Delphi mORMot - My Custom 404 error page

POST #026 =======================================================================
Welcome back. Delphi mORMot server will typically generate a error "Not Found" when you attempt to follow a dead link, this message indicates that the client was able to communicate with the server, but the server could not find what was requested.

I would like to display a customised 404 error page, including a more "friendly" message that work in no-script browsers. This is for browsers that do not understand JavaScript can be redirected to special pages that do not expect users to support JavaScript.

I'm using meta refresh tag <meta http-equiv="refresh" content="0; url=/root/">
to auto redirect page. Concerning absolute URIs in redirects, I don't know if this method is the best approach for redirection, but anyway, this is another story. So please stay tuned on upcoming videos. Thank you very much for listening, I'm warleyalex, and you take care.

Tags: Delphi mORMot URI redirection; Custom 404 error page; auto redirect page.
 

Smart Mobile Studio (Delphi for Javascript) - calendar widget

POST #025 =======================================================================
Welcome back, everyone. This is warleyalex. Playing with SMS - Smart Mobile Studio (AKA Object Pascal for Javascript). SmartMS instantly convertes pascal Delphi-like language into pure JavaScript. The code generated is ready to run on your iPhone or any HTML5 web-kit device. The idea here, in this mini video was demonstrate some SmartMS built-in datetime functions. As you know, since delphi and javascript deal with dates quite differently, this probably is an issue. I’m having a hard time to add an animation feature in Smart, but this is for the next video. So please stay tuned on upcoming videos. Thank you very much for listening, I'm warleyalex, and you take care.

Tags: Delphi for javascript; Object Pascal for Javascript; Smart Mobile Studio with jQuery.
 

Android with Delphi - Authentication + URI Signature

POST #024 =======================================================================
Welcome back, everyone. This is warleyalex. Playing with Delphi mORMot and Android again. In this mini video, I would like to demonstrate mORMot authentication scheme using Android as client side.

Before hand to take a step further, I will explain to you that Delphi mORMot uses a technique for security called “Query Authentication”. Therefore, each REST request will expect an additional parameter named "session_signature" which will be appended at the end of the URI. As you know, all REST query must be authenticated by signing the query parameter. This signature will be checked against the valid sessions in order to validate any further request to mORMot server. This signature seems to be very effective and will avoid most of attacks such as Man-In-The-Middle and re-plays attacks.

Imagine a scenario in which a client sends an encrypted user name and password to a server to log in. If an attacker intercepts the communication (using monitoring software) and replays the sequence, he will obtain the same rights as the user. If the system enables password modification, he could even replace it with another, depriving the user of his access. In this type of Man-in-the-Middle attack, packets and authentication tokens are captured using a sniffer. Once the relevant information is extracted, the tokens are placed back on the network to gain access.

The man-in-the middle attack intercepts a communication between two systems. The MITM attack is very effective because of the nature of the HTTP protocol and data transfer which are all ASCII based. In this way, it’s possible to view and interview within the http protocol and also in the data transferred. So, for example, it’s possible to capture a session cookie reading the HTTP header, but it’s also possible to change an amount of money transaction inside the application context.

I'm having hard time trying to figure out how to implement Android-mORMot authentication scheme, the issue is I have zero expertise with Java-Android technology, but anyway… I created a similar java class to mimic authentication mORMot approach in Android. As you know, most Android and iPhones applications use an initial screen or dialog box to ask for credentials. My app accepts username and password from the user and sends to remote server application for authentication. Finally displays the main screen to the user, which there is an icon named “My Calc”, this was based on project 14 - Interface-based services.

The idea here was demonstrate “URI signature” feature in Android, in order to enhance security. These are some of the basic functionality. Of course, it would be nice if I could add others functionality such as change password, reset password feature through email or even registration. But I’m having a hard time to add feature to prompt the user to re-login (when the session is expired), but this is another story. So please stay tuned on upcoming videos. Thank you very much for listening, I'm warleyalex, and you take care.
 

