fastbike
commented
1 month ago You've covered off quite bit here. We're currently running:
- a machine to machine web service handling around 800k requests per day (requests conforming to HL7 FHIR) with a lot of back end xml rules based validation
- a web based JSON-RPC web UI application with read and write.
- a htmx web ui application, mainly read only presentation used by 200k users on a daily basis
- an internal configuration tool with read and write
-
a small server / desktop app using DMVC on the bac end and a VCL app communicating via a REST API All of these applications are secured with OAuth2 JWT tokens issued by a third party IdP. We've written a separate authorisation middleware layer based on Smart on FHIR which suits our application domain. Happy to share a little more via the facebook group if you ask. We've found that you need to understand that web apps have a different paradigm than traditional c/s or three tier apps but DMVC can smooth the migration once you figure out what belongs at each layer of the stack. Related to your initial questions, you need to separate the identity/authentication part of the functionality (IdP) from the authorisation (roles):
authentication of users (IdP) admin interface (roles) signup / email verification (IdP/Roles) forgot password (IdP) mfa (IdP) user profile editing (Roles)
I would recommend using a third party OAuth2/OIDC service for the IdP functions and using application/role based functions for the rest.
danieleteti
geoffsmith82
What would be good is a fairly complete demo that includes what would be necessary for an multi-user authenticated website created with DelphiMVCFramework. It would include things such as
Currently the existing demos show how to implement various features - which is could to assist in understanding them and probably makes it easier to integrate into existing systems, but if you just want to get on with implementing your site from the start, there is a lot of code that needs to be written to get to the point of a secure and usable site.