External Login with RFID - Possible Approaches

Hi all,
I’m trying to setup a Jira (and confluence) system, so that login can be done both normally, but also at a “kiosk”, using a RFID card associated to a user.

What would be the best way to authenticate the kiosk’s browser from the RFID reading app?
I’d say that OAuth is not useful as it allows requests from the app itself to be authenticated but would not authenticate the user in the browser sessions.

Would the best way be to go with a “middleware” plugin, which, given an identifier from the desktop app, check it in Jira database and either grant or deny access?
Which plugin type would that be?

Thanks in advance