Authentication

You can tell Slumber how to authenticate requests when defining services.

type Config () = 
  interface IContainerDescription with
    member this.Describe baseUrl = 
      containerAt (relativeUrl baseUrl "/api")
      |> authenticatedBy Security.auth true
      ...

This snippet creates a container which uses the Security.auth function to authenticate. The second argument to authenticatedBy tells Slumber that all bindings should be private (i.e. requiring authentication) by default. If authentication fails for a request to a private binding then Slumber will return an HTTP 401 response.

The authentication function itself must have the signature Request -> AuthenticationResult. If authentication is successful Allow record should be returned with an optional UserData record, otherwise Deny should be returned. The UserData record can be accessed later via OperationMetadata.

The privacy level of individual bindings can be set using the public' and private' functions when defining services.

///When bindings are private by default
supporting (public' get People.getPerson)

///When bindings are public by default
supporting (private' get People.getPerson)

Note that the authentication function is not called for public bindings and the UserData record on OperationMetadata will always be None.

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Authentication

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Clone this wiki locally