We have to authenticate against a legacy user database already populated, storing passwords encrypted in a proprietary format. The table also use the USERNAME field as the primary index. This means that we can’t use the ORM, as mORMot’s ORM requires a single integer primary key field.
Authentication in mORMot is handled through a dedicates set classes: TSQLAuthUser and TSQLAuthGroup.
For simplicity’s sake we’ll keep the implementation brief and simple.
mORMot ships with a couple of predefined groups: Admin, Supervisor, User and Guest. See the documentation for more information.
In our sample we’ll force all our users to belong to group User.
The first step would be to derive our own User from TSQLAuthUser:
type TDummySQLUser = class(TSQLAuthUser) protected class function ComputeHashedPassword(const aPasswordPlain: RawUTF8): RawUTF8; override; public constructor Create( aUserName, aPassword : RawUTF8 ); reintroduce; end;
The new constructor simply gives us an opportunity to set some of the internals to sane defaults. For one we need to set the internal ID, the encrypted password (as it’s stored in the database) and we need to force the group. Browsing through the mORMot code shows that the User group will be assign the ID 3. This means that the User’s GroupRights property should be set to 3, but because mORMot’s ORM stores referenced objects as their ID’s, 3 needs to be type casted:
GroupRights := TSQLAuthGroup($3);
This leaves us with the following implementation:
constructor TDummySQLUser.Create( aUserName, aPassword : RawUTF8 ); begin inherited Create; fID := 1; LogonName := aUserName; PasswordHashHexa := aPassword; GroupRights := TSQLAuthGroup($3); end;
The magic happens in the overridden method ComputeHashedPassword. This method gets called by the system to calculate the hash of a plain text password. In our version we simply implement it as such:
class function TDummySQLUser.ComputeHashedPassword(const aPasswordPlain: RawUTF8): RawUTF8; begin Result := EncryptMyPass( Value ); end;