DataSnap is based on the Indy components. When there is a Http
request with authentication, the TIdCustomHTTPServer.DoParseAuthentication
function is called. If there is no function associated with OnParseAuthentication
, it will attempt to authenticate Basic
. So to do authentication with bearer-token
I do it as described below.
Look for the statement:
FServer := TIdHTTPWebBrokerBridge.Create(Self);
In this case, when we created using the DataSnap Rest Wizard and choosing the standalone
option, the above statement is in the form created as an example.
Just below it, add the following code:
FServer.OnParseAuthentication := DoParseAuthentication;
The DoParseAuthentication
procedure can be done as follows:
procedure TForm1.DoParseAuthentication(AContext: TIdContext; const AAuthType, AAuthData: String; var VUsername, VPassword: String; var VHandled: Boolean);
begin
VHandled := AAuthType.Equals('Bearer') and IsTokenValid(AAuthData);
end;
IsTokenValid
is a function that you must implement. If authentication is correct VHandled
should return True
.
Note: I use LifeCycle
of type Invocation