delphimvcframework/samples/jsonwebtoken_livevaliditywindow/WebModuleUnit1.pas

80 lines
1.9 KiB
ObjectPascal
Raw Normal View History

unit WebModuleUnit1;
interface
uses
System.SysUtils,
System.Classes,
Web.HTTPApp,
MVCFramework,
MVCFramework.Commons;
type
TWebModule1 = class(TWebModule)
procedure WebModuleCreate(Sender: TObject);
private
MVC: TMVCEngine;
public
{ Public declarations }
end;
var
WebModuleClass: TComponentClass = TWebModule1;
implementation
{$R *.dfm}
uses
AppControllerU,
System.Generics.Collections,
AuthenticationU,
MVCFramework.Middleware.JWT,
MVCFramework.JWT,
2022-09-15 09:09:33 +02:00
MVCFramework.HMAC,
MVCFramework.Middleware.StaticFiles,
System.DateUtils;
procedure TWebModule1.WebModuleCreate(Sender: TObject);
var
lClaimsSetup: TJWTClaimsSetup;
begin
lClaimsSetup := procedure(const JWT: TJWT)
begin
JWT.Claims.Issuer := 'Delphi MVC Framework JWT Middleware Sample';
JWT.Claims.NotBefore := Now - OneMinute * 5; // valid since 5 minutes ago
JWT.Claims.IssuedAt := Now;
JWT.Claims.ExpirationTime := Now + OneSecond * 30;
JWT.CustomClaims['mycustomvalue'] := 'hello there';
// Here we dont use a fixed ExpirationTime but a LiveValidityWindowInSeconds
// to make the ExpirationTime dynamic, incrementing the
// ExpirationTime by LiveValidityWindowInSeconds seconds at each request
2021-04-08 23:04:11 +02:00
JWT.LiveValidityWindowInSeconds := 10; // 60 * 60;
end;
MVC := TMVCEngine.Create(Self,
procedure(Config: TMVCConfig)
begin
Config[TMVCConfigKey.SessionTimeout] := '30';
Config[TMVCConfigKey.DefaultContentType] := 'text/html';
end);
MVC
.AddController(TApp1MainController)
.AddController(TAdminController)
.AddMiddleware(TMVCJWTAuthenticationMiddleware.Create(
2022-09-15 09:09:33 +02:00
TAuthenticationSample.Create,
lClaimsSetup,
'mys3cr37',
'/login',
[TJWTCheckableClaim.ExpirationTime, TJWTCheckableClaim.NotBefore, TJWTCheckableClaim.IssuedAt],
0,
HMAC_HS512
// just for test, Leeway seconds is zero.
));
end;
end.