store username and password in DB then use to access different service

Question

I am building a web service that will allow the user to login and then it will download all there timetable data from another site (Which I don't own). I want to only need them to enter there username and password once to login to my service then to use it again to login to the next. I need to store there downloaded data against there user details, but I know I have to hash the password for security reasons in the DB so how can I use this to login to the second service. I though of unhashing but that defeats the whole point of hashing in the first place.

The reason I want to do this is so that the timetabe can then be downloaded to an android app so it can be viewed when there is no data connection.

Any Ideas would be helpful.

Answer 1

if those services gives you a "Token" after you login , you can store that in your database to access again to those services, so when the user logged on your webservice , before hash their information you can use it to login to the others services, and then store their "Token"

this approach only works if they give you something like a token after login, if they dont, i think you will need store the login information as it is , and at least encode on base64, that is not that secure but not that obvious

other idea is maybe create a separate database with only the login information and can be access only with their login (hashed) , but that means you need to create an user on your database and grant access only to that specific DB ,read-only

im sure there are more solutions, but hope that it can be helpful