auth token pass with ws

emiMobileServer/Source/Ws.Server.Module.dfm

@@ -29,6 +29,7 @@ object WsServerModule: TWsServerModule
     end
     object XDataServer1JWT: TSparkleJwtMiddleware
       OnGetSecret = XDataServer1JWTGetSecret
+      TokenParam = 'token'
     end
   end
 end

webEMIMobile/Module.Websocket.pas

@@ -3,7 +3,8 @@ unit Module.Websocket;
 interface
 
 uses
-  System.SysUtils, System.Classes, WEBLib.WebSocketClient, Web, WEBLib.Controls, WEBLib.Modules;
+  System.SysUtils, System.Classes, WEBLib.WebSocketClient, Web, WEBLib.Controls, WEBLib.Modules,
+  Auth.Service;
 
 type
   TdmWebsocket = class(TWebDataModule)
@@ -41,7 +42,7 @@ end;
 
 procedure TdmWebsocket.Connect(const AWsUrl: string);
 var
-  Rest, HostPort, Scheme: string;
+  Rest, HostPort, Scheme, Path, Token: string;
   ColonSlashSlash, SlashPos, ColonPos: Integer;
 begin
   if AWsUrl = '' then
@@ -59,14 +60,26 @@ begin
   if SlashPos > 0 then
   begin
     HostPort := Copy(Rest, 1, SlashPos - 1);
-    EMiMobileWebSocketClient.PathName := Copy(Rest, SlashPos, MaxInt);
+    Path := Copy(Rest, SlashPos, MaxInt);
   end
   else
   begin
     HostPort := Rest;
-    EMiMobileWebSocketClient.PathName := '/';
+    Path := '/';
   end;
 
+  // Append JWT token as query param — browsers can't set Authorization headers on WebSocket.
+  Token := AuthService.GetToken;
+  if Token <> '' then
+  begin
+    if Pos('?', Path) > 0 then
+      Path := Path + '&token=' + Token
+    else
+      Path := Path + '?token=' + Token;
+  end;
+
+  EMiMobileWebSocketClient.PathName := Path;
+
   ColonPos := Pos(':', HostPort);
   if ColonPos > 0 then
   begin