Principle analysis of Single sign-on Ucenter

Principle analysis of Single sign-on Ucenter

First, let's get to the next Ucenter login step

1, the user login discuz, through the logging.php file function Uc_user_login to post data verification, that is, username and password to verify.


2. If the validation succeeds, the function uc_user_synlogin in the client.php file under Uc_client will be called, in which uc_api_post (' user ', ' synlogin ', Array (' uid ' = > $uid)).


3. The function then passes the data to the Ucenter index.php, index.php accepts the transmitted data and obtains the value of the model User,action as Synlogin.


4, then ucenter the index.php call the control directory under the User.php class Onsynlogin method, through the Foreach loop, in JavaScript to notify the UC app list to open the Sync login app to log in synchronously , which is passed to uc.php some data in the API of each application directory by Get method.


5, uc.php receive notification and processing get over the data, and in the function Synlogin (in uc.php) through the function _authcode encrypt the data (by default, Uc_key as the key), with the function _setcookie set the cookie.


6, each application uses the corresponding key to decode the cookie set above, to obtain the user ID and other data; This value is used to determine whether the user has been logged in through other applications, allowing users to log on automatically.


Application logging.php------>uc_client in client.php------>ucenter------> Applications api/uc.php


In fact, ucenter implementation of the principle of synchronous landing is a cookie, a successful application after landing, to Ucenter pass data, let Ucenter notify other applications also set cookies, so that users access to other applications through the set of cookies to achieve automatic landing. Understand the principle of ucenter synchronization, and then encountered the inability to log in, or develop some interface with the Ucenter will be much easier.

Approximate steps first we need to install Ucenter and then copy the Uc_client folder into our own project and then configure several files

client.php equivalent to a library of functions

uc.php equivalent to callback file

There is also a config.inc.php is a configuration file

When you have 2 apps that are set up for sync login when you log in to an app and then execute

Include './config.inc.php ';   Include './uc_client/client.php ';   $usernames = "Feiye";   $passwords = "789123";   List ($uid, $username, $password, $email) = Uc_user_login ($usernames, $passwords), if ($uid > 0) {    Setcookie (" Username ", $username, Time () +intval (24*3600)), Echo Uc_user_synlogin ($UID); Echo ' login successful ';} ElseIf ($uid = =-1) {echo ' user does not exist, or is deleted ';} elseif ($uid = = 2) {echo ' Password wrong ';} else {echo ' undefined ';}

Uc_user_synlogin () This function represents a synchronous login to all other functions that enable simultaneous login. UC itself will be in the background to all the applications that enable synchronization to loop through and then output on the page

Similar to this kind of JS code is sent to each application to open the sync login and then each open the sync login application callback file uc.php after the acceptance will be decrypted and decrypted after you can actually write your own code this uc.php callback file code does not have to follow their format to write you can also self- Write your own code, for example, I'm doing a synchronous landing based on the session.

function Synlogin ($get, $post) {$uid = $get [' uid ']; $username = $get [' username '];if (! Api_synlogin) {return api_return_forbidden;} Header (' p3p:cp= ' CURa ADMa DEVa Psao psdo our BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR "'); Setcookie (' Gwyy ', $use Rname,time () +3600, '/', ' 127.0.0.71 '), _setcookie (' Example_auth ', _authcode ($uid. " \ t ". $username, ' ENCODE '); $_session[' username ') = $username; $_session[' uid ']      = $uid;} function Synlogout ($get, $post) {if (! Api_synlogout) {return api_return_forbidden;} Note Sync Logout API header (' p3p:cp= ' CURa ADMa DEVa Psao psdo our BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR "'); _se Tcookie (' Example_auth ', ' ', -86400 * 365); unset ($_session[' username ']); unset ($_session[' uid ')); Session_destroy ();}

This will automatically log on when the user refreshes another app page.

Note If you add an app in UC and the communication is not successful then the reason is simply not finding you http://xxxx/api/uc.php this file as long as there is this file in that communication will certainly succeed

In fact, the principle of UC is very simple is an application login and then the background polling sent to the sync login application callback file callback file received the user ID after generating a cookie or session and then into the login mode.

