I have just published a video about how to create a minimalistic SSO/JWT authentication/authorisation HTTP REST Web API. Below you can find the video, and further down you can find the code for the POST REST endpoint to make sure you cryptographically hash your users’ passwords. Make sure you download at least version 4.7 of Magic, which can be done here.
.arguments username:string password:string auth.verify-ticket:root crypto.password.hash:x:@.arguments/*/password add:x:./*/signal/*/values get-nodes:x:@.arguments/*/username unwrap:x:+/*/values/*/password signal:magic.db.mysql.create database:magic_auth table:users values password:x:@crypto.password.hash return-nodes:x:@signal/*