We’re building a web services platform to begin to replace parts of an existing monolith. The first front to back operation I want to attack is authentication.
I’ve successfully incorporated the concepts in the angular demo DF has online but i have a more general question.
If our existing mysql db is 40-50k users how should we consider authenticating them into an app?
Does each user have to be in the DF users console or authenticated through an ad/ldap?
Should we create a server-side php script to hash the incoming pswd and provide the app a login success/fail? If so, how would we approach passing a session token back which would qualify that user access to authorized endpoints?
Thx for any input. Look forward to your feedback.
so currently you have 40-50k users that authenticate through a mechanism you built previously?
What type of authentication is it? JWT?
You could potentially write your own DreamFactory OAuth module to use your existing authentication scheme as an OAuth provider (similar to how we have the facebook and google OAuth services.) That might be the easiest way to accommodate such a large number of users.
Otherwise, yes, every user will need to have their own login to DF (either directly or through AD, Facebook, Google, etc.)
And you can use lookup keys to link DF users to user data in your external database.
yes, our user credentials are stored on an in-house authentication server which we interface with through oauth2. once authenticated using our login app the client is issued a jwt to access other trusted components in our web services architecture. look forward to getting more into the df docs. i’m not quite their with understanding the lookup key functionality. thx, drew. bkc
Hello @bcummins were you able to get this figured out? I’m having the same scenario where I have users in a database which has a username and password. Can you give me any input on how you took care of it?
I too am looking into a method of authenticating on an external SQL database. There has been some discussion about Lookup Keys possibly being able to achieve this although the discussions are inconclusive. Are there any developments regarding this?
regards,
Jeff