PHP SSO details
There are three modes of SSO: ① Cross-subdomain single-point login ② Complete cross-single-point login ③ Site group sharing identity authentication
The first mode is very simple, you just need to set the cookie domain to the root domain of multiple applications
The second method is also very simple, which is to change the authentication address of the application to the same authentication address, and check whether it is logged in at the authentication center every time. If it is logged in, issue an encryption token to the calling application.
The third type of cross-domain is to jump back and forth to verify the token back and forth.
Configure directory structure
In the server root directory, create three new project directories:
|–/Site root directory/
|–|–/oa/
|–|–/bbs/
|–|–/blog/
Create a new script file in the root directory, the specific content is as follows:
<?php
/**
* Get login token
* @param string $url Get the address of the token
* 2017-01-03T13:08:43+0800
*/
function getToken($url)
{
$bool = isLogin();
if ($bool) {
// If you log in, jump to the homepage of this site header('location: ');
exit();
}
// Otherwise, I haven't logged in, go to another site to see if I log in header('location: '.$url);
}
// Verify that the token is correctfunction yzToken($domain)
{
$url = isset($_GET['url']) ? $_GET['url'] : '';
$username = isset($_GET['username']) ? $_GET['username'] : '';
$token = isset($_GET['token']) ? $_GET['token'] : '';
if (!empty($username) && !empty($token)) {
$salt = 'taoip';
$_token = md5($salt.$username);
// Verify whether the token when a third-party site comes over is correct if ($_token == $token) {
// Set cookies for the redirected website setCook($username, $_token, $domain);
header('location: ');
}
}
}
// Set cookiesfunction setCook($username, $_password, $domain)
{
// Check successfully and log in setcookie('username', $username, time()+3600, '/', $domain);
setcookie('token', $_password, time()+3600, '/', $domain);
header('location: ');
}
// Determine whether to log infunction isLogin()
{
$username = isset($_COOKIE['username']) ? $_COOKIE['username'] : '';
$token = isset($_COOKIE['token']) ? $_COOKIE['token'] : '';
$salt = 'taoip';
$_token = md5($salt.$username);
if ($token == $_token) {
return true;
} else {
return false;
}
}
?>
In the OA project directory, create new and two script files
Edit files
<?php
// OA site
// (1) Enable Session sessionsession_name('taoip');
session_start();
// (2) Get the user name and token for verification$username = isset($_COOKIE['username']) ? $_COOKIE['username'] : '';
$token = isset($_COOKIE['token']) ? $_COOKIE['token'] : '';
$salt = 'taoip';
$_token = md5($salt.$username);
if ($token != $_token) {
header('location: ');
exit();
}
echo "welcome{$username}user,accessOASite";
?>
Edit files
<?php
// OA site login systemrequire '../';
// (2) VerificationyzToken('');
// (1) Determine whether to log in. If you log in, jump to the homepage. If you are not logged in, go to other sites to get tokens.$url = isset($_GET['url']) ? $_GET['url'] : '';
if (empty($url)) {
getToken('/?url=/');
}
// (1) Determine whether the user is logged in$bool = isLogin();
$url = isset($_GET['url']) ? $_GET['url'] : '';
if ($bool) {
if (empty($url)) {
header('location: ');
} else {
$username = isset($_COOKIE['username']) ? $_COOKIE['username'] : '';
$token = isset($_COOKIE['token']) ? $_COOKIE['token'] : '';
$lurl = $url.'?username='.$username.'&token='.$token;
header('location: '.$lurl);
}
}
if (!empty($_POST)) {
$username = isset($_POST['username']) ? $_POST['username'] : '';
$password = isset($_POST['password']) ? $_POST['password'] : '';
// Query user password from the library @$link = mysql_connect('localhost', 'root', '');
mysql_query('use sso', $link);
mysql_query('set names utf8', $link);
$sql = "select * from users where username = '".$username."'";
$user = mysql_fetch_assoc(mysql_query($sql, $link));
