delphimvcframework/samples/jsonwebtoken_livevaliditywindow/WebModuleUnit1.pas

75 lines
2.0 KiB
ObjectPascal
Raw Normal View History

unit WebModuleUnit1;
interface
uses
System.SysUtils,
System.Classes,
Web.HTTPApp,
MVCFramework,
MVCFramework.Commons;
type
TWebModule1 = class(TWebModule)
procedure WebModuleCreate(Sender: TObject);
private
MVC: TMVCEngine;
public
{ Public declarations }
end;
var
WebModuleClass: TComponentClass = TWebModule1;
implementation
{$R *.dfm}
uses
AppControllerU,
System.Generics.Collections,
AuthenticationU,
MVCFramework.Middleware.JWT,
MVCFramework.JWT,
MVCFramework.Middleware.StaticFiles,
System.DateUtils;
procedure TWebModule1.WebModuleCreate(Sender: TObject);
var
lClaimsSetup: TJWTClaimsSetup;
begin
lClaimsSetup := procedure(const JWT: TJWT)
begin
JWT.Claims.Issuer := 'Delphi MVC Framework JWT Middleware Sample';
JWT.Claims.NotBefore := Now - OneMinute * 5; // valid since 5 minutes ago
JWT.Claims.IssuedAt := Now;
JWT.Claims.ExpirationTime := Now + OneSecond * 30;
JWT.CustomClaims['mycustomvalue'] := 'hello there';
// Here we dont use a fixed ExpirationTime but a LiveValidityWindowInSeconds
// to make the ExpirationTime dynamic, incrementing the
// ExpirationTime by LiveValidityWindowInSeconds seconds at each request
JWT.LiveValidityWindowInSeconds := 10; // 60 * 60; // 1 hour
end;
MVC := TMVCEngine.Create(Self,
procedure(Config: TMVCConfig)
begin
Config[TMVCConfigKey.SessionTimeout] := '30';
Config[TMVCConfigKey.DefaultContentType] := 'text/html';
end);
MVC.AddController(TApp1MainController).AddController(TAdminController)
.AddMiddleware(TMVCJWTAuthenticationMiddleware.Create(TAuthenticationSample.Create, lClaimsSetup, 'mys3cr37',
'/login', [TJWTCheckableClaim.ExpirationTime, TJWTCheckableClaim.NotBefore, TJWTCheckableClaim.IssuedAt], 0
// just for test, Leeway seconds is zero.
))
.AddMiddleware(TMVCStaticFilesMiddleware.Create(
'/', { StaticFilesPath }
'..\..\www' { DocumentRoot }
));
end;
end.