PHP programming SSO details and simple examples

This article mainly introduces PHP programming SSO details and simple instance-related information. Here we introduce three modes of cross-subdomain single-point login, full cross-single-point domain login, and station group shared identity authentication, for more information, see php sso.

SSO has three modes: ① cross-subdomain single-point login ② full cross-point domain login ③ site group shared identity authentication

The first mode is simple. you only need to set the Cookie domain to the root domain of multiple applications.

The second method is to change the authentication address of the application to the same authentication address. check whether the application is logged on to the authentication center each time. if yes, send an encryption token to the calling application.

The third type of cross-origin is to jump back and forth to verify that the token is slightly troublesome.

Configure directory structure

Create three new project directories under the root directory of the server:

|-/Website root directory/
|-/Oa/
|-/Bbs/
|-/Blog/

Create the functions. PHP script file in the root directory. the specific content is as follows:

Under the oa project directory, create two script files: index. php and login. php.

Edit the index. php file

Edit the login. php file

    
   
   
   
   
   OA site login system  
Oa.taoip.cn site logon system

Create the index. php and login. php scripts under the bbs project directory.

Edit the index. php file

 * @ Since * @ copyright (c) 2017 zixue. it GPL * @ license http://www.zixue.it/* // BBS site // (1) enable Session session_name ('taoip'); session_start (); // (2) get the username and token for verification $ username = isset ($ _ COOKIE ['username'])? $ _ COOKIE ['username']: ''; $ token = isset ($ _ COOKIE ['token'])? $ _ COOKIE ['token']: ''; $ salt = 'taoip'; $ _ token = md5 ($ salt. $ username); if ($ token! =$ _ Token) {header ('Location: login. php'); exit ();} echo "Welcome to the {$ username} user to visit the BBS site";?>

Edit the login. php file

 * @ Since * @ copyright (c) 2017 zixue. it GPL * @ license http://www.zixue.it/ * /// BBS site login system require '.. /functions. php '; // (2) verify yzToken ('taoip. cn '); // (1) determines whether to log on to the homepage, if you are not logged on, go to another site to GET the token $ url = isset ($ _ GET ['URL'])? $ _ GET ['URL']: ''; if (empty ($ url) {getToken (' http://dengpeng.cc/login.php?url=http://bbs.taoip.cn/login.php ');} // (1) determine if the user logs on to $ bool = isLogin (); $ url = isset ($ _ GET ['URL'])? $ _ GET ['URL']: ''; if ($ bool) {if (empty ($ url) {header ('Location: index. php ');} else {$ username = isset ($ _ COOKIE ['username'])? $ _ COOKIE ['username']: ''; $ token = isset ($ _ COOKIE ['token'])? $ _ COOKIE ['token']: ''; $ lurl = $ url .'? Username = '. $ username.' & token = '. $ token; header ('Location:'. $ lurl) ;}} if (! Empty ($ _ POST) {$ username = isset ($ _ POST ['username'])? $ _ POST ['username']: ''; $ password = isset ($ _ POST ['password'])? $ _ POST ['password']: ''; // query the user password from the database @ $ link = mysql_connect ('localhost', 'root ',''); mysql_query ('use sso ', $ link); mysql_query ('set names utf8', $ link); $ SQL = "select * from users where username = '". $ username. "'"; $ user = mysql_fetch_assoc (mysql_query ($ SQL, $ link); // Check $ salt = 'taoip'; $ _ password = md5 ($ salt. $ username); // var_dump ($ user ['password'] == _ password); // print_r ($ user); exit (); If ($ user ['password'] == _ password) {// Check successful, start logging on to setcookie ('username', $ username, time () + 3600, '/', 'taoip. cn '); setcookie ('token', $ _ password, time () + 3600,'/', 'taoip. cn '); // if the URL has no value, it will be redirected to the homepage. Otherwise, it will be redirected to the URL page if (empty ($ url) {header ('Location: index. php ');} else {header ('Location :'. $ lurl) ;}}}?>  
   
   
   
   
   BBS site logon system  
Bbs.taoip.cn site logon system

Under the blog project directory, create two script files: index. php and login. php.

