堆栈内存溢出
  简体   繁体   English

将Auth0身份验证与现有用户数据库集成

[英]Integrating Auth0 authentication with existing user database

 原文  2016-10-18 07:51:48       javascript/ mysql/ reactjs/ auth0

问题描述

I've a requirement to integrate Auth0 in our project (Reactjs/Hapijs/MySQL). 我需要在我们的项目中集成Auth0(Reactjs / Hapijs / MySQL)。 I checked the documentation and they have many examples and that is great, however, I can't find any related to how exactly do I use my existing user database. 我检查了文档,他们有很多例子,这很好,但是,我找不到任何与我如何使用现有用户数据库有关的信息。

In my application I have users and those users can have one or more projects. 在我的应用程序中,我有用户,这些用户可以有一个或多个项目。 With the authorization that we currently use, a user logs in, I check what projects does he own and send it to the React application. 通过我们当前使用的授权,用户登录,我检查他拥有哪些项目并将其发送到React应用程序。

I am missing a document that explains me how to use Auth0 and still be able to check in my database what projects user owns. 我错过了一个文档,它解释了我如何使用Auth0并仍然可以检查我的数据库用户拥有什么项目。

My idea on how that should work (I might be wrong): 关于它应该如何工作的想法(我可能错了):

  1. User sends username and password to our server 用户向我们的服务器发送用户名和密码
  2. Our server makes request to Auth0 (with provided credentials) 我们的服务器向Auth0发出请求(提供凭据)
  3. Auth0 replies back to our server with some token Auth0用一些令牌回复我们的服务器
  4. We look in users table in our database and try to verify the existence of that user 我们查看数据库中的users表并尝试验证该用户是否存在
  5. If it is a match then we simply look (as we already do) for user projects. 如果它匹配,那么我们只是看(就像我们已经做的)用户项目。

Is this how it is supposed to work? 这是它应该如何工作?

1 个解决方案

解决方案1
 4 已采纳  2016-10-18 08:30:49

There are a few options available for scenarios where you want to integrate Auth0 with applications that already have existing user databases. 对于要将Auth0与已有用户数据库的应用程序集成的方案,有几个选项可用。 You can either: 你可以:

  1. continue to use your existing store 继续使用您现有的商店
  2. progressively migrate your users from your custom store to the Auth0 store 逐步将用户从自定义商店迁移到Auth0商店

You don't mention it explicitly, but judging from your expected flow it seems you would be wanting to implement the first option. 你没有明确提到它,但从你的预期流量判断,你似乎想要实现第一个选项。 There is specific documentation that you can follow that explain how you can setup your custom database connection, see Authenticate Users with Username and Password using a Custom Database . 您可以按照特定文档说明如何设置自定义数据库连接,请参阅使用自定义数据库对用户名和密码进行身份验证 It mentions MySQL, but others database servers are supported and there are many templates that will allow you to quickly setup things. 它提到了MySQL,但是支持其他数据库服务器,并且有许多模板可以让你快速设置。

When you complete this the final flow will be the following: 完成此操作后,最终的流程如下:

  1. Using either Auth0 authentication libraries (Lock) or your custom UI you'll ask the user for their credentials 使用Auth0身份验证库(Lock)或您的自定义UI,您将询问用户的凭据
  2. Either Lock or your custom UI submits the credentials to Auth0 authentication API Lock或您的自定义UI将凭据提交给Auth0身份验证API
  3. Auth0 authentication API validates the credentials by calling scripts that execute against your custom database (these scripts were provided by you when you configured the database connection) Auth0身份验证API通过调用针对您的自定义数据库执行的脚本来验证凭据(这些脚本是您在配置数据库连接时提供的)
  4. If the credentials are valid the Authentication API will return a token to the calling application that will have user information and proves the users is who he say he is. 如果凭证有效,则Authentication API将向具有用户信息的调用应用程序返回令牌,并证明用户是他所说的用户。

The scripts you need to provide are the following, but only one is mandatory: 您需要提供的脚本如下,但只有一个是必需的:

  • Login script (executed each time a user attempts to login) ( mandatory ) 登录脚本(每次用户尝试登录时执行)( 必填
  • Create user script 创建用户脚本
  • Verify email script 验证邮件脚本
  • Change password script 更改密码脚本
  • Delete user script 删除用户脚本

The optional scripts are only required when you want to provide the associated functionality through Auth0 libraries, if only need the login to work then you can skip them. 只有当您想通过Auth0库提供相关功能时才需要可选脚本,如果只需要登录工作,那么您可以跳过它们。 The login script, in the case of a valid user, is also where you return the profile information of the user, for example, you could in theory include their owned projects in the user profile. 对于有效用户,登录脚本也是您返回用户的配置文件信息的位置,例如,理论上您可以在用户配置文件中包含其拥有的项目。

暂无
暂无

声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.

相关问题 使用 auth0 进行身份验证 - Authentication using auth0 Auth0登录身份验证 - Auth0 login Authentication 使用 Cypress 进行 Auth0 身份验证 - Auth0 authentication with Cypress 用户登录后,Auth0 使用我自己的数据库进行 CRUD - Auth0 using my own database for CRUD after user logs in Auth0管理员/用户范围 - Auth0 Admin / User Scopes 使用Vue.js和Auth0进行前端身份验证时如何在Django的后端数据库中创建用户 - How to create users in Django's backend database when using Vue.js and Auth0 for frontend authentication 如何在使用auth0进行身份验证的React应用中获取用户信息 - How to get user info in a react app which uses auth0 for authentication 使用Socket.IO强制验证Auth0 - Auth0 with Socket.IO forcing authentication Auth0 Lock中未触发认证回调函数 - The authentication callback function is not triggered in Auth0 Lock Auth0 - 禁用用户配置文件缓存 - Auth0 - Disable user profile cache
相关标签
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM