DEV Community

Cover image for Building a Blog in Haskell with Yesod–Authentication
Riccardo Odone
Riccardo Odone

Posted on • Edited on • Originally published at odone.io

Building a Blog in Haskell with Yesod–Authentication

You can keep reading here or jump to my blog to get the full experience, including the wonderful pink, blue and white palette.


This is a series about Yesod: a Haskell web framework that follows a similar philosophy to Rails. In fact, it is strongly opinionated and provides a lot of functionality out of the box.

A good read about Yesod is available online for free: Developing web applications with Haskell and Yesod. That's why this series will be a commentary of the commits from a repo we will use to develop a super simple blog.

In other words, this won't be good material to learn how to use Yesod. However, it will hopefully give an overview of how the framework works.


Use authDummy for Logins

Up until now, we have used a form with username and password as a login. Turns out Yesod provides Yesod.Auth.Dummy to make development easy. Later on, in production other providers can be used.

Commit 76c4347cdf4f563e9f543e83e5558848d29826a5:

  • makes the landing page always redirect to the login page redirect $ AuthR LoginR
  • sets the posts page as the target redirect for a successful login loginDest _ = PostsR
  • sets our emptyLayout as a layout for the auth pages authLayout = liftHandler . emptyLayout

Show Logged-in User in the Layout

Commit aab5274c2ecb823b8c4d1c4eecfa37bf0e41c51f adds the username of the logged-in user to the layout.

Require Authentication for the Posts Page

Commit 9f97a457afdfb2c1fc7724dde990d650168783a7 adds authentication to the posts page:

- Nothing -> Unauthorized "You must login to access this page"
+ Nothing -> AuthenticationRequired
Enter fullscreen mode Exit fullscreen mode

In other words, if an unauthenticated user tries to visit the posts page, a redirect to the login form is triggered.

Tweaking the Landing

Commit dd46b15777f6118074f4b2ce461f78c5efca8ef1 makes the landing page redirect to either the login page or the posts page depending on the authentication state of the current user.


Get the latest content via email from me personally. Reply with your thoughts. Let's learn from each other. Subscribe to my PinkLetter!

Top comments (0)