Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

Integrating Auth0 authentication with existing user database

Tags:

I've a requirement to integrate Auth0 in our project (Reactjs/Hapijs/MySQL). I checked the documentation and they have many examples and that is great, however, I can't find any related to how exactly do I use my existing user database.

In my application I have users and those users can have one or more projects. With the authorization that we currently use, a user logs in, I check what projects does he own and send it to the React application.

I am missing a document that explains me how to use Auth0 and still be able to check in my database what projects user owns.

My idea on how that should work (I might be wrong):

  1. User sends username and password to our server
  2. Our server makes request to Auth0 (with provided credentials)
  3. Auth0 replies back to our server with some token
  4. We look in users table in our database and try to verify the existence of that user
  5. If it is a match then we simply look (as we already do) for user projects.

Is this how it is supposed to work?

like image 898
Wexoni Avatar asked Oct 18 '16 07:10

Wexoni


1 Answers

There are a few options available for scenarios where you want to integrate Auth0 with applications that already have existing user databases. You can either:

  1. continue to use your existing store
  2. progressively migrate your users from your custom store to the Auth0 store

You don't mention it explicitly, but judging from your expected flow it seems you would be wanting to implement the first option. There is specific documentation that you can follow that explain how you can setup your custom database connection, see Authenticate Users with Username and Password using a Custom Database. It mentions MySQL, but others database servers are supported and there are many templates that will allow you to quickly setup things.

When you complete this the final flow will be the following:

  1. Using either Auth0 authentication libraries (Lock) or your custom UI you'll ask the user for their credentials
  2. Either Lock or your custom UI submits the credentials to Auth0 authentication API
  3. Auth0 authentication API validates the credentials by calling scripts that execute against your custom database (these scripts were provided by you when you configured the database connection)
  4. If the credentials are valid the Authentication API will return a token to the calling application that will have user information and proves the users is who he say he is.

The scripts you need to provide are the following, but only one is mandatory:

  • Login script (executed each time a user attempts to login) (mandatory)
  • Create user script
  • Verify email script
  • Change password script
  • Delete user script

The optional scripts are only required when you want to provide the associated functionality through Auth0 libraries, if only need the login to work then you can skip them. The login script, in the case of a valid user, is also where you return the profile information of the user, for example, you could in theory include their owned projects in the user profile.

like image 137
João Angelo Avatar answered Sep 22 '22 16:09

João Angelo