3.3.9 Password Protection

(require web-server/dispatchers/dispatch-passwords)

The web-server/dispatchers/dispatch-passwords module defines a dispatcher constructor that performs HTTP Basic authentication filtering.

denied?/c : contract?

Equivalent to (-> request? (or/c false/c string?)). The return is the authentication realm as a string if the request is not authorized and #f if the request is authorized.

(make   denied?      [ #:authentication-responder authentication-responder])

→ dispatcher/c

denied? : denied?/c

authentication-responder   :   (url? header? . -> . response?)       =   (gen-authentication-responder "forbidden.html")

A dispatcher that checks if the request is denied based on denied?. If so, then authentication-responder is called with a header that requests credentials. If not, then next-dispatcher is invoked.

authorized?/c : contract?

Equivalent to (-> string? (or/c false/c bytes?) (or/c false/c bytes?) (or/c false/c string?)). The input is the URI as a string and the username and passwords as bytes. The return is the authentication realm as a string if the user is not authorized and #f if the request is authorized.

(make-basic-denied?/path password-file)

→   (-> void)   authorized?/c

password-file : path-string?

Creates an authorization procedure based on the given password file. The first returned value is a procedure that refreshes the password cache used by the authorization procedure.

password-file is parsed as:

(list ([domain : string?]

[path : string?] ; This string is interpreted as a regex

(list [user : symbol?]

[pass : string?])

...)

...)

For example:

  '(("secret stuff" "/secret(/.*)?" (bubba "bbq") (Billy "BoB")))