// Verification $salt = 'taoip';
$_password = md5($salt.$username);
// var_dump($user['password'] == $_password);
// print_r($user);exit();
if ($user['password'] == $_password) {
// Check successfully and log in setcookie('username', $username, time()+3600, '/', '');
setcookie('token', $_password, time()+3600, '/', '');
// If the URL has no value, redirect to the home page, otherwise redirect to the URL page if (empty($url)) {
header('location: ');
} else {
header('location: '.$lurl);
}
}
}
?>
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="UTF-8">
<meta name="generator" content="Sublime Text 3114">
<meta name="author" content="3@">
<meta name="keywords" content="">
<meta name="description" content="">
<title>OASite login system</title>
</head>
<body>
<div class="container">
<h2>Site login system</h2>
<form action="" method="post">
<label for="">username</label>
<input type="text" name="username">
<br>
<label for="">password</label>
<input type="text" name="password">
<hr>
<button type="submit">submit</button>
</form>
</div>
</body>
</html>
In the bbs project directory, create new and two script files
Edit files
<?php
/**
* @author DengPeng <3@>
* @since 2017/01/03
* @copyright copyright (c) 2017 GPL
* @license /
*/
// BBS site
// (1) Enable Session sessionsession_name('taoip');
session_start();
// (2) Get the user name and token for verification$username = isset($_COOKIE['username']) ? $_COOKIE['username'] : '';
$token = isset($_COOKIE['token']) ? $_COOKIE['token'] : '';
$salt = 'taoip';
$_token = md5($salt.$username);
if ($token != $_token) {
header('location: ');
exit();
}
echo "welcome{$username}user,accessBBSSite";
?>
Edit files
<?php
/**
* @author DengPeng <3@>
* @since 2017/01/03
* @copyright copyright (c) 2017 GPL
* @license /
*/
// BBS site login systemrequire '../';
// (2) VerificationyzToken('');
// (1) Determine whether to log in. If you log in, jump to the homepage. If you are not logged in, go to other sites to get tokens.$url = isset($_GET['url']) ? $_GET['url'] : '';
if (empty($url)) {
getToken('/?url=/');
}
// (1) Determine whether the user is logged in$bool = isLogin();
$url = isset($_GET['url']) ? $_GET['url'] : '';
if ($bool) {
if (empty($url)) {
header('location: ');
} else {
$username = isset($_COOKIE['username']) ? $_COOKIE['username'] : '';
$token = isset($_COOKIE['token']) ? $_COOKIE['token'] : '';
$lurl = $url.'?username='.$username.'&token='.$token;
header('location: '.$lurl);
}
}
if (!empty($_POST)) {
$username = isset($_POST['username']) ? $_POST['username'] : '';
$password = isset($_POST['password']) ? $_POST['password'] : '';
// Query user password from the library @$link = mysql_connect('localhost', 'root', '');
mysql_query('use sso', $link);
mysql_query('set names utf8', $link);
$sql = "select * from users where username = '".$username."'";
$user = mysql_fetch_assoc(mysql_query($sql, $link));
// Verification $salt = 'taoip';
$_password = md5($salt.$username);
// var_dump($user['password'] == $_password);
// print_r($user);exit();
if ($user['password'] == $_password) {
// Check successfully and log in setcookie('username', $username, time()+3600, '/', '');
setcookie('token', $_password, time()+3600, '/', '');
// If the URL has no value, redirect to the home page, otherwise redirect to the URL page if (empty($url)) {
header('location: ');
} else {
header('location: '.$lurl);
}
}
}
?>
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="UTF-8">
<meta name="generator" content="Sublime Text 3114">
<meta name="author" content="3@">
<meta name="keywords" content="">
<meta name="description" content="">
<title>BBSSite login system</title>
</head>
<body>
<div class="container">
<h2>Site login system</h2>
<form action="" method="post">
<label for="">username</label>
<input type="text" name="username">
<br>
<label for="">password</label>
<input type="text" name="password">
<hr>
<button type="submit">submit</button>
</form>
</div>
</body>
</html>
