diff --git a/servant-examples/auth-combinator/auth-combinator.hs b/servant-examples/auth-combinator/auth-combinator.hs
index 5bf81509..903babb4 100644
--- a/servant-examples/auth-combinator/auth-combinator.hs
+++ b/servant-examples/auth-combinator/auth-combinator.hs
@@ -1,19 +1,14 @@
-{-# LANGUAGE DataKinds           #-}
-{-# LANGUAGE DeriveGeneric       #-}
-{-# LANGUAGE FlexibleInstances   #-}
-{-# LANGUAGE OverloadedStrings   #-}
+-- | An example of a custom authentication framework that checks a Cookie for a
+-- value.
+
+{-# LANGUAGE DataKinds #-}
+{-# LANGUAGE TypeFamilies #-}
+{-# LANGUAGE DeriveGeneric #-}
+{-# LANGUAGE TypeOperators #-}
+{-# LANGUAGE FlexibleInstances #-}
+{-# LANGUAGE OverloadedStrings #-}
 {-# LANGUAGE ScopedTypeVariables #-}
-{-# LANGUAGE TypeFamilies        #-}
-{-# LANGUAGE TypeOperators       #-}
-import           Data.Aeson
-import           Data.ByteString          (ByteString)
-import           Data.Text                (Text)
-import           GHC.Generics
-import           Network.HTTP.Types
-import           Network.Wai
-import           Network.Wai.Handler.Warp
-import           Servant
-import           Servant.Server.Internal
+
 import Data.Aeson
 import Data.ByteString (ByteString)
 import Data.ByteString.Builder.Internal (byteStringCopy)
@@ -28,9 +23,6 @@ import Servant.API.Authentication
 import Servant.Server.Internal
 import Servant.Server.Internal.Authentication (strictProtect, AuthHandlers(AuthHandlers))
 
--- | An example of a custom authentication framework that checks a Cookie for a
--- value.
-
 -- | Data we will use to test for authentication
 data CookieAuth = CookieAuth { cookie :: ByteString }
 
diff --git a/servant-server/src/Servant/Server/Internal/Authentication.hs b/servant-server/src/Servant/Server/Internal/Authentication.hs
index f050969c..dfad221a 100644
--- a/servant-server/src/Servant/Server/Internal/Authentication.hs
+++ b/servant-server/src/Servant/Server/Internal/Authentication.hs
@@ -60,13 +60,13 @@ data instance AuthProtected authData usr subserver 'Lax =
                      , subServerLax :: subserver
                      }
 
--- | handy function to build an auth-protected bit of API with a Lax policy
+-- | handy function to build an auth-protected bit of API with a 'Lax' policy
 laxProtect :: (authData -> IO (Maybe usr)) -- ^ check auth
            -> subserver                    -- ^ the handlers for the auth-aware bits of the API
            -> AuthProtected authData usr subserver 'Lax
 laxProtect = AuthProtectedLax
 
--- | handy function to build an auth-protected bit of API with a Strict policy
+-- | handy function to build an auth-protected bit of API with a 'Strict' policy
 strictProtect :: (authData -> IO (Maybe usr)) -- ^ check auth
               -> AuthHandlers authData        -- ^ functions to call on auth failure
               -> subserver                    -- ^ handlers for the auth-protected bits of the API