Hi I have the following scenario and would like some guidance.
I have users setup in a mysql database.
Each user already has a username and password.
For the purpose of our web app our current registration and user management works fine but now we would like to incorporate dream factory as an end point for our api. The problem I’m coming across is that from what I’ve read all the users and passwords need to be handled by dream factory for users. This will be a problem since we can’t ask all users to reset their passwords. Is there away we can put an “api key” into our current database and then do some server logic to make sure that it exist?
Here is my solution but I’m not even sure if I’m going about this the right way. I’m a rookie at this.
- In our database we would automatically create a table with an api key.
- We would grant access via a role to the needed tables.
- We would do a server logic that says
myapicolumn = apitoken from app. If this is true they can access the api if not then they wouldn’t be able to.
If the above scenario is just not the way to go about this can you please point me in the right direction?