Solved

WebServer Login

Posted on 2000-03-30
8
576 Views
Last Modified: 2010-04-04
Hi,
I'm making a WebServer using ISAPI and I'd like know how can I make a login interface, let me be more clear, How do I know if the user is loged in my Site to make his request.
I'll appreciate any sample or idea.

Thanks....

NetBeto.
0
Comment
Question by:netbeto
8 Comments
 
LVL 13

Expert Comment

by:Epsylon
ID: 2670930
0
 
LVL 17

Accepted Solution

by:
geobul earned 100 total points
ID: 2672668
Hi,


I usually use cookies for this purpose.
First of all you have a login HTML page where the user submits his/her name and password. Something like:
--------------
<HTML>
<HEAD><TITLE>My Web Site Login Page</TITLE></HEAD>
<BODY>
<FORM METHOD=POST ACTION="/your_path/MyScript.dll/login">

UserName :<INPUT TYPE=text     NAME="login" MAXLENGTH=10 SIZE=10>
Password :<INPUT TYPE=password NAME="passw" MAXLENGTH=10 SIZE=10>

<INPUT TYPE=submit NAME="LoginBtn" VALUE="Login">
<INPUT TYPE=reset VALUE="Clear">

</FORM>
</BODY>
</HTML>
-----------
where 'MyScript.dll' is the name of the your ISAPI program and '/login' is the 'command', corresponding with Action Item with PathInfo property = '/login'.


Reading login data and setting cookies :

{ /login web action item }
procedure TWebModule1.WebModule1WebActionItem1Action(Sender: TObject;
  Request: TWebRequest; Response: TWebResponse; var Handled: Boolean);
var
  slCookies : TStringList;
  login, passw : string;
begin
  slCookies := TStringList.Create;
  ...
  { reading values from the Request}
  login:=Request.ContentFields.Values['login'];
  passw:=Request.ContentFields.Values['passw'];
  { Verifying the login - check in a database table for example }
  ...
  { adding cookies to string list if access is granted }
  if .... then begin
    slCookies.Add('login='+login);
    slCookies.Add('passw='+passw);
    { set cookies in Response }
    Response.SetCookieField(slCookies,'','',Date,False);
    Response.Content := ..... { next HTML page after successful login }
  end else
    { something is not correct - set empty cookies }
    slCookies.Add('login='+'');
    slCookies.Add('passw='+'');
    { set cookies in Response }
    Response.SetCookieField(slCookies,'','',Date,False);
    Response.Content := .... { HTML page for error - access denied }
  end;
  .......
  Response.SendResponse;
  slCookies.Free;
end;


Reading cookies in the next requests to verify the user:

{ Another web action item }
procedure TWebModule1.WebModule1WebActionItem2Action(Sender: TObject;
  Request: TWebRequest; Response: TWebResponse; var Handled: Boolean);
var
  login, passw : String;
begin
  ...
  login := Request.CookieFields.Values['login'];
  passw := Request.CookieFields.Values['passw'];
  if login <> '' then begin
    ...
  end;
  ...
end;

Regards, Geo
0
 

Author Comment

by:netbeto
ID: 2673850
Listening...
0
Free Tool: Postgres Monitoring System

A PHP and Perl based system to collect and display usage statistics from PostgreSQL databases.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

 
LVL 3

Expert Comment

by:bryan7
ID: 2678631
listenning
0
 

Author Comment

by:netbeto
ID: 2701471
Hi Geo,
You said,
Reading cookies in the next requests to verify the user:

{ Another web action item }
procedure TWebModule1.WebModule1WebActionItem2Action(Sender: TObject;
  Request: TWebRequest; Response: TWebResponse; var Handled: Boolean);
var
  login, passw : String;
begin
  ...
  login := Request.CookieFields.Values['login'];
  passw := Request.CookieFields.Values['passw'];
  if login <> '' then begin
    ...
  end;
  ...
end;

Do I have to make some especial HTML to make requests after have loged on?? How can my ISAPI know about the last read Cookie??

Thanks,

NetBeto
0
 
LVL 17

Expert Comment

by:geobul
ID: 2703626
Hi,

  Usually, after successful login, the server application sends main (index, default) HTML page to the client in response. Next requests are made from the main page (links, buttons etc.). In response to these requests the app sends another pages and so on.
  Your app can read login and pass cookies on every request (except login request because they are not set yet) in OnBeforeDispatch event handler and compare the values to the database.

  How can my ISAPI know about the last read Cookie?? - I do not understand what you mean.

Regards, Geo
0
 

Author Comment

by:netbeto
ID: 2703845
Hi,
"Your app can read login and pass cookies on every request" do you mean that every link on my main page after login must send the login informations??

Thanks,

NetBeto.
0
 
LVL 17

Expert Comment

by:geobul
ID: 2704400
Hi,
When your app has already set login info as cookies, the client browser takes care about sending them in every request. Your app sets them once on login and can read them many times (and every time). Links on pages are not involved here. Cookies are sending always when the browser makes a request to the server.

Regards, Geo
0

Featured Post

Free Tool: Site Down Detector

Helpful to verify reports of your own downtime, or to double check a downed website you are trying to access.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

A lot of questions regard threads in Delphi.   One of the more specific questions is how to show progress of the thread.   Updating a progressbar from inside a thread is a mistake. A solution to this would be to send a synchronized message to the…
Introduction Raise your hands if you were as upset with FireMonkey as I was when I discovered that there was no TListview.  I use TListView in almost all of my applications I've written, and I was not going to compromise by resorting to TStringGrid…
I've attached the XLSM Excel spreadsheet I used in the video and also text files containing the macros used below. https://filedb.experts-exchange.com/incoming/2017/03_w12/1151775/Permutations.txt https://filedb.experts-exchange.com/incoming/201…

808 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question