PHP programming SSO detailed introduction and simple examples, php programming sso detailed introduction
Php sso details
SSO has three modes: ① Cross-subdomain single-point login ② full cross-point domain login ③ site group shared identity authentication
The first mode is simple. You only need to set the Cookie domain to the root domain of multiple applications.
The second method is to change the authentication address of the application to the same authentication address. Check whether the application is logged on to the authentication center each time. If yes, send an encryption token to the calling application.
The third type of cross-origin is to jump back and forth to verify that the token is slightly troublesome.
Configure directory structure
Create three new project directories under the root directory of the server:
|-/Website root directory/
|-/Oa/
|-/Bbs/
|-/Blog/
Create the functions. PHP script file in the root directory. The specific content is as follows:
<? Php/*** get login token * @ param string $ url get token address * 2017-01-03T13: 08: 43 + 0800 */function getToken ($ url) {$ bool = isLogin (); if ($ bool) {// if you log on to the header ('location: index. php '); exit () ;}// otherwise, you will not be logged in. Go to another site to check whether the header ('location :'. $ url) ;}// check whether the token is correct function yzToken ($ domain) {$ url = isset ($ _ GET ['url'])? $ _ GET ['url']: ''; $ username = isset ($ _ GET ['username'])? $ _ GET ['username']: ''; $ token = isset ($ _ GET ['Token'])? $ _ GET ['Token']: ''; if (! Empty ($ username )&&! Empty ($ token) {$ salt = 'taoip'; $ _ token = md5 ($ salt. $ username); // check whether the token is correct when a third-party site comes over. if ($ _ token ==$ token) {// set the Cookie setCook ($ username, $ _ token, $ domain); header ('location: index. php ') ;}}// set cookiefunction setCook ($ username, $ _ password, $ domain) {// The verification is successful. log on to setcookie ('username', $ username, time () + 3600, '/', $ domain); setcookie ('Token', $ _ password, time () + 3600, '/', $ domain ); Header ('location: index. php');} // determine whether to log on to function isLogin () {$ username = isset ($ _ COOKIE ['username'])? $ _ COOKIE ['username']: ''; $ token = isset ($ _ COOKIE ['Token'])? $ _ COOKIE ['Token']: ''; $ salt = 'taoip'; $ _ token = md5 ($ salt. $ username); if ($ token ==$ _ token) {return true;} else {return false ;}}?>
Under the oa project directory, create two script files: index. php and login. php.
Edit the index. php file
<? Php // OA site // (1) enable Session session_name ('taoip'); session_start (); // (2) get the username and token for verification $ username = isset ($ _ COOKIE ['username'])? $ _ COOKIE ['username']: ''; $ token = isset ($ _ COOKIE ['Token'])? $ _ COOKIE ['Token']: ''; $ salt = 'taoip'; $ _ token = md5 ($ salt. $ username); if ($ token! =$ _ Token) {header ('location: login. php'); exit ();} echo "welcome to the {$ username} user to visit the OA site";?>
Edit the login. php file
<? Php // OA site login system require '.. /functions. php '; // (2) Verify yzToken ('taoip. cn '); // (1) determines whether to log on to the homepage, if you are not logged on, go to another site to GET the token $ url = isset ($ _ GET ['url'])? $ _ GET ['url']: ''; if (empty ($ url) {getToken ('HTTP: // dengpeng. cc/login. php? Url = http://oa.taoip.cn/login.php');} // (1) determine whether a user logs on to $ bool = isLogin (); $ url = isset ($ _ GET ['url'])? $ _ GET ['url']: ''; if ($ bool) {if (empty ($ url) {header ('location: index. php ');} else {$ username = isset ($ _ COOKIE ['username'])? $ _ COOKIE ['username']: ''; $ token = isset ($ _ COOKIE ['Token'])? $ _ COOKIE ['Token']: ''; $ lurl = $ url .'? Username = '. $ username.' & token = '. $ token; header ('location:'. $ lurl) ;}} if (! Empty ($ _ POST) {$ username = isset ($ _ POST ['username'])? $ _ POST ['username']: ''; $ password = isset ($ _ POST ['Password'])? $ _ POST ['Password']: ''; // query the user password from the Database @ $ link = mysql_connect ('localhost', 'root ',''); mysql_query ('use sso ', $ link); mysql_query ('set names utf8', $ link); $ SQL = "select * from users where username = '". $ username. "'"; $ user = mysql_fetch_assoc (mysql_query ($ SQL, $ link); // check $ salt = 'taoip'; $ _ password = md5 ($ salt. $ username); // var_dump ($ user ['Password'] == _ password); // print_r ($ user); exit (); If ($ user ['Password'] == _ password) {// check successful, start logging on to setcookie ('username', $ username, time () + 3600, '/', 'taoip. cn '); setcookie ('Token', $ _ password, time () + 3600,'/', 'taoip. cn '); // if the URL has no value, it will be redirected to the homepage. Otherwise, it will be redirected to the URL page if (empty ($ url) {header ('location: index. php ');} else {header ('location :'. $ lurl) ;}}}?> <! DOCTYPE html>
Create the index. php and login. php scripts under the bbs project directory.
