I want to learn how to implement user authentication to a platform, and do so safely for the user data. For example, an online shop that would be accessible from web and from android app,where logins and passwords are stored in MySQL database. As I'm not a cybersecurity expert, i do not feel competent enough to implement a custom solution, so im looking for some sort of library or framework. Unfortunately, i couldn't find a good source of information on anything that is not authenticating users with Facebook/Google using OAuth. Im looking for solution for both app/website and server.
Where can i find more information/what solution could i use?
Easiest way would be to store username and password in hashed form in database. You can hash using algorithms like B-crypt. When user authenticates you can hash the password entered by user and compare it with the already stored hashed password. You can use jwt to generate session tokens.