Hi
We currently have a very basic JWT Authentication model. We are looking to change this model so that the database login information is used as the user name and password for the authentication.
ie. We need to extend the JWT authentication so that it attempts to login to the Oracle database with the provided user name and password. If it succeeds then the authentication can continue, otherwise it fails.
I'm not experienced in .Net. Before I go down trying to work out how to do this, is anyone doing something similar?
I've done a quick search and haven't found something specific to what I'm after, but have found some 'general' links / info which I will start to investigate.
Kind regards
Rob
We currently use the method where the details are in the DefaultUserStore.cs as we were able to implement this quickly to get basic authentication going. We now need to be more secure (as it was an application level user being authenticated and not the actual user).
The logins our application uses are actual database logins so while we store the user login id in a table we don't store the passwords.
I've just started to look at extending that validate against the database code - but want it to just try connecting to the database with the details and if it passes then return ok otherwise fail the authentication. ie I don't want to build up a cached list of users.
Was wondering if anyone has done this before I start to dig further into this (as I'm not a .NET developer so it is a little foreign to me)
Cheers
Rob