May 17, 2016 / Last updated : December 30, 2016 Andrea Magni Delphi

MARS-Curiosity: “Authentication and Authorization” video

In this video I will cover the basics to implement authentication and authorization with MARS-Curiosity library.

Since March 2016, I’ve added JWT support to MARS-Curiosity and this impacts significantly the authentication/authorization area of the library. Some topics may be good for some other specific sessions but with this video you should get a glance at the whole picture.

Here is a link to the slides I’ve used in this video.

Enjoy 🙂

Andrea

Categories
Delphi and Uncategorized
Tags

6 thoughts on “MARS-Curiosity: “Authentication and Authorization” video

  1. Fredy Caballero says:
    October 19, 2016 at 20:34

    Hi Andrea.

    Great implementation and examples on MARS, video tutorials have been of much help I appreciate your great effort.

    I have only one question, is there any possibility to implement “https” requests easily on MARS?. To avoid intercepting my username and password over the network.

    Regards

    Reply
    1. Andrea Magni says:
      October 23, 2016 at 11:25

      Hi Fredy,
      I tend to add an Apache Instance in front of my application server. Making Apache act like a proxy to your application enables you to add SSL directly on the Apache node (it is simple, very well documented and secure). It is the same technique described here (https://www.embarcadero.com/home/development-and-deployment-of-delphi-multi-tier-applications) by Marco Cantù (with respect to DataSnap services but it is exactly the same topic).

      I will cover the deployment options for MARS-Curiosity in some blog posts/videos in the future (near future, I hope).
      Bye

      Reply
      1. Fredy Caballero says:
        October 25, 2016 at 18:46

        Thanks Andrea, I’ll check. I’ve been testing the demos with Firedac and works well on mobile devices, I like deployment with tokens and authorization mechanism.

        Reply
  2. Jean Vandromme says:
    February 22, 2017 at 00:17

    Hi Andrea,

    Thanks for all the brilliant work you’re doing. It’s amazing.
    Concerning the authorization token mechanism you’re describing in your video, how do you create users/password/roles ?

    Thanks

    Reply
    1. andrea.magni says:
      February 22, 2017 at 12:07

      Hi Jean,
      you can override the TMARSTokenResource.Authenticate (see example implementation provided https://github.com/andrea-magni/MARS/blob/master/Source/MARS.Core.Token.Resource.pas ) method and implement your specific authentication behavior.
      For example you may want to perform a query against a DB Table, check if user/password are correct and read assigned Roles from the DB.
      Simply set Token.UserName and Token.Roles from within your TTokenResource.Authenticate override of TMARSTokenResource.Authenticate.

      If you encounter any problem, just let me know and I will try to help.

      Sincerely,
      Andrea

      Reply
      1. Jean Vandromme says:
        February 22, 2017 at 14:56

        Hi Andrea,

        Thanks a lot. I had it figured out in the time between. I am decoding all your demos and it is really impressive. I know you have probably a lot of work to do but I am waiting (like many others, I’m sure) your next tutorials.

        Have a nice day,

        Jean

        Reply

Leave a Reply to Jean Vandromme Cancel reply

Your email address will not be published.

This site uses Akismet to reduce spam. Learn how your comment data is processed.