-
Notifications
You must be signed in to change notification settings - Fork 8
Advanced Configuration
If you want to go beyond RealmiusServer.SetupShareEverythingSignalRServer (which will actually share all your data without any authentication/security) you will want to use another server configuration method:
public static void SetupSignalRServer(
string url,
IAppBuilder app,
IRealmiusServerConfiguration configuration)
You could notice third parameter of IRealmiusServerConfiguration<T>, this is where all the custom configuration should go (generic parameter <T> goes for the type of your User class). You could implement the interface yourself, or start by inheriting from RealmiusConfigurationBase and see what you have to override:
-
public abstract IList<Type> TypesToSync { get; }the list of types to be synced. That's what you previously passed to the SetupShareEverythingSignalRServer as last parameter.
public override IList<Type> TypesToSync => new[] { typeof(Message) };
-
public abstract object AuthenticateUser(IRequest request);this is where user authentication happen. IRequest is a SignalR object, which hasrequest.QueryStringproperty. You should pass user-related information inside the query string from the client (e.g.SyncServiceFactory.CreateUsingSignalR(Realm.CreateInstance, new Uri("http://localhost/Realmius?userLogin=John&userPass=123"),...)) use that information to authenticate the user on the server-side. Note, that passing login and password directly is not recommended (pass some key/hash instead) :).
If user is authenticated, return any object that identifies him (could be a string with username). This object will be passed back to CheckAndProcess and GetTagsForUser (see below)
If the user is not authenticated return null or throw an exception.
public override object AuthenticateUser(IRequest request)
{
var login = request.QueryString["userLogin"];
var password = request.QueryString["userPass"];
if (login == "John" && password == "123")
return "John";
return null;
}
-
public abstract IList<string> GetTagsForUser(object user, ChangeTrackingDbContext db);Realmius uses Tag-based security. I.e. each object stored in the database hasTagsassociated with it (seeGetTagsForObjectbelow). Each user hasTagsthe user has access to. If user has access to at least one object's tag, the access to that object is granted and it will be synced to the client. If no tags match between the user and the server, then the object won't be synced.
Return the tags the user has access to from this method. The method is called once, soon after the user is connected. By convention, we use tag "all" for objects that are accessible to all authorized users.
public override IList<string> GetTagsForUser(object user, ChangeTrackingDbContext db)
{
return new[] { "all" };
}
public abstract IList<string> GetTagsForObject(ChangeTrackingDbContext db, IRealmiusObjectServer obj)
Whenever an object is updated, this function is called to get the list of Tags associated with object. To understand how Tag-based security works please read the comment for GetTagsForUser function.
public override IList<string> GetTagsForObject(ChangeTrackingDbContext db, IRealmiusObjectServer obj)
{
return new[] { "all" };
}
-
public abstract bool CheckAndProcess(CheckAndProcessArgs<TUser> args);This function determines, whether the user is allowed to make changes to the database. That is, every time the object is uploaded from the client, it's going through the CheckAndProcess function and it's your responsibility to say, whether the update is allowed or not. You haveargs.User,args.OriginalDbEntity(entity as it is in database before user's changes are applied),args.Entity(entity with user's changes applied) to base your decision on. Returntrueif the changes are allowed;falseotherwise.
public override bool CheckAndProcess(CheckAndProcessArgs<object> args)
{
if (args.User == "John")
return false;
return true;
}
-
public override ILogger Logger { get; set; };This property allows to use custom logging in your application.