Implementing Passwordless Login with DF

garyhow · December 26, 2019, 2:00pm

how possible is it to use dreamfactory and implement a login page for my web app that uses dreamfactory.

DF syncs users from Active Directory
User input email address into login form
Web app passes the email address to DF, checks it is a valid user, creates a ‘session’ that last for 1 hour, then generate a 1 time login URL (maybe with JWT embed in the url string), finally send this generated URL to the user email
User clicks on link in the email and is logon to the web app.

Possible? How?

Hussain_Fakhruddin · February 6, 2020, 6:47am

=>Yes, its possible. Set a random password in step 1 into DF and create the user.
=> Generate DF session token ( JWT ) for that user and manually insert into session token map table
=> Use the JWT token to access / login accordingly for 1 hour.

Its a bit complicated to generate the JWT as DF internally has modified JWT structure to encrypt using some logic. If you dig around the src and you’ll know it.

But definitely possible. We have done it.

Topic		Replies	Views
JWT authentication without DF user registration Authentication & Security	3	2394	February 5, 2016
Using DreamFactory to Authenticate for Outside Apps Authentication & Security	1	2137	January 3, 2017
Login via username authentication	11	3223	July 21, 2017
How to create OpenID Provider server/application with DF? Authentication & Security	2	1892	January 28, 2016
Unable to login on DF 2.14	2	1136	February 27, 2020

Implementing Passwordless Login with DF

Related Topics