Given a username, is it possible to automatically log in a user to  web application?

I can use an aggregate to the Users table to get my user and their encrypted password, but the User_Login server action seems to need the unencrypted password.

The scenario I am trying to fix is that we have a page on our internal network that validates a user, and if they pass validation then they are redirected to an OutSystems logging in page. This logging in page should never be seen as the Preparation should take the username, look up the user in the Users table, and redirect them to a page in the web app.

Can anyone please provide any guidance here?

Hi Russell Codd,

I would not advise to login in an application only by email. But in case you want to do that, would you consider an alternative, of using a session variable to store the user identification, depending on the use cases would this be enough?

Regards,

Hi Marco,

We wouldn't really just be logging in with email, we would also create a token in a database via a REST API, pass that across to the logging in page, and validate that token to ensure that the user really is who they say they are.

So I already have the user validated against the token, no problem, after we have looked them up using AD on our internal network... but I want to re-use the user from the Users provider and log them into our existing admin site without them having to re-type any credentials.

In essence, starting from our internal network they can click a link and be signed in automatically to the OutSystems web app.

Solution

You can use the System action "Login" to login without credentials: https://success.outsystems.com/Documentation/10/Reference/OutSystems_APIs/System_Actions#Login

But yeah as Marco mentioned, additional validation would be useful security-wise, for example a generated token with an expiry time.

Solution

Hi Shanny, it was a simple as using this action, thank you. I had to add a dependency to the Login action from the (system) module and now the login occurs automatically.