I think you are asking about too things.
For logging into the switch, you will need to configure radius or tacacs.
That means setting up a radius server, and configure that part and then configure the switch to ask radius for credentials.
NB: Remember to have a local user as fallback and setup the switch for local fallback - minimally for debugging, but it is a good idea in generel.
On the other part, you would need to configure network access control.