#1 2011-10-15 20:48:40

yurasek
Member
From: Belarus
Registered: 2011-04-19
Posts: 18

Framework authentication

I can not understand with built-in authentication mechanisms. Using even the Admin user with rights by default, I can not get the table contents using the method MultiFieldValues, as well as get the value of a single record using the methods Retrieve and OneFieldValue. Why is this may be related, as the user Admin property AllowRemoteExecute = True? In addition, these methods as Update, Delete, Add operate properly, but after they call while trying to free copy of class TSQLite3HttpClient exception occurs in the method TSQLite3HttpClientWinGeneric.InternalRequest on function fWinAPI.Request.

Offline

#2 2011-10-16 12:50:58

ab
Administrator
From: France
Registered: 2010-06-21
Posts: 14,659
Website

Re: Framework authentication

Did you read the part of the documentation - see http://synopse.info/fossil/wiki?name=Downloads - related to authentication?

The function TSQLRestServer.URI is were AllowRemoteExcecute is used - but both TRUE and FALSE will allow a SELECT (=read).

Please post here some simple code to reproduce the issue.

Offline

#3 2011-10-16 16:08:54

yurasek
Member
From: Belarus
Registered: 2011-04-19
Posts: 18

Re: Framework authentication

I've studied the documentation on the use of built-in authentication, but it is very detailed implementation, but it lacks a simple example of use. In my example, the subject matter.

unit Unit1;

interface

uses
  Windows, Messages, SysUtils, Variants, Classes, Graphics, Controls, Forms,
  Dialogs, SQLite3Commons, SQLite3, SQLite3HttpServer, SQLite3HttpClient;

type
  TSQLSampleRecord = class(TSQLRecord)
  private
    fCount: Integer;
  published
    property Count: Integer read fCount write fCount;
  end;

  TForm1 = class(TForm)
    procedure FormCreate(Sender: TObject);
    procedure FormDestroy(Sender: TObject);
  private
    FClient: TSQLite3HttpClient;
    FServer: TSQLite3HttpServer;
    FModel: TSQLModel;
    FDB: TSQLRestServerDB;
  public
    function CreateSampleModel: TSQLModel;
  end;

var
  Form1: TForm1;

implementation

{$R *.dfm}

{ TForm1 }

function TForm1.CreateSampleModel: TSQLModel;
begin
  Result:= TSQLModel.Create([TSQLAuthGroup, TSQLAuthUser, TSQLSampleRecord]);
end;

procedure TForm1.FormCreate(Sender: TObject);
var
  Sample: TSQLSampleRecord;
  Table: TSQLTableJSON;
begin
  FModel:= CreateSampleModel;
  FDB:= TSQLRestServerDB.Create(FModel, ExtractFilePath(Application.ExeName) + 'sample.db', True);
  FDB.CreateMissingTables(0);
  FDB.EngineExecuteAll('DELETE FROM SampleRecord');
  FDB.EngineExecuteAll('UPDATE sqlite_sequence SET seq = 0 WHERE name = "SampleRecord"');
  Sample:= TSQLSampleRecord.Create;
  Sample.Count:= 1;
  FDB.Add(Sample, True);
  Sample.Count:= 2;
  FDB.Add(Sample, True);
  Sample.Count:= 3;
  FDB.Add(Sample, True);
  FServer:= TSQLite3HttpServer.Create('8080', FDB);
  FClient:= TSQLite3HttpClient.Create('localhost', '8080', FModel, False);
  FClient.KeepAliveMS:= 0;
  FClient.SetUser('Admin', 'synopse');
  if not FClient.Delete(TSQLSampleRecord, 3) then  //the result is always true, even if the record with this ID does not exist
    ShowMessage('Failed to Delete!');
  Sample.Count:= 4;
  if FClient.Add(Sample, True) = 0 then
    ShowMessage('Failed to Add!');
  Sample.ID:= 1;
  Sample.Count:= 5;
  if not FClient.Update(Sample) then
    ShowMessage('Failed to Update!');
  Table:= FClient.MultiFieldValues(TSQLSampleRecord, '');
  if Assigned(Table) then
    begin

      Table.Free;
    end
  else
    ShowMessage('Failed to Select!'); //why and how to make it work?
  Sample.Free;
end;

procedure TForm1.FormDestroy(Sender: TObject);
begin
  FClient.Free;   //EAccessViolation at address 00AFB31F. Write of address 018F0BAD.
  FServer.Free;
  FDB.Free;
  FModel.Free;
end;

end.

Offline

#4 2011-10-16 18:06:29

esmondb
Member
From: London
Registered: 2010-07-20
Posts: 299

Re: Framework authentication

I'm having trouble with authentication too. I've tried to add authentciation to sample 04 - HTTP Client-Server.

On the server side I've added 'true' on line 41 of unit2.pas:

DB := TSQLRestServerDB.Create(Model,ChangeFileExt(paramstr(0),'.db3'), true);

In Project04Client.dproj added:

TSQLRestClientURI(Form1.Database).SetUser('User','synopse');

on the line before application.run

The 'Add message' button works but the 'Find' button doesn't.
What seems stange is the url created has two session_signature paramaters - could SessionSign(url) be getting called twice?

Offline

#5 2011-10-17 09:47:08

ab
Administrator
From: France
Registered: 2010-06-21
Posts: 14,659
Website

Re: Framework authentication

esmondb wrote:

What seems stange is the url created has two session_signature paramaters - could SessionSign(url) be getting called twice?

It definitively should not be called twice.
I'll take a look at this.

Thanks for the report.

Offline

#6 2011-10-17 11:34:16

ab
Administrator
From: France
Registered: 2010-06-21
Posts: 14,659
Website

Re: Framework authentication

yurasek wrote:

.... but after they call while trying to free copy of class TSQLite3HttpClient exception occurs in the method TSQLite3HttpClientWinGeneric.InternalRequest on function fWinAPI.Request.

I found an issue (not triggered by the main regression tests yet - sorry) at HTTP client closing.
It should be now fixed.
See http://synopse.info/fossil/info/cee85a64df

Also the unneeded dual call of URL signing has been disabled.

Offline

#7 2011-10-17 11:46:10

ab
Administrator
From: France
Registered: 2010-06-21
Posts: 14,659
Website

Re: Framework authentication

Thanks to your report, I've found an issue in the HTTP server part URI parsing, which failed the authentication to work as expected.
See http://synopse.info/fossil/info/c662eee654

The "04 - HTTP Client-Server" has also been modified to show how to implement authentication.
See http://synopse.info/fossil/info/0e2388d919

Hope it will solve your issues.

Thanks you both for your feedback!

Offline

#8 2011-10-18 07:27:17

yurasek
Member
From: Belarus
Registered: 2011-04-19
Posts: 18

Re: Framework authentication

ab
Now works fine. Thank you for your work.

Offline

Board footer

Powered by FluxBB