TsgcWebSocketHTTPServer › Events › OnUnknownAuthentication
Fires when authentication is enabled and the authentication method is not recognized by the server.
property OnUnknownAuthentication: TsgcWSUnknownAuthenticationEvent;
// TsgcWSUnknownAuthenticationEvent = procedure(Connection: TsgcWSConnection; AuthType, AuthData: String; var aUser, aPassword: String; var Authenticated: Boolean) of object—
OnUnknownAuthentication is raised when the client presents an Authorization header that does not match one of the built-in schemes (Basic, Session, URL), for example a JWT Bearer token or a custom scheme. The AuthType parameter contains the scheme name and AuthData contains the raw credentials sent by the client; the application can parse them, populate the aUser and aPassword output parameters (so the session is tagged with a username), and finally set Authenticated to True to accept the connection or to False to reject it. Applies to both WebSocket upgrades and HTTP requests when Authentication.Enabled is True.
procedure OnUnknownAuthentication(Connection: TsgcWSConnection; AuthType, AuthData: string;
var aUser, aPassword: string; var Authenticated: Boolean);
begin
if AuthType = 'Bearer' then
begin
if AuthData = 'jwt_token' then
Authenticated := True
else
Authenticated := False;
end
else
Authenticated := False;
end;