2015-04-01 17:01:23 +02:00
|
|
|
unit AuthenticationU;
|
|
|
|
|
|
|
|
interface
|
|
|
|
|
|
|
|
uses
|
2016-02-23 22:33:21 +01:00
|
|
|
System.SysUtils, MVCFramework.Commons, System.Generics.Collections,
|
|
|
|
MVCFramework;
|
2015-04-01 17:01:23 +02:00
|
|
|
|
|
|
|
type
|
|
|
|
TAuthenticationSample = class(TInterfacedObject, IMVCAuthenticationHandler)
|
|
|
|
protected
|
2018-12-09 23:03:06 +01:00
|
|
|
procedure OnRequest(const AContext: TWebContext; const ControllerQualifiedClassName: string;
|
2016-02-23 22:33:21 +01:00
|
|
|
const ActionName: string; var AuthenticationRequired: Boolean);
|
2018-12-09 23:03:06 +01:00
|
|
|
procedure OnAuthentication(const AContext: TWebContext; const UserName: string; const Password: string;
|
2016-02-23 22:33:21 +01:00
|
|
|
UserRoles: System.Generics.Collections.TList<System.string>;
|
|
|
|
var IsValid: Boolean; const SessionData: TSessionData);
|
2018-12-09 23:03:06 +01:00
|
|
|
procedure OnAuthorization(const AContext: TWebContext; UserRoles
|
2016-02-23 22:33:21 +01:00
|
|
|
: System.Generics.Collections.TList<System.string>;
|
2015-04-01 17:01:23 +02:00
|
|
|
const ControllerQualifiedClassName: string; const ActionName: string;
|
|
|
|
var IsAuthorized: Boolean);
|
|
|
|
end;
|
|
|
|
|
|
|
|
implementation
|
|
|
|
|
|
|
|
{ TMVCAuthorization }
|
|
|
|
|
2018-12-09 23:03:06 +01:00
|
|
|
procedure TAuthenticationSample.OnAuthentication(const AContext: TWebContext; const UserName: string; const Password: string;
|
|
|
|
UserRoles: System.Generics.Collections.TList<System.string>;
|
|
|
|
var IsValid: Boolean; const SessionData: TSessionData);
|
2015-04-01 17:01:23 +02:00
|
|
|
begin
|
|
|
|
IsValid := UserName.Equals(Password); // hey!, this is just a demo!!!
|
|
|
|
if IsValid then
|
|
|
|
begin
|
|
|
|
if UserName = 'user1' then
|
|
|
|
begin
|
|
|
|
UserRoles.Add('role1');
|
|
|
|
end;
|
|
|
|
if UserName = 'user2' then
|
|
|
|
begin
|
|
|
|
UserRoles.Add('role2');
|
|
|
|
end;
|
|
|
|
if UserName = 'user3' then // all the roles
|
|
|
|
begin
|
|
|
|
UserRoles.Add('role1');
|
|
|
|
UserRoles.Add('role2');
|
|
|
|
end;
|
|
|
|
end
|
|
|
|
else
|
|
|
|
begin
|
|
|
|
UserRoles.Clear;
|
|
|
|
end;
|
|
|
|
end;
|
|
|
|
|
|
|
|
procedure TAuthenticationSample.OnAuthorization
|
2018-12-09 23:03:06 +01:00
|
|
|
(const AContext: TWebContext; UserRoles
|
|
|
|
: System.Generics.Collections.TList<System.string>;
|
|
|
|
const ControllerQualifiedClassName: string; const ActionName: string;
|
|
|
|
var IsAuthorized: Boolean);
|
2015-04-01 17:01:23 +02:00
|
|
|
begin
|
|
|
|
IsAuthorized := False;
|
|
|
|
if ActionName = 'Logout' then
|
|
|
|
IsAuthorized := True; // you can always call logout
|
|
|
|
if ActionName = 'OnlyRole2' then
|
|
|
|
IsAuthorized := UserRoles.Contains('role2');
|
|
|
|
if ActionName = 'OnlyRole1' then
|
|
|
|
IsAuthorized := UserRoles.Contains('role1');
|
2016-03-29 11:04:13 +02:00
|
|
|
if ActionName = 'OnlyRole1EmittingJSON' then
|
|
|
|
IsAuthorized := UserRoles.Contains('role1');
|
2015-04-01 17:01:23 +02:00
|
|
|
end;
|
|
|
|
|
2018-12-09 23:03:06 +01:00
|
|
|
procedure TAuthenticationSample.OnRequest(const AContext: TWebContext; const ControllerQualifiedClassName: string;
|
|
|
|
const ActionName: string; var AuthenticationRequired: Boolean);
|
2015-04-01 17:01:23 +02:00
|
|
|
begin
|
2016-02-23 22:33:21 +01:00
|
|
|
AuthenticationRequired := ControllerQualifiedClassName =
|
|
|
|
'AppControllerU.TAdminController';
|
2015-04-01 17:01:23 +02:00
|
|
|
|
|
|
|
end;
|
|
|
|
|
|
|
|
end.
|