User management (web) - am I doing this right?

Hi! In my adventures exploring scotty and web programming I’m implementing a small bulletin board website and an important part of it is user registration, authentication, authorization, session, etc.

I’ve since extracted the code I wrote for all of this into its own “library”, however, when I researched the subject and how to implement this kind of functionality I didn’t really find examples of how this is done in Haskell, and I wanted to make sure I’m not messing this up terribly somewhere.

If anyone could take a look and give some tips, security-wise/functionality-wise/other, I would really appreciate it! I have little experience with web programming and this would be really helpful!

The repository which contains the users functionality can be found here:

Thanks in advance!