The way I’m thinking about doing the login part of this in my projects is:
-
before login the user requests a
login_tokenfrom the server. These are generated and stored on the server on request, and probably have a limited lifetime. -
to login the application calculates the hash of the users password, then hashes the password with the
login_tokento get a value, they then return both thelogin_tokenand the combined hash. -
The server checks the
login_tokenis one that it has generated, removing it from its list of validlogin_tokens. The server then combines its stored hash of the user’s password with thelogin_tokenand ensures that it matches the submitted combined token. If it matches you have authenticated your user.
Advantages of this are that you never store the user’s password on the server, the password is never passed in the clear, the password hash is only passed in the clear on account creation (though there may be ways around this), and it should be safe from replay attacks as the login_token is removed from the DB on use.