Edit the index. php file

 * @ Since * @ copyright (c) 2017 zixue. it GPL * @ license http://www.zixue.it/* // blog site // (1) enable Session session_name ('taoip'); session_start (); // (2) get the username and token for verification $ username = isset ($ _ COOKIE ['username'])? $ _ COOKIE ['username']: ''; $ token = isset ($ _ COOKIE ['token'])? $ _ COOKIE ['token']: ''; $ salt = 'taoip'; $ _ token = md5 ($ salt. $ username); if ($ token! =$ _ Token) {header ('Location: login. php'); exit ();} echo "Welcome to the {$ username} user and visit the blog site";?>
 * @ Since * @ copyright (c) 2017 zixue. it GPL * @ license http://www.zixue.it/* // blog site // (1) enable Session session_name ('taoip'); session_start (); // (2) get the username and token for verification $ username = isset ($ _ COOKIE ['username'])? $ _ COOKIE ['username']: ''; $ token = isset ($ _ COOKIE ['token'])? $ _ COOKIE ['token']: ''; $ salt = 'taoip'; $ _ token = md5 ($ salt. $ username); if ($ token! =$ _ Token) {header ('Location: login. php'); exit ();} echo "Welcome to the {$ username} user and visit the blog site";?>

Edit the login. php file

 * @ Since * @ copyright (c) 2017 zixue. it GPL * @ license http://www.zixue.it/ * /// Log on to the system require on the blog site '.. /functions. php '; // (2) verify yzToken ('dengpeng. CC'); // (1) determine whether to log on. if you log on, you will be redirected to the homepage, if you are not logged on, go to another site to GET the token $ url = isset ($ _ GET ['URL'])? $ _ GET ['URL']: ''; if (empty ($ url) {getToken (' http://oa.taoip.cn/login.php?url=http://dengpeng.cc/login.php ');} // (1) determine if the user logs on to $ bool = isLogin (); $ url = isset ($ _ GET ['URL'])? $ _ GET ['URL']: ''; if ($ bool) {if (empty ($ url) {header ('Location: index. php ');} else {$ username = isset ($ _ COOKIE ['username'])? $ _ COOKIE ['username']: ''; $ token = isset ($ _ COOKIE ['token'])? $ _ COOKIE ['token']: ''; $ lurl = $ url .'? Username = '. $ username. '& token = '. $ token; header ('Location :'. $ lurl) ;}/// (3) determine whether the user has submitted data if (! Empty ($ _ POST) {$ username = isset ($ _ POST ['username'])? $ _ POST ['username']: ''; $ password = isset ($ _ POST ['password'])? $ _ POST ['password']: ''; // query the user password from the database @ $ link = mysql_connect ('localhost', 'root ',''); mysql_query ('use sso ', $ link); mysql_query ('set names utf8', $ link); $ SQL = "select * from users where username = '". $ username. "'"; $ user = mysql_fetch_assoc (mysql_query ($ SQL, $ link); // Check $ salt = 'taoip'; $ _ password = md5 ($ salt. $ username); // var_dump ($ user ['password'] == _ password); // print_r ($ user); exit (); If ($ user ['password'] == _ password) {setCook ($ username, $ _ password, 'dengpeng. cc '); if (empty ($ url) {header ('Location: index. php ');} else {header ('Location :'. $ lurl) ;}}}?>  
   
   
   
   
   Blog site logon system  
Dengpeng. cc site logon system

Configure local VM

For specific configuration steps, I think everyone should have done it. I don't need to repeat it one by one. you just need to configure the ing with the corresponding directories of different domain names according to the reference given by me.

Domain name/project directory/
Oa.taoip.cn/oa/
Bbs.taoip.cn/bbs/
Dengpeng. cc/blog/

Congratulations, you have completed a simple SSO system

After the configuration is complete, remember to restart the Web server. then you only need to visit these three different sites to achieve one site login, other sites no longer send login requests.

Thank you for reading this article. I hope it will help you. thank you for your support for this site!

For more PHP programming SSO details and simple instance related articles, please follow the PHP Chinese network!