I have the following implementation of Login and Logout methods on server side. Are these correct?
For some reason i am receiving session not found exception when i do Logout.
function TIdlsAuthService.Login(const AUsername: string; const APassword: string; const AUserParams: string; out AUserInfo: DataAbstract4_intf.UserInfo): Boolean;
var vConnection: IDAConnection;
vDataSet: IDADataSet;
vSL: TStringList;
begin
vSL := TStringList.create;
try
vSL.CommaText := AUserParams;
vConnection := Schema.ConnectionManager.NewConnection('idls', TRUE);
vDataSet := Schema.NewDataSet(vConnection, 'LOGIN');
vDataSet.ParamByName('user_id').AsString := AUsername;
vDataSet.ParamByName('passname').AsString := APassword;
vDataSet.open;
result := (vDataSet.RecordCount > 0) and (not LookupSession(vSL));
if result then begin
CreateSession;
aUserInfo := UserInfo.Create;
aUserInfo.SessionID := Utf8Encode(GuidToString(ClientID));
AUserInfo.UserID := vDataset.Fields[0].AsString;
Session.Values['UserID'] := vDataset.Fields[0].AsInteger;
Session.Values['IPAddress'] := vSL[0];
end
else
DestroySession;
finally
vSL.free
end;
end;
procedure TIdlsAuthService.Logout(const AUserID: Integer);
var vIdx: integer;
vSL: TStringList;
vSession: TROSession;
vSessionID: string;
begin
vSL := TStringList.create;
try
SessionManager.GetAllSessions(vSL);
for vIdx := 0 to vSL.count - 1 do begin
vSessionID := vSL[vIdx];
vSession := SessionManager.FindSession(StringToGUID(vSessionID));
if Assigned(vSession) then
if vSession.Values['UserID'] = AUserID then begin
SessionManager.DeleteSession(StringToGUID(vSessionID), FALSE);
DestroySession;
break
end
end;
finally
vSL.free;
end;
end;
function TIdlsAuthService.LookupSession(const AUserParams: TStringList): boolean;
var vIdx: integer;
vSL: TStringList;
vSession: TROSession;
vSessionID: string;
begin
result := FALSE;
vSL := TStringList.create;
try
SessionManager.GetAllSessions(vSL);
for vIdx := 0 to vSL.count - 1 do begin
vSessionID := vSL[vIdx];
vSession := SessionManager.FindSession(StringToGUID(vSessionID));
if Assigned(vSession) then
if vSession.Values['IPAddress'] = AUserParams[0] then begin
result := TRUE;
break
end
end;
finally
vSL.free;
end;
end;