In the blog project directory, create new and two script files
Edit files
<?php
/**
* @author DengPeng <3@>
* @since 2017/01/03
* @copyright copyright (c) 2017 GPL
* @license /
*/
// blog site
// (1) Enable Session sessionsession_name('taoip');
session_start();
// (2) Get the user name and token for verification$username = isset($_COOKIE['username']) ? $_COOKIE['username'] : '';
$token = isset($_COOKIE['token']) ? $_COOKIE['token'] : '';
$salt = 'taoip';
$_token = md5($salt.$username);
if ($token != $_token) {
header('location: ');
exit();
}
echo "welcome{$username}user,accessblogSite";
?>
<?php
/**
* @author DengPeng <3@>
* @since 2017/01/03
* @copyright copyright (c) 2017 GPL
* @license /
*/
// blog site
// (1) Enable Session sessionsession_name('taoip');
session_start();
// (2) Get the user name and token for verification$username = isset($_COOKIE['username']) ? $_COOKIE['username'] : '';
$token = isset($_COOKIE['token']) ? $_COOKIE['token'] : '';
$salt = 'taoip';
$_token = md5($salt.$username);
if ($token != $_token) {
header('location: ');
exit();
}
echo "welcome{$username}user,accessblogSite";
?>
Edit files
<?php
/**
* @author DengPeng <3@>
* @since 2017/01/03
* @copyright copyright (c) 2017 GPL
* @license /
*/
// blog site login systemrequire '../';
// (2) VerificationyzToken('');
// (1) Determine whether to log in. If you log in, jump to the homepage. If you are not logged in, go to other sites to get tokens.$url = isset($_GET['url']) ? $_GET['url'] : '';
if (empty($url)) {
getToken('/?url=/');
}
// (1) Determine whether the user is logged in$bool = isLogin();
$url = isset($_GET['url']) ? $_GET['url'] : '';
if ($bool) {
if (empty($url)) {
header('location: ');
} else {
$username = isset($_COOKIE['username']) ? $_COOKIE['username'] : '';
$token = isset($_COOKIE['token']) ? $_COOKIE['token'] : '';
$lurl = $url.'?username='.$username.'&token='.$token;
header('location: '.$lurl);
}
}
// (3) Determine whether the user submits dataif (!empty($_POST)) {
$username = isset($_POST['username']) ? $_POST['username'] : '';
$password = isset($_POST['password']) ? $_POST['password'] : '';
// Query user password from the library @$link = mysql_connect('localhost', 'root', '');
mysql_query('use sso', $link);
mysql_query('set names utf8', $link);
$sql = "select * from users where username = '".$username."'";
$user = mysql_fetch_assoc(mysql_query($sql, $link));
// Verification $salt = 'taoip';
$_password = md5($salt.$username);
// var_dump($user['password'] == $_password);
// print_r($user);exit();
if ($user['password'] == $_password) {
setCook($username, $_password, '');
if (empty($url)) {
header('location: ');
} else {
header('location: '.$lurl);
}
}
}
?>
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="UTF-8">
<meta name="generator" content="Sublime Text 3114">
<meta name="author" content="3@">
<meta name="keywords" content="">
<meta name="description" content="">
<title>blogSite login system</title>
</head>
<body>
<div class="container">
<h2>Site login system</h2>
<form action="" method="post">
<label for="">username</label>
<input type="text" name="username">
<br>
<label for="">password</label>
<input type="text" name="password">
<hr>
<button type="submit">submit</button>
</form>
</div>
</body>
</html>
Configure the local virtual host
I think everyone should know the specific configuration steps, so I don’t need to elaborate on them one by one. You just need to configure the mapping of the corresponding directories to different domain names according to the reference I gave.
Domain Name / Project Directory /
/oa/
/bbs/
/blog/
Congratulations, a simple SSO system has been completed
After the configuration is complete, remember to restart the web server. Then you only need to access these three different sites to log in to one site, and the other sites no longer send login requests.
Thank you for reading, I hope it can help you. Thank you for your support for this site!