Example of implementing multi-domain name cross-domain logon using php + ajax (based on P3P)

Source: Internet
Author: User
Tags sessions setcookie in domain to domain

The synchronous login requirement must meet the following three key points:
1) users logging on to domain A can perform synchronous login when they jump to domain B;
2) click the exit link under domain A under domain B to exit both domain A and domain B.
3) When A user directly accesses domain B, the user can automatically determine whether there is A user login under domain A. If so, the user under domain B can log on synchronously.
First, we can solve the problem of synchronous login and logout across domains. We have the following feasible solutions:
1) Two domain shared SESSION servers, that is, the unified memory server. In this way, the sessionids in the two domains will be the same and will automatically and seamlessly implement synchronous login and logout;
However, this solution requires additional hardware investment and technical personnel who are familiar with the deployment.
2) pass sessionid through url
3) obtain the cross-origin SESSION through the P3P protocol
In order to solve this problem, I have obtained various materials and developed a set of solutions to share with you the following key points:
1) when you log on to the website under domain A, ajax requests the js script file in domain B to write the COOKIE and SESSION in domain B, implement logon in domain B;
2) when A user exits under domain A and accesses A website under domain A, ajax requests the js script file under domain B (different from the login parameter ), clears cookies and sessions in domain B to log out in domain B;
3) When A user directly accesses A webpage in domain B, the user requests A script in domain A to determine whether A logon exists in domain A. If yes, then, the COOKIE and SESSION are assigned to the webpage of the current domain, and the current domain is implemented through ajax.
COOKIE and SESSION write.
I set domain name a to domain name A, and domain name B to domain name B.
The following code is used:

The code is as follows: Copy code

############ ApiController. php #################
/*
* Set the cookie and session in the bstv domain based on the cookie information of the current domain (domain name).
* If it is null, it will be cleared.
**/
Function setckAction (){
$ Clr = $ this-> _ request-> getParam ("clr ");
$ Bts_user = ($ clr )? '': Urlencode ($ _ COOKIE ['ts _ LOGGED_USER ']);
$ This-> view-> assign ("bts_user", $ bts_user );
 }
 
/*
* The cookie and session of the current domain (a domain name) are obtained under the bstv domain.
* Return the result as a script variable to the bstv browser.
**/
Function getckAction (){
Header ('p3p: CP = "CURa ADMa DEVa PSAo PSDo our bus uni pur int dem sta pre com nav otc noi dsp cor "');
Echo 'Var ck = "'. $ _ COOKIE ['ots _ LOGGED_USER']. '";';
Echo 'Var sess = "'. $ _ SESSION ['user'] ['uid'].'"; ';
Exit ();
 }
############ A domain name index. php #################
##### Specify index. php as the page returned by logon by default
<Script src = "http://www. B domain name/api/setck? Bts_user = {$ bts_user} "> </script>
############ B domain name api. php #################
 
/*
* Display the cookie and SESSION in domain
* Assign values to js variables
* Js writes cookies and sessions through ajax: If domain a has exited, bstv will exit.
**/
Function getbtsck (){
Include $ this-> template-> getfile ('api/getbtsck ');
 }
 
/*
* Set cookies and sessions in the bstv domain in domain
* If it is null, it will be cleared.
**/
Function setck (){
Header ('p3p: CP = "CURa ADMa DEVa PSAo PSDo our bus uni pur int dem sta pre com nav otc noi dsp cor "');
 
$ Bts_user = trim ($ _ GET ['BTS _ user']);
If (! Empty ($ bts_user )){
Setcookie ("bts_LOGGED_USER", urldecode ($ bts_user), time () + 3600*24*365, "/", ". B domain name ");
$ This-> cookieLoginLocal (urldecode ($ bts_user ));
} Else {
Setcookie ("bts_LOGGED_USER", $ bts_user, '-1', "/", ". B domain name ");
Unset ($ _ SESSION ['uid']);
  }
 }
 
Function setsession (){
$ Bts_user = trim ($ _ POST ['BTS _ user']);
If (! Empty ($ bts_user) & empty ($ _ SESSION ['uid']) {
Setcookie ("bts_LOGGED_USER", urldecode ($ bts_user), time () + 3600*24*365, "/", ". B domain name ");
$ This-> cookieLoginLocal (urldecode ($ bts_user ));
} Else {
Echo 'uunset ';
Setcookie ("bts_LOGGED_USER", $ bts_user, '-1', "/", ". B domain name ");
// Unset ($ _ SESSION ['uid']);
  }
 }
 
Function cookieLoginLocal ($ cookieId ){
$ CookieId = explode ('.', base64_decode ($ cookieId ));
If ($ cookieId [0]! = 'Baitianshi '| empty ($ cookieId [1]) {
Return false;
} Else {
Return $ this-> loginLocal ($ cookieId [1], false, 1 );
  }
 }
 
Function loginLocal ($ uid, $ password = false, $ isuid = 0 ){
$ _ SESSION ['uid'] = $ uid;
Return 1;
 }

############ B domain name getbtsck.html #################
<! DOCTYPE html PUBLIC "-// W3C // dtd xhtml 1.0 Transitional // EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<Html xmlns = "http://www.w3.org/1999/xhtml" xml: lang = "en">
<Head>
<Meta http-equiv = "Content-Type" content = "text/html; charset = UTF-8"/>
<Title> synchronous login </title>
<Script src = "/js/jquery-1.8.1.min.js" type = "text/javascript"> </script>
<Script src = "/api/getck"> </script>
<Script language = "javascript">
Function setck (bts_user ){
$. Post ("/api/setsession", {bts_user: bts_user}, function (re ){});}
Setck (ck );
</Script>
</Head>
<Body>
</Body>
</Html>

There are still deficiencies in this solution:
When you directly access domain B, you need to load this page once before you can determine whether to log on in domain A and write it to the SESSION of the current domain (domain B).

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.