Servant Auth forces me to use JWT #1598
Description
This is a bit odd, but I have the following API:
data API mode = API
{ info :: mode :- (Auth '[GWS] ( UserProfile Int ) ) :> "info" :> NamedRoutes InfoAPI
, template :: mode :- (Auth '[GWS] ( UserProfile Int ) ) :> "template" :> NamedRoutes TemplateAPI
}
deriving (Generic)However, I get this warning when I try to compile the program:
server/Server/Servant.hs:132:14: error:
• Could not deduce (Servant.Server.Internal.Context.HasContextEntry
'[] Servant.Auth.Server.Internal.ConfigTypes.JWTSettings)
arising from a use of ‘genericServeTWithContext’
from the context: (Given ServerLib.DatabaseUnitSystem,
Given PdxfVersion, Given Reporter, Given ServerLib.Port,
Given ServerLib.JwsHmacSecret)
bound by a type expected by the context:
(Given ServerLib.DatabaseUnitSystem, Given PdxfVersion,
Given Reporter, Given ServerLib.Port,
Given ServerLib.JwsHmacSecret) =>
IO ()
at server/Server/Servant.hs:(121,26)-(132,49)
• In the second argument of ‘($)’, namely
‘genericServeTWithContext trn srv ctx’
In a stmt of a 'do' block:
run 8088 $ genericServeTWithContext trn srv ctx
In the second argument of ‘($)’, namely
‘do let trn = flip runReaderT Env
srv = srvr
....
run 8088 $ genericServeTWithContext trn srv ctx’
|
132 | run 8088 $ genericServeTWithContext trn srv ctx
| ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
Basically it says I should add JWTSettings to my context (even though I have no JWT auth method defined in the Auth list). And if I do add JWTSettings then it asks me to add the CookieSettings as well, and after that to implement the FromJWT instance for my auth result type:
server/Server/Servant.hs:132:14: error:
• Could not deduce (ToJWT (UserProfile Flouble))
arising from a use of ‘genericServeTWithContext’
from the context: (Given ServerLib.DatabaseUnitSystem,
Given PdxfVersion, Given Reporter, Given ServerLib.Port,
Given ServerLib.JwsHmacSecret)
bound by a type expected by the context:
(Given ServerLib.DatabaseUnitSystem, Given PdxfVersion,
Given Reporter, Given ServerLib.Port,
Given ServerLib.JwsHmacSecret) =>
IO ()
at server/Server/Servant.hs:(121,26)-(132,49)
• In the second argument of ‘($)’, namely
‘genericServeTWithContext trn srv ctx’
In a stmt of a 'do' block:
run 8088 $ genericServeTWithContext trn srv ctx
In the second argument of ‘($)’, namely
‘do let trn = flip runReaderT Env
srv = srvr
....
run 8088 $ genericServeTWithContext trn srv ctx’
|
132 | run 8088 $ genericServeTWithContext trn srv ctx
| ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
After I provide a bogus implementation of ToJWT it settles down, however, now I'm worried it'll try to use it at some point (haven't tested that out yet).
The problem is a constraint in the Auth HasServer instance which requires me to have a ToJWT instance. I don't see why that should be required.
I would also like to implement my own JWT auth, as I have some legacy auth stuff to deal with and I need to check the database when parsing the JWT, so ToJWT and FromJWT aren't enough, and now I'm worried about how this is going to interact with each other.