda (user) (get-user user))
:user-pass #'(lambda (user) (getf (get-user user) :pass))
:user-roles #'(lambda (user) (getf (get-user user) :roles))
:session *session*)
login
When creating your login view, the login
macro handles most of the work for
you.
auth
Grants access to a site only to users whose roles intersect with the roles in the first argument.
If an access denied page is not provided, the global one is used instead.
Example:
(setf (route *app* "/user/profile/:userid" :method :GET)
(lambda (params
(auth (:user)
(render-template "templates/profile.html")
(render-error "You have to log in to view user profiles.")))))
When auth
isn't enough to determine who gets to use what, Hermetic provides a
few functions for accessing user data from inside a view.
logged-in-p
: Exactly what it says on the tin.user-name
: Returns the username of the current user.roles
: Returns the list of roles of the current user.role-p
: Checks if a user has a role.logout
Logs the user out. Takes two expressions, on-success
and on-failure
.
Copyright (c) 2013 Fernando Borretti (eudoxiahp@gmail.com).
Licensed under the MIT License.
Next: Modules, Previous: Introduction, Up: Top [Contents][Index]
The main system appears first, followed by any subsystem dependency.
• The hermetic system: |
Fernando Borretti
MIT
# Hermetic
Simple authentication for [Clack](http://clacklisp.org/)-based Common Lisp web
applications.
# Usage
See the demo app for a complete example.
## Available Password-Hashing Functions
To mitigate the risks of the NSA convincing people to hash passwords with things
like SHA-256, only PBKDF2 (And eventually scrypt) is supported
* ‘:pbkdf2-sha1‘
* ‘:pbkdf2-sha256‘
* ‘:pbkdf2-sha512‘
## ‘setup‘
Hermetic is not opinionated, doesn’t integrate into an existing database or
create any models. As such, it needs to be told how to find a user’s
information to provide authentication. This is what ‘setup‘ is for:
“‘lisp
(setup
:user-p ;; str->bool, t if a username exists, nil otherwise
:user-pass ;; str->str, maps a username to a password (hash, hopefully)
:user-roles ;; str->(list sym), maps a username to a list of roles,
;; for example: (:user) (:user :tester :staff) (:user :admin)
:session ;; the /expression/ for the session object. ningle:*session* on
;; Ningle <https://github.com/fukamachi/ningle>.
:denied ;; A function that displays an "access denied" message
)
“‘
For example, if your users are stored in a simple in-memory hash-table as in the
demo app:
“‘lisp
(defmacro get-user (username)
‘(gethash ,username *users*))
(setup
:user-p #’(lambda (user) (get-user user))
:user-pass #’(lambda (user) (getf (get-user user) :pass))
:user-roles #’(lambda (user) (getf (get-user user) :roles))
:session *session*)
“‘
## ‘login‘
When creating your login view, the ‘login‘ macro handles most of the work for
you.
## ‘auth‘
Grants access to a site only to users whose roles intersect with the roles in
the first argument.
If an access denied page is not provided, the global one is used instead.
Example:
“‘lisp
(setf (route *app* "/user/profile/:userid" :method :GET)
(lambda (params
(auth (:user)
(render-template "templates/profile.html")
(render-error "You have to log in to view user profiles.")))))
“‘
## Misc.
When ‘auth‘ isn’t enough to determine who gets to use what, Hermetic provides a
few functions for accessing user data from inside a view.
* ‘logged-in-p‘: Exactly what it says on the tin.
* ‘user-name‘: Returns the username of the current user.
* ‘roles‘: Returns the list of roles of the current user.
* ‘role-p‘: Checks if a user has a role.
## ‘logout‘
Logs the user out. Takes two expressions, ‘on-success‘ and ‘on-failure‘.
# License
Copyright (c) 2013 Fernando Borretti (eudoxiahp@gmail.com).
Licensed under the MIT License.
0.1
hermetic.asd (file)
src (module)
Modules are listed depth-first from the system components tree.
• The hermetic/src module: |
hermetic (system)
src/
hermetic.lisp (file)
Files are sorted by type and then listed depth-first from the systems components trees.
• Lisp files: |
• The hermetic.asd file: | ||
• The hermetic/src/hermetic.lisp file: |
Next: The hermetic/src/hermetic<dot>lisp file, Previous: Lisp files, Up: Lisp files [Contents][Index]
hermetic.asd
hermetic (system)
Previous: The hermetic<dot>asd file, Up: Lisp files [Contents][Index]
src (module)
src/hermetic.lisp
Next: Definitions, Previous: Files, Up: Top [Contents][Index]
Packages are listed by definition order.
• The hermetic-asd package: | ||
• The hermetic package: |
Next: The hermetic package, Previous: Packages, Up: Packages [Contents][Index]
hermetic.asd
Previous: The hermetic-asd package, Up: Packages [Contents][Index]
hermetic.lisp (file)
Definitions are sorted by export status, category, package, and then by lexicographic order.
• Exported definitions: | ||
• Internal definitions: |
Next: Internal definitions, Previous: Definitions, Up: Definitions [Contents][Index]
• Exported macros: |
Previous: Exported definitions, Up: Exported definitions [Contents][Index]
hermetic.lisp (file)
hermetic.lisp (file)
hermetic.lisp (file)
hermetic.lisp (file)
hermetic.lisp (file)
Provide functions for *user-p* and *user-pass*
hermetic.lisp (file)
Previous: Exported definitions, Up: Definitions [Contents][Index]
• Internal special variables: | ||
• Internal macros: | ||
• Internal functions: |
Next: Internal macros, Previous: Internal definitions, Up: Internal definitions [Contents][Index]
A function that gets called when a user tries to access a page without sufficient privileges
hermetic.lisp (file)
The expression for accessing the session object.
hermetic.lisp (file)
A function that takes a username string, and returns t
if a user by that name exists in the database, otherwise nil.
hermetic.lisp (file)
A function to retrieve the hash of a user’s password from its username
hermetic.lisp (file)
A function that maps a username to a list of roles.
hermetic.lisp (file)
Next: Internal functions, Previous: Internal special variables, Up: Internal definitions [Contents][Index]
hermetic.lisp (file)
hermetic.lisp (file)
Previous: Internal macros, Up: Internal definitions [Contents][Index]
hermetic.lisp (file)
Previous: Definitions, Up: Top [Contents][Index]
• Concept index: | ||
• Function index: | ||
• Variable index: | ||
• Data type index: |
Next: Function index, Previous: Indexes, Up: Indexes [Contents][Index]
Jump to: | F H L M |
---|
Jump to: | F H L M |
---|
Next: Variable index, Previous: Concept index, Up: Indexes [Contents][Index]
Jump to: | A F L M R S U |
---|
Jump to: | A F L M R S U |
---|
Next: Data type index, Previous: Function index, Up: Indexes [Contents][Index]
Jump to: | *
S |
---|
Jump to: | *
S |
---|
Previous: Variable index, Up: Indexes [Contents][Index]
Jump to: | H P S |
---|
Jump to: | H P S |
---|