delphimvcframework/unittests/general/TestServer/AuthHandlersU.pas

113 lines
3.9 KiB
ObjectPascal
Raw Normal View History

2016-09-18 19:19:23 +02:00
// ***************************************************************************
//
// Delphi MVC Framework
//
2023-05-26 18:47:17 +02:00
// Copyright (c) 2010-2023 Daniele Teti and the DMVCFramework Team
2016-09-18 19:19:23 +02:00
//
// https://github.com/danieleteti/delphimvcframework
//
// ***************************************************************************
//
// Licensed under the Apache License, Version 2.0 (the "License");
// you may not use this file except in compliance with the License.
// You may obtain a copy of the License at
//
// http://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing, software
// distributed under the License is distributed on an "AS IS" BASIS,
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
// See the License for the specific language governing permissions and
// limitations under the License.
//
// *************************************************************************** }
unit AuthHandlersU;
interface
uses
MVCFramework.Commons, System.Generics.Collections, MVCFramework;
type
TAuthHandlerBase = class abstract(TInterfacedObject, IMVCAuthenticationHandler)
public
procedure OnRequest(const AContext: TWebContext; const ControllerQualifiedClassName: string;
const ActionName: string; var AuthenticationRequired: Boolean); virtual; abstract;
procedure OnAuthentication(const AContext: TWebContext; const UserName: string; const Password: string;
UserRoles: System.Generics.Collections.TList<System.string>;
var IsValid: Boolean; const SessionData: TDictionary<string, string>); virtual;
procedure OnAuthorization(const AContext: TWebContext;
UserRoles: System.Generics.Collections.TList<System.string>;
const ControllerQualifiedClassName: string; const ActionName: string;
var IsAuthorized: Boolean); virtual;
end;
TBasicAuthHandler = class(TAuthHandlerBase)
public
procedure OnRequest(const AContext: TWebContext; const ControllerQualifiedClassName: string;
const ActionName: string; var AuthenticationRequired: Boolean); override;
end;
TCustomAuthHandler = class(TAuthHandlerBase)
public
procedure OnRequest(const AContext: TWebContext; const ControllerQualifiedClassName: string;
const ActionName: string; var AuthenticationRequired: Boolean); override;
end;
implementation
uses
System.SysUtils;
procedure TAuthHandlerBase.OnAuthentication(
const AContext: TWebContext;
const UserName: string; const Password: string;
UserRoles: System.Generics.Collections.TList<System.string>; var IsValid: Boolean;
const SessionData: TDictionary<string, string>);
begin
UserRoles.Clear;
IsValid := UserName = Password;
if not IsValid then
Exit;
if UserName = 'user1' then
begin
IsValid := True;
UserRoles.Add('role1');
end;
if UserName = 'user2' then
begin
IsValid := True;
UserRoles.Add('role2');
end;
end;
procedure TAuthHandlerBase.OnAuthorization(
const AContext: TWebContext;
UserRoles: System.Generics.Collections.TList<System.string>;
const ControllerQualifiedClassName, ActionName: string;
var IsAuthorized: Boolean);
begin
IsAuthorized := False;
if (ActionName = 'OnlyRole1') or (ActionName = 'OnlyRole1Session') then
IsAuthorized := UserRoles.Contains('role1');
if ActionName = 'OnlyRole2' then
IsAuthorized := UserRoles.Contains('role2');
end;
procedure TBasicAuthHandler.OnRequest(const AContext: TWebContext; const ControllerQualifiedClassName: string;
const ActionName: string; var AuthenticationRequired: Boolean);
begin
AuthenticationRequired := ControllerQualifiedClassName.EndsWith
('TTestPrivateServerController');
end;
procedure TCustomAuthHandler.OnRequest(const AContext: TWebContext; const ControllerQualifiedClassName: string;
const ActionName: string; var AuthenticationRequired: Boolean);
begin
AuthenticationRequired := ControllerQualifiedClassName.EndsWith
('TTestPrivateServerControllerCustomAuth');
end;
end.