SSO Single sign-on PHP implementation method (Laravel framework) _php instance

Laravel is a concise, elegant PHP Web development Framework (PHP Web framework). It frees you from the same messy code as noodles, which can help you build a perfect web app, and each line of code can be concise and expressive.

Simply say my logic and I don't know if I understand SSO right.

If three sites a.baidu.com b.baidu.com c.baidu.com

A.baidu.com as authentication user login account.

B and C as clients (subsystems).

B and C need to log in time to jump to a, and carry parameter source indicates the link after landing.

A site is the normal way of landing (check user password), after the success of the verification to do some processing. Need to generate a ticket, concrete how to generate all can, as long as the security can be. and store it in the cache. Here are the questions, which are summarized later. Login successfully after the direct jump to \ (URL on it.)

 ' PHP private function getticketurl (\) source
{
\ ticket = MD5 (time () +key); Cache::p ut (\) ticket, $user,);
$url = $source. ' ticket= '. $ticket;
return $url;
}

If say a station with ticket jump to B station (B.BAIDU.COM?TICKET=XXXXXXXXXXXXXXXX ' ")

B Station to do a global filter, accept this ticket and then request a station to verify that ticket is a generated.

B Station filter App\http\middleware\casauthenticate code, here to determine whether there are ticket and send requests to a station checksum. If it is logged in, then get the user UID for landing.

Public function handle ($request, Closure $next)
{
$ticket = $request->input (' ticket ');
if ($ticket) {
$result = Json_decode (' http://a.baidu.com '). '/auth/check-ticket?ticket= '. $ticket), true);
if ($result [' state '] = = "SUCCESS") {
$request->session ()->flush ();
Auth::loginusingid ($result [' Result '] [' uid ']);
Return Redirect (redirect ()->geturlgenerator ()->current ());
}
Return $next ($request);

The logic is complete, but there are a few questions.

1. This realization, I do not know whether it is right, which I wrote according to the principle.

2. If B station now jumps to C station, because B station active more frequently, the session has been in, and a station cache time is very likely has expired, at this time from the B station jump to C station, C station jump to a station to judge Landing, the results found to have been ineffective, or landing. So this is a problem, because our business module correlation is bad, will not jump randomly, so temporarily do not consider such a problem. But this is really one of my problems. I didn't think clearly.

About SSO single sign-on PHP implementation method (Laravel framework), small series to introduce so many people, I hope to help you!