#1 2020-05-21 06:09:23

konsul41
Member
Registered: 2020-05-21
Posts: 24

Authentication

I am using google translator

I need your help.
Delphi 10.3.3 Community
Code Delphi

Serwer side
TMethodServer = class(TSQLRestServerDB)...

...

FDPhysPgDriverLink1:= TFDPhysPgDriverLink.Create(nil);
  dataDir:=ExtractFileDir(GetModuleName(0))+'\data\';
  Model:= TSQLModel.Create ([TSQLAuthGroup,TSQLAuthUser,TLekarz]);
  VirtualTableExternalRegister (Model, [TLekarz],PropsFireDac,[]);
  ServerDB:= TMethodServer.Create (Model, 'demed',true);
  ServerDB.CreateMissingTables();
  ServerDB.ServiceRegister (TServiceRemoteSQL, [TypeInfo (IRemoteSQL)],sicClientDriven).SetOptions([],[optExecInMainThread,optFreeInMainThread]);
  serwer := TSQLHttpServer.Create ('888', [ServerDB]);
  serwer.AccessControlAllowOrigin := '*'; // allow cross-site AJAX queries



Client side

fModel := TSQLModel.Create([TSQLAuthGroup,TSQLAuthUser,TLekarz],ROOT_NAME);
  fClient :=  TSQLHttpClient.Create('localhost',PORT_NAME,fModel);
  if not fClient.ServerTimeStampSynchronize then begin
    ShowLastClientError(fClient,'Please run Project16ServerHttp.exe');
    Close;
    exit;
  end;
  fClient.ServiceRegisterClientDriven(TypeInfo(IRemoteSQL),fService);


Sorry for the secular question ale
How to get client authorization?
The server with the client will be connected via VPN so in principle it does not have to be secure but I need information about the user and his rights.

Offline

#2 2020-05-21 12:24:08

xalo
Member
Registered: 2016-09-22
Posts: 32

Re: Authentication

Please, read the great documentation where it is perfectly explained. Refer to this section

Offline

#3 2020-05-21 13:01:15

konsul41
Member
Registered: 2020-05-21
Posts: 24

Re: Authentication

Yes she is great and "big" and my English is poor.
It is not that I have not read it but I am lost.
I want to add support for any depreciation and I'm getting lost.
I went back to the older code

ServerDB:= TMethodServer.Create (Model, 'demed',true);
  ServerDB.AuthenticationRegister(TSQLRestServerAuthenticationHttpBasic);
  ServerDB.CreateMissingTables();
  ServerDB.ServiceRegister (TServiceRemoteSQL, [TypeInfo (IRemoteSQL)],sicClientDriven).SetOptions([],[optExecInMainThread,optFreeInMainThread]);


  serwer := TSQLHttpServer.Create ('888', [ServerDB]);
  serwer.AccessControlAllowOrigin := '*'; // allow cross-site AJAX queries

and in the webbrowser

http://localhost:888/root/Auth?Username=User

and result
{"result":"59284f0b01b5c5ac3193725ea6597df218429c39c53d6eaa009eea6ed6ab390f"}

46/5000
does this mean that the authorization is correct?


in server
...
serwer.AccessControlAllowOrigin := '*'; // allow cross-site AJAX queries
...
ServerDB.OnAuthenticationFailed:=Onfiled;


  aNewUser := TSQLAuthUser.Create;
  try

    aNewUser.PasswordPlain := 'karol';
    aNewUser.LogonName := 'karol';
    aNewUser.DisplayName := 'karol';

    aNewUser.Grouprights := pointer(ServerDB.MainFieldID(TSQLAuthGroup,'User'));

    //first time
if ServerDB.Add(aNewUser, true)<>0 then begin
      showmessage('User '+ aNewUser.LogonName + ' added.');
    //second time
    if ServerDB.Update(aNewUser) then begin
      showmessage('User '+ aNewUser.LogonName + ' added.');
    end;
  finally
    aNewUser.Free;
  end;
...
procedure Tmainform.Onfiled(Sender: TSQLRestServer; Reason: TNotifyAuthenticationFailedReason; Session: TAuthSession; Ctxt: TSQLRestServerURIContext);
begin
  Ctxt.Returns('błąd logowania' );
//User 'karol'   Reason= afUnknownUser

//Ctxt.finput=('UserName', 'User', 'Password', '62ddb6eea0ed774a5c120a65168fe88fdd83f694effada67752187cf4100af46', 'ClientNonce', '9f0b6ed455d8cb1b07c34044ea2001b7b1cfc1062bf75c84de651bea47378db9')
end;

Last edited by konsul41 (2020-05-21 15:07:06)

Offline

#4 2020-05-22 06:46:35

konsul41
Member
Registered: 2020-05-21
Posts: 24

Re: Authentication

I managed, thank you.
However, let me give myself an opinion.
The documentation is great, but unfortunately often some things are explained laconic.

Offline

#5 2020-05-22 09:45:42

xalo
Member
Registered: 2016-09-22
Posts: 32

Re: Authentication

Great!
So what would you specifically improve on this point for a better future understanding and thus improve the current documentation?

Offline

#6 2020-05-24 10:37:00

konsul41
Member
Registered: 2020-05-21
Posts: 24

Re: Authentication

In fact, there is not much written in the documentation about changing the default users. I had a problem that all the time I was giving the wrong password or not to this user. Additionally, this group id was not entered in the user's properties. And that's why I had a problem all the time.
As for the documentation, it has a high entry threshold, at the beginning I missed a lecture for the following type:
"to have it, you have to do it this"

Offline

Board footer

Powered by FluxBB