JWT Token working and tested for expiration

6219d663 · Cam Hayes · 3a2f4189 · 6219d663 · 6219d663
Commit 6219d663 authored Jan 02, 2026 by Cam Hayes
Hide whitespace changes
Inline Side-by-side

Showing with 25 additions and 0 deletions

Api.Server.Module.dfm kgOrdersServer/Source/Api.Server.Module.dfm +2 -0

Api.Server.Module.pas kgOrdersServer/Source/Api.Server.Module.pas +23 -0

No files found.
--- a/kgOrdersServer/Source/Api.Server.Module.dfm
+++ b/kgOrdersServer/Source/Api.Server.Module.dfm
@@ -24,7 +24,9 @@ object ApiServerModule: TApiServerModule
    object XDataServerCompress: TSparkleCompressMiddleware
    end
    object XDataServerJWT: TSparkleJwtMiddleware
+      ForbidAnonymousAccess = True
      OnGetSecret = XDataServerJWTGetSecret
+      OnForbidRequest = XDataServerJWTForbidRequest
    end
  end
 end
--- a/kgOrdersServer/Source/Api.Server.Module.pas
+++ b/kgOrdersServer/Source/Api.Server.Module.pas
@@ -28,6 +28,8 @@ type
    procedure XDataServerLoggingMiddlewareCreate(Sender: TObject;
      var Middleware: IHttpServerMiddleware);
    procedure XDataServerJWTGetSecret(Sender: TObject; var Secret: string);
+    procedure XDataServerJWTForbidRequest(Sender: TObject;
+      Context: THttpServerContext; var Forbid: Boolean);
  private
    { Private declarations }
  public
@@ -91,6 +93,27 @@ begin
  Middleware := TLoggingMiddleware.Create(Logger);
 end;

+procedure TApiServerModule.XDataServerJWTForbidRequest(Sender: TObject;
+  Context: THttpServerContext; var Forbid: Boolean);
+var
+  Path: string;
+begin
+  Path := Context.Request.Uri.Path;
+
+  if SameText(Context.Request.Method, 'OPTIONS') then
+    Forbid := False;
+
+  if Path.Contains('/swaggerui') then
+    Forbid := False;
+
+  if Path.Contains('/openapi/swagger.json') then
+    Forbid := False;
+
+  if Forbid then
+    Logger.Log(1, '[JWT] ForbidRequest fired (token missing/invalid/expired?)');
+
+end;
+
 procedure TApiServerModule.XDataServerJWTGetSecret(Sender: TObject;
  var Secret: string);
 begin