Only use middleware on certain routes

[glittershark]

I have a middleware that will authenticate the request - is there any way for me to mount this middleware only on those routes that require auhentication (ie, at some stage in the route-matching process) or would I have to do it using an actionM rather than a middleware and manually call it on every single authenticated route?

[ocramz]

if ScottyT were a MonadReader, we could implement this new function in terms oflocal https://hackage.haskell.org/package/mtl-2.2.2/docs/Control-Monad-Reader-Class.html#v:local .

@glittershark I know it's been a few years 😅 but do you happen to remember where was the authentication middleware from?

[glittershark]

oh, boy.

My initial thought was "absolutely no way I still have any clue what's going on", but I did some digging and I actually managed to find the original code, which is wild to me given this was 8 years ago.

Originally:

authenticate :: Context -> Middleware
authenticate ctx app req respond =
    -- TODO: Looks like Scotty doesn't support middleware only on certain routes :/
    if pathInfo req == ["tokens"] then passthrough else
    case getBearerToken $ requestHeaders req of
      Left _ -> respond authenticationError
      Right token -> do
        valid <- validate ctx token
        if valid then passthrough else respond authenticationError
    where passthrough = app req respond

blast from the past. thanks for the hit of nostalgia!

[ocramz]

I think this could be implemented here at no extra cost thanks to wai-extra ? https://hackage.haskell.org/package/wai-extra-3.1.14/docs/Network-Wai-Middleware-Select.html