Implementing Passwordless Login with DF

how possible is it to use dreamfactory and implement a login page for my web app that uses dreamfactory.

  1. DF syncs users from Active Directory
  2. User input email address into login form
  3. Web app passes the email address to DF, checks it is a valid user, creates a ‘session’ that last for 1 hour, then generate a 1 time login URL (maybe with JWT embed in the url string), finally send this generated URL to the user email
  4. User clicks on link in the email and is logon to the web app.

Possible? How?

=>Yes, its possible. Set a random password in step 1 into DF and create the user.
=> Generate DF session token ( JWT ) for that user and manually insert into session token map table
=> Use the JWT token to access / login accordingly for 1 hour.

Its a bit complicated to generate the JWT as DF internally has modified JWT structure to encrypt using some logic. If you dig around the src and you’ll know it.

But definitely possible. We have done it.