delphimvcframework/samples/authenticationauthorization/AuthenticationU.pas
Daniele Teti c5800b3354 Added dmvcframework package
Features freeze for 3.1 (lithium)
Working on the planned issues for this milestone https://github.com/danieleteti/delphimvcframework/milestones/3.1%20(helium)
2018-12-09 23:05:01 +01:00

80 lines
2.6 KiB
ObjectPascal

unit AuthenticationU;
interface
uses
System.SysUtils, MVCFramework.Commons, System.Generics.Collections,
MVCFramework;
type
TAuthenticationSample = class(TInterfacedObject, IMVCAuthenticationHandler)
protected
procedure OnRequest(const AContext: TWebContext; const ControllerQualifiedClassName: string;
const ActionName: string; var AuthenticationRequired: Boolean);
procedure OnAuthentication(const AContext: TWebContext; const UserName: string; const Password: string;
UserRoles: System.Generics.Collections.TList<System.string>;
var IsValid: Boolean; const SessionData: TSessionData);
procedure OnAuthorization(const AContext: TWebContext; UserRoles
: System.Generics.Collections.TList<System.string>;
const ControllerQualifiedClassName: string; const ActionName: string;
var IsAuthorized: Boolean);
end;
implementation
{ TMVCAuthorization }
procedure TAuthenticationSample.OnAuthentication(const AContext: TWebContext; const UserName: string; const Password: string;
UserRoles: System.Generics.Collections.TList<System.string>;
var IsValid: Boolean; const SessionData: TSessionData);
begin
IsValid := UserName.Equals(Password); // hey!, this is just a demo!!!
if IsValid then
begin
if UserName = 'user1' then
begin
UserRoles.Add('role1');
end;
if UserName = 'user2' then
begin
UserRoles.Add('role2');
end;
if UserName = 'user3' then // all the roles
begin
UserRoles.Add('role1');
UserRoles.Add('role2');
end;
end
else
begin
UserRoles.Clear;
end;
end;
procedure TAuthenticationSample.OnAuthorization
(const AContext: TWebContext; UserRoles
: System.Generics.Collections.TList<System.string>;
const ControllerQualifiedClassName: string; const ActionName: string;
var IsAuthorized: Boolean);
begin
IsAuthorized := False;
if ActionName = 'Logout' then
IsAuthorized := True; // you can always call logout
if ActionName = 'OnlyRole2' then
IsAuthorized := UserRoles.Contains('role2');
if ActionName = 'OnlyRole1' then
IsAuthorized := UserRoles.Contains('role1');
if ActionName = 'OnlyRole1EmittingJSON' then
IsAuthorized := UserRoles.Contains('role1');
end;
procedure TAuthenticationSample.OnRequest(const AContext: TWebContext; const ControllerQualifiedClassName: string;
const ActionName: string; var AuthenticationRequired: Boolean);
begin
AuthenticationRequired := ControllerQualifiedClassName =
'AppControllerU.TAdminController';
end;
end.