#1 2016-09-05 10:55:42

ilic
Member
Registered: 2016-09-05
Posts: 6

Authentication

Hello Colleagues.

I'm learning Mormot and see it as grate tool. I try to use Interface.
Now I need to find the way of authentication. Users and hashes are stored in my DB.
Can anyone give me example how to check users? I don't want to make authentication using Mormots DB. I do need to use my own DB.
Something like DATASNAP does allow to do.  I haven't found solution searching the site and forum.

Thanks a lot

Ilia

Last edited by ilic (2016-09-05 11:03:50)

Offline

#2 2016-09-05 12:24:15

mpv
Member
From: Ukraine
Registered: 2012-03-24
Posts: 1,571
Website

Re: Authentication

Did you read this documentation section 21.1.3. Authentication schemes ?

You can also read the great article from Taming the mORMot resources

Last edited by mpv (2016-09-05 12:26:20)

Offline

#3 2016-09-07 06:46:17

ilic
Member
Registered: 2016-09-05
Posts: 6

Re: Authentication

Thanks a lot for reply

I rad papers you sent but still can't understand how to implement authentication.


Ilia

Offline

#4 2016-09-14 09:59:12

ilic
Member
Registered: 2016-09-05
Posts: 6

Re: Authentication

Hello Colleagues.

Is there any example of using TSQLRestServerAuthenticationHttpBasic?


I have created class and registered it; When debuging i get call in function CheckPassword, but father on client side I receive error 403 forbidden;

type
  TMyServer = class(TSQLRestServerAuthenticationHttpBasic)
    protected
      function CheckPassword(Ctxt: TSQLRestServerURIContext;
         User: TSQLAuthUser; const aPassWord: RawUTF8): boolean; override;
    public
        function Auth(Ctxt: TSQLRestServerURIContext): boolean; override;
    private
  end;

implementation

{ TmyServer }

function TMyServer.Auth(Ctxt: TSQLRestServerURIContext): boolean;
begin
  inherited ;
  //result := true;
end;

function TmyServer.CheckPassword(Ctxt: TSQLRestServerURIContext;
  User: TSQLAuthUser; const aPassWord: RawUTF8): boolean;
begin
  result := true;
end;


-----------------------------------------------------------------------------------------------------
 with TSQLLog.Family do begin
    Level := LOG_VERBOSE;
    EchoToConsole := LOG_VERBOSE; // log all events to the console
  end;
  // create a Data Model
  aModel := TSQLModel.Create([TDummySQLUser, TSQLAuthGroup],ROOT_NAME);
  try
    aServer := TSQLRestServerFullMemory.Create(aModel,true);
    aServer.AuthenticationRegister(TMyServer);
    aServer.LogFamily.NoFile := false;
    try
      // register our ICalculator service on the server side
      aServer.ServiceDefine(TServiceCalculator,[ICalculator],sicShared);
      // launch the HTTP server
      aHTTPServer := TSQLHttpServer.Create(PORT_NAME,[aServer],'+',useHttpApiRegisteringURI);

      try
        aHTTPServer.AccessControlAllowOrigin := '*'; // for AJAX requests to work

        writeln(#10'Background server is running.'#10);
        writeln('Press [Enter] to close the server.'#10);
        readln;
      finally
        aHTTPServer.Free;
      end;
    finally
      aServer.Free;
    end;
  finally
    aModel.Free;
  end;

TDummySQLUser constructor is never called;

Thanks

Ilia

Offline

#5 2016-09-14 12:58:38

ab
Administrator
From: France
Registered: 2010-06-21
Posts: 14,662
Website

Re: Authentication

1. Please do not post huge code in the forum directly, as stated by the forum rules.
Use an online site like PasteBin or similar.

2. I guess the following method is incorrect, since result is not set:

function TMyServer.Auth(Ctxt: TSQLRestServerURIContext): boolean;
begin
  result := inherited Auth(Ctxt);
end;

Offline

#6 2016-09-14 13:52:50

ilic
Member
Registered: 2016-09-05
Posts: 6

Re: Authentication

Thanks for answer

I'll try too keep post as short as possible.

But it doesn't help. I Even have tested with TMyServer.Auth function with result := true; .

Ilia

Offline

#7 2016-09-15 06:41:58

Peter Evans
Member
Registered: 2016-07-03
Posts: 32

Re: Authentication

On 2016-08-09 I posted in the thread 'Windows FMX Client versus Android FMX Client'
(see http://synopse.info/forum/viewtopic.php?id=3418) a link to a sample project group.

I think the sample does what you want :-

1) It uses Interfaces.
2) I access my own database for authentication ie. Logon and Logoff.

Offline

#8 2016-09-23 10:54:27

ilic
Member
Registered: 2016-09-05
Posts: 6

Re: Authentication

Thank you very much!

Offline

#9 2016-10-07 06:39:32

ilic
Member
Registered: 2016-09-05
Posts: 6

Re: Authentication

Hello Colleagues.

after some research and debugging I came to the following:

I created TDummyUser with  function TDummySQLUser.ComputeHashedPassword(
result := inherited ComputeHashedPassword(

but I have error  on line
PasswordHashHexa = result.User.PasswordHashHexa
By some reason I have different hashes

Could anyone give some tip what I have to fix ?
Thanks

Ilia

Offline

Board footer

Powered by FluxBB