TIWAutherList //通過一組戶名與密碼驗證登陸 TIWAutherINI //通過記錄戶名與密碼信息的 #Auth.ini 文件驗證登陸 TIWAutherEvent //通過其 OnCheck 事件驗證登陸 {作為站點級的驗證, 驗證控件應該是放在 ServerController 的窗體上, 並與其 Auther 屬性關聯.}
property List: TStrings //戶名與密碼表; 每行按 User=Pass 的格式輸入 property AutherPolicy: TAutherPolicy //該屬性有兩個選項 apRestrictAll(默認)、apRestrictNone(選這個表示不執行驗證) property OnAuthenticate: TOnAuthenticate //驗證成功後執行的事件
{在 ServerController 的窗體上放置 IWAutherList1, 然後雙擊該窗體(激活其 OnCreate 事件)} procedure TIWServerController.IWServerControllerBaseCreate(Sender: TObject); begin Self.Auther := IWAutherList1; IWAutherList1.List.Add('aaa=111'); IWAutherList1.List.Add('bbb=222'); IWAutherList1.List.Values['ccc'] := '333'; end; {這就好了, 如果在設計時完成上面工作會更方便}
property AutherPolicy: TAutherPolicy // property OnAuthenticate: TOnAuthenticate // {它需要的 ini 文件須命名為 #Auth.ini(它會保證不被用戶讀取, 應該使用 UTF8 格式保存), 並且和程序文件放在同一目錄(而非 wwwroot 下)} {其格式規范:-------------------- [戶名1] Password=密碼1 [戶名2] Password=密碼2 ... ------------------------------} {建好文件, 放對地方, 再關聯上 Auther 屬性就可以了}
property AutherPolicy: TAutherPolicy // property OnCheck: TOnCheck //就是在該事件中驗證; 假如要從數據庫驗證就應該用這種方法 property OnAuthenticate: TOnAuthenticate // {更多時候可能需要把驗證函數寫在 UserSessionUnit 單元(譬如通過數據庫驗證時), 這時應該保證 IWServerController.AuthBeforeNewSession = False(這也是默認值)}
{IWAutherEvent1 的 OnCheck 事件} function TIWServerController.IWAutherEvent1Check(const aUser, aPass: string): Boolean; begin Result := aPass = aUser + '123'; //假如密碼是: 用戶名+123 end; {需要保證關聯到 Auther 屬性} procedure TIWServerController.IWServerControllerBaseCreate(Sender: TObject); begin Auther := IWAutherEvent1; end;
{UserSessionUnit.pas} unit UserSessionUnit; interface uses IWUserSessionBase, SysUtils, Classes; type TIWUserSession = class(TIWUserSessionBase) private public function MyCheck(const AUser, APass: string): Boolean; end; implementation {$R *.dfm} { TIWUserSession } function TIWUserSession.MyCheck(const AUser, APass: string): Boolean; begin Result := APass.ToLower = AUser.ToLower + '123'; end; end. {-------------------------------------------------} {ServerController.pas, 有注釋的是自己添加的代碼} unit ServerController; interface uses SysUtils, Classes, IWServerControllerBase, IWBaseForm, HTTPApp, UserSessionUnit, IWApplication, IWAppForm, IW.Browser.Browser, IWAutherEvent, IWAutherINI, IWAutherBase, IWAutherList; type TIWServerController = class(TIWServerControllerBase) IWAutherEvent1: TIWAutherEvent; procedure IWServerControllerBaseNewSession(ASession: TIWApplication); procedure IWServerControllerBaseCreate(Sender: TObject); function IWAutherEvent1Check(const aUser, aPass: string): Boolean; private public end; function UserSession: TIWUserSession; function IWServerController: TIWServerController; implementation {$R *.dfm} uses IWInit, IWGlobal; function IWServerController: TIWServerController; begin Result := TIWServerController(GServerController); end; function UserSession: TIWUserSession; begin Result := TIWUserSession(WebApplication.Data); end; {IWAutherEvent1 的 OnCheck 事件, 調用 UserSessionUnit.TIWUserSession 的驗證函數} function TIWServerController.IWAutherEvent1Check(const aUser, aPass: string): Boolean; begin Result := UserSession.MyCheck(aUser, aPass); end; {OnCreate 事件, 這個關聯可以在設計時做} procedure TIWServerController.IWServerControllerBaseCreate(Sender: TObject); begin Auther := IWAutherEvent1; end; procedure TIWServerController.IWServerControllerBaseNewSession(ASession: TIWApplication); begin ASession.Data := TIWUserSession.Create(nil, ASession); end; initialization TIWServerController.SetServerControllerClass; end.