Hello!
I have a problem with authorizing a part of the server. JWT middleware is added in the XDataServer component and the "Secret" property is filled with a 40-char long string.
First I would like to login and get the JWT - this is the ILoginService interface. Then I would like to use the IEnvService (marked with [Authorize]) to use the server functionalities.
[ServiceContract]
ILoginService = interface(IInvokable)
['{3B1C0691-6D7C-41FF-9F47-BD6392C2CC9F}']
function Login(const User, Pass: string): string;
end;
[ServiceContract]
[Authorize]
IEnvService = interface(IInvokable)
['{BAD477A2-86EC-45B9-A1B1-C896C58DD5E0}']
function Test: string;
end;
Also all the entities are marked like this:
[Entity]
[EntityAuthorize]
[Table('server')]
[Id('FAddress', TIdGenerator.None)]
TServer = class
private
[Column('Address', [TColumnProp.Required], 50)]
FAddress: string;
[Column('AdminUsername', [], 50)]
FAdminUsername: Nullable<string>;
[Column('AdminPassword', [], 50)]
FAdminPassword: Nullable<string>;
[Column('Port', [TColumnProp.Required])]
FPort: Integer;
public
property Address: string read FAddress write FAddress;
property AdminUsername: Nullable<string> read FAdminUsername write FAdminUsername;
property AdminPassword: Nullable<string> read FAdminPassword write FAdminPassword;
property Port: Integer read FPort write FPort;
end;
My problems are:
- Why I can access both interfaces without first authorizing via the ILoginService? Shouldn't be just ILoginService available?
- Why I can see the entities witkout logging in? I just open the browser an type http://localhost:9001/titania/server - it shoultd block me, right?
I know that I 'm missing something, but I just can't figure it out :)