Can you insert a event onSetUser in the function setUser?

corchi72 · 2012-04-13 13:02:42

sorry but I would ask a favor, to place the event OnSetUser into SETUSER function so I can change the main menu, depending on the user entered? I ask this because in the function of OnAuthentificationFailed if I continue to go wrong password should I disable the actions of the main menu

thanks corchi

ab · 2012-04-13 16:32:46

Good idea.

See http://synopse.info/fossil/info/fb33bc533f

corchi72 · 2012-04-16 07:33:07

ok thanks, I had also put the user but I think I can recover it from clientDB.sessionuser

I had written:

function TSQLRestClientURI.SetUser(const aUserName, aPassword: RawUTF8;
  aHashedPassword: Boolean=false): boolean;
var aNonce, aClientNonce, aSessionKey: RawUTF8;
    i: integer;
    U: TSQLAuthUser;
begin
  result := false;
  if self=nil then
    exit;
  fSessionID := 0;
  fSessionIDHexa8 := '';
  fSessionPrivateKey := 0;
  FreeAndNil(fSessionUser);
  if (self=nil) or (aUserName='') then
    exit;
  U := TSQLAuthUser.Create;
  try
    U.LogonName := trim(aUserName);
    if aHashedPassword then
      U.PasswordHashHexa := aPassword else
      U.PasswordPlain := aPassword; // PasswordHashHexa := SHA256('salt'+aPassword);
    aNonce := CallBackGetResult('auth',['UserName',U.LogonName]);
    if aNonce='' then
      exit;
    aClientNonce := SHA256(NowToString);
    aSessionKey := CallBackGetResult('auth',['UserName',U.LogonName,'Password',
       Sha256(Model.Root+aNonce+aClientNonce+U.LogonName+U.PasswordHashHexa),
       'ClientNonce',aClientNonce]);
    i := PosEx(RawUTF8('+'),aSessionKey,1);
    if i=0 then
      exit; // expect SessionID+HexaSessionPrivateKey
    fSessionID := GetCardinal(pointer(aSessionKey));
    if fSessionID=0 then
      exit;
    fSessionIDHexa8 := CardinalToHex(fSessionID);
    fSessionPrivateKey := crc32(crc32(0,Pointer(aSessionKey),length(aSessionKey)),
      pointer(U.PasswordHashHexa),length(U.PasswordHashHexa));
    fSessionUser := U;
    OnSuccessfulAuthentication(U);
    U := nil;
    result := true;

  finally
    U.Free;

  end;
end;

procedure TFrmToolBarMain.OnSuccessfulAuthentication(AuthUser:TSQLAuthUser);
var
  U : TSQLAuthUser;
begin
  if Assigned(CurrentUser) then currentUser.Free;
  try
     U := TSQLAuthUser.Create(CurrentClient, 'LogonName=:("%"):', [AuthUser.LogonName]);
     CurrentUser := TSQLUser.Create(CurrentClient, 'AuthUserID=:("%"):', [U.ID]);
     if Assigned(CurrentUser) then
     begin
     CurrentUser.AuthUser := U;
     CurrentUser.EnabledManagement := CurrentUser.IsAdmin(CurrentClient);
     CurrentUser.EnabledSupervisor := CurrentUser.IsSupervisor(CurrentClient);
     end;
     SetActions(currentUser,false,nil); //this i setting my main menu
     if Assigned(CurrentClient) then
        Caption:= format('%s - %s',  [format(AppName, [GetVersion(Application.ExeName)]),  CurrentClient.SessionUser.LogonName ])
     else
        Caption:= format(AppName, [GetVersion(Application.ExeName)]);
  finally

  end;
end;

ab · 2012-04-16 08:04:21

1) Your event handler won't be raised in case of wrong authentication.

2) You have the user already available in SessionUser property: why is not the common implementation of OnSetUser (see my post above) not OK for you?

corchi72 · 2012-04-16 11:54:27

it certainly.

thanks corchi

mORMot Open Source

#1 2012-04-13 13:02:42

Can you insert a event onSetUser in the function setUser?

#2 2012-04-13 16:32:46

Re: Can you insert a event onSetUser in the function setUser?

#3 2012-04-16 07:33:07

Re: Can you insert a event onSetUser in the function setUser?

#4 2012-04-16 08:04:21

Re: Can you insert a event onSetUser in the function setUser?

#5 2012-04-16 11:54:27

Re: Can you insert a event onSetUser in the function setUser?

Board footer