Android with Delphi - CRUD

POST #023 =======================================================================
Delphi XE5 – (AKA Delphi for Android), is officially out today. It’s neither a Delphi compiler for Java nor generates Dalvik¹ VM bytecode. The compiler named “dccaarm” produces native applications with binary code, compiler builds native machine instructions ARM executables, generating automatically the package .apk. Emborcadaro guys are always stating the word native, the “native machine code” is better than and so on. To be honest, I think “native” here is synonymous of “sex”, anyone talking about it all the time generally is not doing it. In my opinion, seems to be a very interesting tool, despite the price of $ 1.5K - too expensive for most programmers.

Talking about price, size, Delphi and Android, take a look at what I'm trying to build: is a REST server with the old Delphi 7 with Android. The Android Client will list data in a simple widget listview. My first app does something useful, perform CRUD operations such as create, insert, or delete records. Eclipse with Android SDK generates this application to an .apk in 60 KB in size.


AHA! By contrast, an empty Hello World application project in Delphi for Android XE5 – the generated code (file with extension .so) a kind of shared objects library in Linux, is much bigger: around 5MB in size. How quickly does that native binary grow when you add more capability? Normally, I’m very optimistic, but recently I’ve becoming very pessimist with EMBT these days, but this is another story. So please stay tuned on upcoming videos. Next video, I'm going to talk about REST authentication using Android client. Thank you very much for listening, I'm warleyalex from Sete Lagoas, and you take care.

_______
Dalvik¹ Virtual Machine requires that the Java bytecode .class is converted to the Dalvik bytecode, so from compiled Java class files, the files are converted to the Dalvik VM bytecode to native files. dex. The Dalvik virtual machine Android normally does not run Java bytecode.  

Delphi with jQuery UI Multiselect component

POST #022 =======================================================================
I would like to submit an array of strings from a web form to Delphi mORMot server through GET request.
Suppose you have a multi select jQuery UI control which allows users to select items, you would like to save the multi selected items to a database. When the page is next loaded you want to retrieve the list of items from a remote data source but also set the currently selected items.

I suspect that there is a clever way to do this in mORMot, but here I'm using another alternative approach to pass json encoded array into URL via GET method. My mORMot service I've written seems fine with having an array of strings as input using Delphi type "set with enumerations". The array will automatically be parsed by mORMot.
If you don’t know, ENUMERATIONS is simply a fixed range of named values. Each of the values in an enumeration must be unique in a program. It allows a variable to have one, and only one value from a fixed number of values. Otherwise, a SET is a collection of values of the same ordinal type. Sets allow you to have any combination of the given values - none, 1, some, or all. Sets with Enumerations is used to mix both enumerated types and set types. I know this might look complicated, but it really isn't!

Tags: jquery UI with delphi mORMot; Delphi mORMot UI Settings; Delphi jquery multi select list; Delphi REST server;

Warleyalex from Sete Lagoas-MG, Brazil

Delphi with jQueryMobile - Store User settings JSON object in DB

POST #021 =======================================================================
The end-result of this mini-video was demonstrate the aproach JSON based-data or key-per-column. The idea is store UI settings JSON object into Sqlite database. Once stored, I’ll retrieve these preferences when user returns to the web app and set the UI as it was when they last left it at later time. One obvious drawback of this approach is that it makes it VERY slow to find things, but it's fine for small structure of data you don't need to search by.

I'm using meta columns which stores data about the user in JSON format. For example, "roles" object is stored as TEXT in Sqlite database column, and extracted directly as such from DB. You just need to decode JSON string as a JSON object. For instance, it is just one line of javascript. I'm using the stringify method to convert the JS object into a string, store it in the Sqlite database and then pull it back and use the reverse parse method to give me the javascript object back.

Maybe this is neither the best aproach to store UI user preferences nor design-wise or performance-wise, but I believe that it often makes sense to organize small trunk of data and store it in json object in database. That's all.

Tags: smart phones with delphi; Delphi mORMot UI Settings; Delphi jquery mobile; Delphi REST server;

Warleyalex from Sete Lagoas-MG, Brazil