Edit the index. php file
<? Php/*** @ author DengPeng <3@dengpeng.cc> * @ since * @ copyright (c) 2017 zixue. it GPL * @ license http://www.zixue.it/* // BBS site // (1) enable Session session_name ('taoip'); session_start (); // (2) get the username and token for verification $ username = isset ($ _ COOKIE ['username'])? $ _ COOKIE ['username']: ''; $ token = isset ($ _ COOKIE ['Token'])? $ _ COOKIE ['Token']: ''; $ salt = 'taoip'; $ _ token = md5 ($ salt. $ username); if ($ token! =$ _ Token) {header ('location: login. php'); exit ();} echo "welcome to the {$ username} user to visit the BBS site";?>
Edit the login. php file
<? Php/*** @ author DengPeng <3@dengpeng.cc> * @ since * @ copyright (c) 2017 zixue. it GPL * @ license http://www.zixue.it/* // BBS site login system require '.. /functions. php '; // (2) Verify yzToken ('taoip. cn '); // (1) determines whether to log on to the homepage, if you are not logged on, go to another site to GET the token $ url = isset ($ _ GET ['url'])? $ _ GET ['url']: ''; if (empty ($ url) {getToken ('HTTP: // dengpeng. cc/login. php? Url = http://bbs.taoip.cn/login.php');} // (1) determine whether a user logs on to $ bool = isLogin (); $ url = isset ($ _ GET ['url'])? $ _ GET ['url']: ''; if ($ bool) {if (empty ($ url) {header ('location: index. php ');} else {$ username = isset ($ _ COOKIE ['username'])? $ _ COOKIE ['username']: ''; $ token = isset ($ _ COOKIE ['Token'])? $ _ COOKIE ['Token']: ''; $ lurl = $ url .'? Username = '. $ username.' & token = '. $ token; header ('location:'. $ lurl) ;}} if (! Empty ($ _ POST) {$ username = isset ($ _ POST ['username'])? $ _ POST ['username']: ''; $ password = isset ($ _ POST ['Password'])? $ _ POST ['Password']: ''; // query the user password from the Database @ $ link = mysql_connect ('localhost', 'root ',''); mysql_query ('use sso ', $ link); mysql_query ('set names utf8', $ link); $ SQL = "select * from users where username = '". $ username. "'"; $ user = mysql_fetch_assoc (mysql_query ($ SQL, $ link); // check $ salt = 'taoip'; $ _ password = md5 ($ salt. $ username); // var_dump ($ user ['Password'] == _ password); // print_r ($ user); exit (); If ($ user ['Password'] == _ password) {// check successful, start logging on to setcookie ('username', $ username, time () + 3600, '/', 'taoip. cn '); setcookie ('Token', $ _ password, time () + 3600,'/', 'taoip. cn '); // if the URL has no value, it will be redirected to the homepage. Otherwise, it will be redirected to the URL page if (empty ($ url) {header ('location: index. php ');} else {header ('location :'. $ lurl) ;}}}?> <! DOCTYPE html>
Under the blog project directory, create two script files: index. php and login. php.
