AJAX authentication
By A.Bouchez on 2011, Wednesday November 30, 06:36 - mORMot Framework - Permalink
A nice framework user, named esmondb, did write and publish some JavaScript code to handle our RESTful authentication mechanism.
It seems to work well, and implements all secure hashing and
challenging.
Our authentication mechanism is much more advanced than the one used by
DataSnap - which is a basic HTTP authentication with the password
transmitted in clear (this is the reason why it shall better be used over
HTTPS, whereas mORMot can be used over plain HTTP).
Resulting JavaScript code seems not difficult to follow, even for a no
JS expert like me.
The full JavaScript code is available in this forum post.
I've modified the Delphi framework code (in the current
trunk version) to match the authentication JavaScript code.
In fact, the server response is now a true JSON result object. I've modified
the TSQLRestURI.SetUser code to let pure Delphi client code work
as expected.
In the same discussion, another user involved in developing AJAX
applications with mORMot, named RangerX, made a nice
proposal: add a generic JSON error message mechanisms in the framework.
I've added this to the project to-do list.