Thread Rating:
  • 0 Vote(s) - 0 Average
  • 1
  • 2
  • 3
  • 4
  • 5
Allow only active sessions access to a THandlers?
#1
I'm trying to implement Server-side datatables.  
In my template I have something like this:

Code:
<script type="text/javascript" class="init">
$(document).ready(function() {
$('#UTCDRTABLE').DataTable( {
                    "serverSide": true,
                    "processing": true,
                    "ajax": "GetSomeData",
                    "order": [[ 1, "desc" ]]
                });
} );
</script>

... and in the ServerController I registered a THandlers like this:

Code:
with THandlers.Add('', 'GetSomeData', TContentGetSomeData.Create) do
begin
  CanStartSession := true
  RequiresSessionStart := false;
end;

... and I want only users that already have an active session (logged in) to access https://myip/GetSomeData and if the user is not logged in, to be redirected to the login page (main page). 
The way is set up now, as in the code above, everyone can try to GetSomeData and any combinations of true of false I tried for CanStartSession,  RequiresSessionStart doesn't get me the result I need. Actually, if I change anything on how I declare the THandlers.Add, I never get to TContentGetSomeData.Execute

What am I doing wrong and is this the way to do it?
Reply
#2
It seems that the problem is with "UseCookies" from ServerController (a bug?). I had UseCookies set to false and it seems that if it's false and if the values of THandlers.Add are:
CanStartSession := false;
RequiresSessionStart := true;

... you will never get to TContentGetSomeData.Execute.
Reply
#3
Hi. you can use newcallbacks methods to do the same "serverside" processing DataTable. Look here
Use this:
Code:
TIWCallbackProc2 = reference to procedure (aParams: TStrings; out aResult: string);
Reply
#4
(07-15-2020, 11:55 PM)ioan Wrote: It seems that the problem is with "UseCookies" from ServerController (a bug?). I had UseCookies set to false and it seems that if it's false and if the values of THandlers.Add are:
CanStartSession := false;
RequiresSessionStart := true;

... you will never get to TContentGetSomeData.Execute.

Some specific cases require cookies otherwise the session information is not passed along with the request. This is one of those cases.

In that case you need to do one of 2 things:
1) enable cookies, or
2) enable SessionOptions.UniqueURL (in that case the URL will contain the SessionID or the surrogate ID which uniquely identify the session)
Reply
#5
SessionOptions.UniqueURL worked, thanks Alex!
Reply


Forum Jump:


Users browsing this thread: 1 Guest(s)