Create an angular app with api rest and double mysql authentication

Question

Here is my first angular project :

An Angular planning app, feeded with data stored in a mysql database and send in json. There is a user system. Each user is given an ID and a Password to reach his own data stored in his own database. This structure cannot be edited because the original datas are retrieved from an existing software and sended to these databases for each user.

My problem is : From the main login page of the application, how to make this specific user logged in his database ?

My ideas:
- Create a "login" database with the ID, the Password and the user's database connection to allow my application to connect to the right database
- Create a sort of "router" on the server to redirect properly the user to his data directly

I'm a bit lost and any tips would be thankful!

Mickael

Answer 1

Not really an answer

For security reason, it's better to not store the password in the database : if a hacker has access to the database as reader, he can connect with any account, including admin...

The best way to store connexion data is to create a hash from the login and the password, for exemple with sha1 algorithm. This creates a signature impossible to reverse.

The procedure is the following :

When signing in :

• Get the login and password given by the new user
• Check the login is not already present in the database
• Concatenate the login, the password and some salt, and calculate the sha signature of the concatenation
• Store the login and the hash in the database

When loging in :

• Get the login and password given by the user
• Concatenate the login, the password and the same salt, and calculate the sha signature of the concatenation
• Check the pair (login,hash) is existing in the database

Example of hashing in php :

$login = 'toto';
$password = '123456789';
$salt = '$!*%';
$hash = sha1($salt.$login.$password);