Edit the index. php file
<? Php/*** @ author DengPeng <3@dengpeng.cc> * @ since * @ copyright (c) 2017 zixue. it GPL * @ license http://www.zixue.it/* // blog site // (1) enable Session session_name ('taoip'); session_start (); // (2) get the username and token for verification $ username = isset ($ _ COOKIE ['username'])? $ _ COOKIE ['username']: ''; $ token = isset ($ _ COOKIE ['Token'])? $ _ COOKIE ['Token']: ''; $ salt = 'taoip'; $ _ token = md5 ($ salt. $ username); if ($ token! =$ _ Token) {header ('location: login. php'); exit ();} echo "welcome to the {$ username} user and visit the blog site";?> <? Php/*** @ author DengPeng <3@dengpeng.cc> * @ since * @ copyright (c) 2017 zixue. it GPL * @ license http://www.zixue.it/* // blog site // (1) enable Session session_name ('taoip'); session_start (); // (2) get the username and token for verification $ username = isset ($ _ COOKIE ['username'])? $ _ COOKIE ['username']: ''; $ token = isset ($ _ COOKIE ['Token'])? $ _ COOKIE ['Token']: ''; $ salt = 'taoip'; $ _ token = md5 ($ salt. $ username); if ($ token! =$ _ Token) {header ('location: login. php'); exit ();} echo "welcome to the {$ username} user and visit the blog site";?>
Edit the login. php file
<? Php/*** @ author DengPeng <3@dengpeng.cc> * @ since * @ copyright (c) 2017 zixue. it GPL * @ license http://www.zixue.it/* // blog site login system require '.. /functions. php '; // (2) Verify yzToken ('dengpeng. CC'); // (1) determine whether to log on. If you log on, you will be redirected to the homepage, if you are not logged on, go to another site to GET the token $ url = isset ($ _ GET ['url'])? $ _ GET ['url']: ''; if (empty ($ url) {getToken ('HTTP: // oa.taoip.cn/login.php? Url = http://dengpeng.cc/login.php');} // (1) determine whether a user logs on to $ bool = isLogin (); $ url = isset ($ _ GET ['url'])? $ _ GET ['url']: ''; if ($ bool) {if (empty ($ url) {header ('location: index. php ');} else {$ username = isset ($ _ COOKIE ['username'])? $ _ COOKIE ['username']: ''; $ token = isset ($ _ COOKIE ['Token'])? $ _ COOKIE ['Token']: ''; $ lurl = $ url .'? Username = '. $ username. '& token = '. $ token; header ('location :'. $ lurl) ;}/// (3) Determine whether the user has submitted data if (! Empty ($ _ POST) {$ username = isset ($ _ POST ['username'])? $ _ POST ['username']: ''; $ password = isset ($ _ POST ['Password'])? $ _ POST ['Password']: ''; // query the user password from the Database @ $ link = mysql_connect ('localhost', 'root ',''); mysql_query ('use sso ', $ link); mysql_query ('set names utf8', $ link); $ SQL = "select * from users where username = '". $ username. "'"; $ user = mysql_fetch_assoc (mysql_query ($ SQL, $ link); // check $ salt = 'taoip'; $ _ password = md5 ($ salt. $ username); // var_dump ($ user ['Password'] == _ password); // print_r ($ user); exit (); If ($ user ['Password'] == _ password) {setCook ($ username, $ _ password, 'dengpeng. cc '); if (empty ($ url) {header ('location: index. php ');} else {header ('location :'. $ lurl) ;}}}?> <! DOCTYPE html>
Configure local VM
For specific configuration steps, I think everyone should have done it. I don't need to repeat it one by one. You just need to configure the ing with the corresponding directories of different domain names according to the reference given by me.
Domain name/project directory/
Oa.taoip.cn/oa/
Bbs.taoip.cn/bbs/
Dengpeng. cc/blog/
Congratulations, you have completed a simple SSO System
After the configuration is complete, remember to restart the Web server. Then you only need to visit these three different sites to achieve one site login, other sites no longer send login requests.
Thank you for reading this article. I hope it will help you. Thank you for your support for this site!