Assuming it's not something completely custom then it might help to tell us what your application is?
Yes - you really want to be using Moodle's authentication "inside" Moodle. There are several ways you *could* do this. Here's one suggestion - use Moodle's web service authentication. You just need to set up a "dummy" service (or just enable Moodle mobile) and allow users to create tokens. Authentication then becomes as simple as sending a URL to Moodle's login/token.php with the username and password. If you get a token back then they must be a valid user.
See... https://docs.moodle.org/dev/Creating_a_web_service_client#How_to_get_a_user_token