#1 2023-11-22 10:16:00

imperyal
Member
From: Aveiro, Portugal
Registered: 2018-10-11
Posts: 54
Website

Automatic login after session deletion from server

Hello everyone,

We are experiencing a problem regarding sessions (not mORMot's fault). We are using sicPerGroup instance life time.

It has to do with the way users use the software...
Some users (lots of them) let the client app (delphi) open all day, for quick access or something like that. When they let the computer hibernate, if 1 hour is passed (our session timeout), because the client app stops sending keep alive calls, the session is terminated by the server. When the client app tries to communicate with the server after that, it get's an error as expected.

Is there a way to re-connect (creating a new session), in such cases? Ideally the new login would be executed before the new request is sent, to avoid having to re-send that request after the new login is made.
I tried some events from TSQLHttpClient, OnFailed and OnAuthentificationFailed... but they do not seem to fire on http calls...

We are still on version 1... We will migrate to version 2 soon.

Thank you.

Offline

#2 2023-11-22 10:54:50

igors233
Member
Registered: 2012-09-10
Posts: 241

Re: Automatic login after session deletion from server

Solution I'm using is descendant client class
TSQLHttpClientExt = class(TSQLHttpClientWinHTTP)

In the TSQLHttpClientExt.Create I have:
  OnAuthentificationFailed := HandleAuthentificationFailed;

function TSQLHttpClientExt.HandleAuthentificationFailed(ARetry: integer; var AUserName, APassword: string; out APasswordHashed: Boolean): Boolean;
begin
  // Will be called if wrong username/pass is sent or if client has been disconnected from server, session timeout or something similar
  if Assigned(SessionUser) then
  begin
    AUserName := UTF8ToString(SessionUser.LogonName);
    APassword := UTF8ToString(SessionUser.PasswordHashHexa);
    APasswordHashed := True;
    Result := True;
  end
  else
    Result := False;
end;

Offline

#3 2023-11-22 14:25:31

imperyal
Member
From: Aveiro, Portugal
Registered: 2018-10-11
Posts: 54
Website

Re: Automatic login after session deletion from server

Thank you igors233...

Is that not equal to implement the OnAuthentificationFailed event available on TSQLHttpClient?
When I tried that, OnAuthentificationFailed only fired when wrong credentials are inserted...

Last edited by imperyal (2023-11-22 14:27:25)

Offline

#4 2023-11-22 17:02:22

igors233
Member
Registered: 2012-09-10
Posts: 241

Re: Automatic login after session deletion from server

> Is that not equal to implement the OnAuthentificationFailed event available on TSQLHttpClient?

It is, with descendant class I have it solved for any application.

> When I tried that, OnAuthentificationFailed only fired when wrong credentials are inserted...

For me it definitely fails after connection is lost (restart of server for example), there are other onError events if this doesn't gets called.
Note that it it won't detect lost connection at the exact moment, it fails when connection is used for the first time after being lost.

Offline

#5 2023-11-22 18:23:06

imperyal
Member
From: Aveiro, Portugal
Registered: 2018-10-11
Posts: 54
Website

Re: Automatic login after session deletion from server

Ok... I confirm the OnAuthentificationFailed event is firing when the user enters wrong credentials and when a request is made after the session expired on the server.

It's doing what it is supposed, my bad...

Thank you for your help igors233 smile

Offline

Board footer

Powered by FluxBB