Remote DB and JWT data

I have set up an application server with sparkle that supports several http requests and remoteDB. For authentification I use JWT.

I would like to use data from the JWT when logging into the database for setting session-variables in the DB Firebird) for using in triggers (user, machine, ip-address) for the audit trail.

I read a lot about switching off remoteDB authentication by setting password and user to "" but I just do not manage to access the jwt credentials when creation the database connection.

Would you mind supplying an approach to create a remoteDB module for sparkle using JWT authentication (JWT middleware added to the module) and accessing its data when establishing the database connection?

Thanks a lot.
I would like to provide some more details - excerpts from my source:

First I create an Indy Sparkle Server:

 SServer := TIndySparkleHTTPServer.create(nil);

I created this method as a shorthand for adding modules (as I add some with and without authentification)

procedure AddModule(Module: THttpServerModule; WithJWT: boolean = true);
begin
  Module.AddMiddleware(TCompressMiddleware.create);
  if WithJWT then
    Module.AddMiddleware(TJwtMiddleware.create(Serversecret));
  SServer.Dispatcher.AddModule(Module);
end;

I add some modules without JWT:

AddModule(TModLandingPage.create('/'), false);
AddModule(TModLogin.create('/auth'), false);

Within ModLogin I verify the user against the database (I use one database user for all connections and check against credentials in the database) and return JSON containing error message or a valid JWT to the client.

Finally I create the remoteDBModule and activate the server:

DB := TRemoteDBModule.create('/db', TDBConnectionFactory.create(
        function: IDBConnection
        begin
          Result := CreateDBConnection(...);
        end));
DBCritical.UserName := '';
DBCritical.Password := '';
AddModule(DB,true);
SServer.Active := true;

All the modules work but the DB connection is available independently of the JWT in the header although I added the middleware.

Apart from that I would like to use data from the decoded JWT in CreateDBConnection(...); to set Firebird session-variables that are used in triggers.

I hope this is possible at all.

Thanks!
I made a bit progress but now I am stuck:

I added the parameter
TJwtMiddleware.create(Serversecret,true));
to disallow anonymous access.

Now remoteDB returns "Authentication failes - 401" without token but also if I supply the token. Perhaps the way I am adding the token is wrong?
...
  FDB := TRemoteDBDatabase.Create(nil);
  FDB.OnHttpClientCreate := OnHttpClientCreate;
  FDB.UserName := '';
  FDB.PassWord := '';
  FDB.ServerUri := Uri;
  FDB.Compress := True;
...

procedure TDB.OnHttpClientCreate(Sender: TObject; Client: THTTPClient);
begin
  // Allow self signed certificate (as we only use it for encryption)
  TWinHttpEngine(Client.Engine).BeforeWinHttpSendRequest := 
      procedure(Handle: HINTERNET)
    var
      dwFlags: DWORD;
    begin
      dwFlags := SECURITY_FLAG_IGNORE_UNKNOWN_CA or
        SECURITY_FLAG_IGNORE_CERT_WRONG_USAGE or
        SECURITY_FLAG_IGNORE_CERT_CN_INVALID or
        SECURITY_FLAG_IGNORE_CERT_DATE_INVALID;
      WinHttpCheck(WinHttpSetOption(Handle, WINHTTP_OPTION_SECURITY_FLAGS, @dwFlags, SizeOf(dwFlags)));
    end;
  // set the authentication JsonWebToken
  Client.OnSendingRequest :=
      procedure(Req: THttpRequest)
    begin
      Req.Headers.SetValue('Authorization', 'Bearer ' + FJWT);
    end;
end;

Found an other issue with the server secret, sorry. Authentication works now but still I am missing the way to use JWT data on database creation.

One alternative in inherited from TRemoteDBModule and override the CreateConnection method. There you have a parameter with the THttpServerContext object that contains Request.User info (from JWT).

Hello, Thanks, I created an iherited object like this:

type
  TServerDBModule = class(TRemoteDBModule)
  private
    FDBLevel: String;
  protected
    function CreateConnection(Context: THttpServerContext; const aUserName, aPassword: string): IDBConnection; override;
  end;

and add it like this:

var
  DBModule: TServerDBModule;
...
      DBModule := TServerDBModule.create('/dbcritical', nil);
      AddModule(DBModule, true);

As I supply the db connection within the object I think I can pass nil as connection factory?

This produces internal error 500 I currently cannot track down.

Are you sure the problem lies in the factory being nil? What happens if you pass a valid factory? What is the code you put in CreateConnection method?