We are trying to integrate the SQL login with our own backend. This seems to work fine using the function:
checkSqlAuth: async (req, user) => (password,securityContext)
The problem is that this demands we retain passwords in plain text in our database. Is there any other integration point where we could do the password comparison or at least provide a hash and salt mechanism?
maybe something like:
checkSqlAuth: async (req, user) => (passwordHash, salt, hashAlgo, securityContext)
or even better
checkSqlAuth: async (req, user, password) => ?securityContext