Azure Mobile Services Authentication - changing token store storage using sql tables?

0
votes

According to documentation on this chapter here , it is said that

Azure App Service Authentication / Authorization maintains a token store in the XDrive (which is the drive that is shared among all instances of the backend within the same App Service Plan). The token store is located at D:\home\data\.auth\tokens on the backend. The tokens are encrypted and stored in a per-user encrypted file.

I guess that XDrive is blob storage. I have my own asp.net membership user tables, It already implements external logins for like google, facebook, amazon etc. using MVC and web api. I am wondering if I can change token storage and use those tables for integrity between my web and mobile apps instead of having 2 separate solutions.

I have already implemented username/password login for my existing logins using web api and it works fine. so if I can also use azure mobile services for that instead of Azure active directory.

enter image description here

1
xamarinazure-mobile-services

1 Answers

0
votes

I am wondering if I can change token storage and use those tables for integrity between my web and mobile apps instead of having 2 separate solutions.

I assume that you want to use Custom Authentication. If it is that case, you could implement the custom endpoint to accept the user paramters and check the user name and password with your database. The following is the code snippet from the article 

[Route(".auth/login/custom")]
    public class CustomAuthController : ApiController
    {
        private MobileServiceContext db;
        private string signingKey, audience, issuer;

        public CustomAuthController()
        {
            db = new MobileServiceContext();
            signingKey = Environment.GetEnvironmentVariable("WEBSITE_AUTH_SIGNING_KEY");
            var website = Environment.GetEnvironmentVariable("WEBSITE_HOSTNAME");
            audience = $"https://{website}/";
            issuer = $"https://{website}/";
        }

        [HttpPost]
        public IHttpActionResult Post([FromBody] User body)
        {
            if (body == null || body.Username == null || body.Password == null ||
                body.Username.Length == 0 || body.Password.Length == 0)
            {
                return BadRequest(); ;
            }

            if (!IsValidUser(body))   //add your logic to verify the use
            {  

                return Unauthorized();
            }

            var claims = new Claim[]
            {
                new Claim(JwtRegisteredClaimNames.Sub, body.Username)
            };

            JwtSecurityToken token = AppServiceLoginHandler.CreateToken(
                claims, signingKey, audience, issuer, TimeSpan.FromDays(30));
            return Ok(new LoginResult()
            {
                AuthenticationToken = token.RawData,
                User = new LoginResultUser { UserId = body.Username }
            });
        }