Home > Backend Development > PHP Tutorial > PHP programming SSO detailed introduction and examples

PHP programming SSO detailed introduction and examples

墨辰丷
Release: 2023-03-28 08:22:02
Original
1672 people have browsed it

This article mainly introduces the detailed introduction of PHP programming SSO and the relevant information of simple examples. Here we introduce the three modes of cross-subdomain single sign-in, complete cross-single point domain sign-in, and station group shared identity authentication. Friends in need You can refer to the following

PHP SSO detailed explanation

SSO has three modes: ① Cross-subdomain single point login ② Complete cross-single point domain login ③ Station group shared identity authentication

The first mode is very simple, you only need to set the cookie domain to the root domain of multiple applications

The second mode The second method is also very simple, which is to change the authentication addresses of all applications to the same authentication address, and check whether you log in at the certification center each time. If you log in, issue an encrypted token to the calling application

The third type of cross-domain is that it is slightly troublesome to jump back and forth to verify the token.

Configure the directory structure

In the server root directory, create three new ones Project directory:

|–/website root directory/
|–|–/oa/
|–|–/bbs/
|–|–/blog/

Create a new functions.PHP script file in the root directory. The specific content is as follows:

<?php

/**
 * 获取登陆token
 * @param string $url 获取token的地址
 * 2017-01-03T13:08:43+0800
 */
function getToken($url)
{
  $bool = isLogin();
  if ($bool) {
    // 如果登陆了跳转到本站首页
    header(&#39;location: index.php&#39;);
    exit();
  }

  // 否则没有登陆,去另一个站点看是否登陆
  header(&#39;location: &#39;.$url);
}

// 校验令牌是否正确
function yzToken($domain)
{
  $url = isset($_GET[&#39;url&#39;]) ? $_GET[&#39;url&#39;] : &#39;&#39;;
  $username = isset($_GET[&#39;username&#39;]) ? $_GET[&#39;username&#39;] : &#39;&#39;;
  $token = isset($_GET[&#39;token&#39;]) ? $_GET[&#39;token&#39;] : &#39;&#39;;


  if (!empty($username) && !empty($token)) {
    $salt = &#39;taoip&#39;;
    $_token = md5($salt.$username);
    // 校验第三方站点过来时的token是否正确
    if ($_token == $token) {
      // 设置跳转过来的网站的Cookie
      setCook($username, $_token, $domain);
      header(&#39;location: index.php&#39;);
    }
  }

}

// 设置cookie
function setCook($username, $_password, $domain)
{
  // 校验成功,开始登陆
  setcookie(&#39;username&#39;, $username, time()+3600, &#39;/&#39;, $domain);
  setcookie(&#39;token&#39;, $_password, time()+3600, &#39;/&#39;, $domain);
  header(&#39;location: index.php&#39;);
}

// 判断是否登陆
function isLogin()
{
  $username = isset($_COOKIE[&#39;username&#39;]) ? $_COOKIE[&#39;username&#39;] : &#39;&#39;;
  $token = isset($_COOKIE[&#39;token&#39;]) ? $_COOKIE[&#39;token&#39;] : &#39;&#39;;
  $salt = &#39;taoip&#39;;

  $_token = md5($salt.$username);

  if ($token == $_token) {
    return true;
  } else {
    return false;
  }
}

?>
Copy after login

In the oa project directory, create new index.php and login.php Two script files

Edit the index.php file

<?php

// OA站点

// (1)开启Session会话
session_name(&#39;taoip&#39;);
session_start();
// (2)获取用户名和token进行校验
$username = isset($_COOKIE[&#39;username&#39;]) ? $_COOKIE[&#39;username&#39;] : &#39;&#39;;
$token = isset($_COOKIE[&#39;token&#39;]) ? $_COOKIE[&#39;token&#39;] : &#39;&#39;;

$salt = &#39;taoip&#39;;

$_token = md5($salt.$username);

if ($token != $_token) {
  header(&#39;location: login.php&#39;);
  exit();
}

echo "欢迎{$username}用户,访问OA站点";

?>
Copy after login

Edit the login.php file

<?php

// OA站点登陆系统
require &#39;../functions.php&#39;;

// (2)验证
yzToken(&#39;taoip.cn&#39;);

// (1)判断是否登陆,登陆则跳转首页,未登录则去其他站点获取token
$url = isset($_GET[&#39;url&#39;]) ? $_GET[&#39;url&#39;] : &#39;&#39;;
if (empty($url)) {
  getToken(&#39;http://dengpeng.cc/login.php?url=http://oa.taoip.cn/login.php&#39;);
}

// (1)判断用户是否登陆
$bool = isLogin();
$url = isset($_GET[&#39;url&#39;]) ? $_GET[&#39;url&#39;] : &#39;&#39;;
if ($bool) {
  if (empty($url)) {
    header(&#39;location: index.php&#39;);
  } else {
    $username = isset($_COOKIE[&#39;username&#39;]) ? $_COOKIE[&#39;username&#39;] : &#39;&#39;;
    $token = isset($_COOKIE[&#39;token&#39;]) ? $_COOKIE[&#39;token&#39;] : &#39;&#39;;
    $lurl = $url.&#39;?username=&#39;.$username.&#39;&token=&#39;.$token;
    header(&#39;location: &#39;.$lurl);
  }
}


if (!empty($_POST)) {
  $username = isset($_POST[&#39;username&#39;]) ? $_POST[&#39;username&#39;] : &#39;&#39;;
  $password = isset($_POST[&#39;password&#39;]) ? $_POST[&#39;password&#39;] : &#39;&#39;;

  // 从库中查询用户密码
  @$link = mysql_connect(&#39;localhost&#39;, &#39;root&#39;, &#39;&#39;);
  mysql_query(&#39;use sso&#39;, $link);
  mysql_query(&#39;set names utf8&#39;, $link);
  $sql = "select * from users where username = &#39;".$username."&#39;";
  $user = mysql_fetch_assoc(mysql_query($sql, $link));

  // 校验
  $salt = &#39;taoip&#39;;
  $_password = md5($salt.$username);

  // var_dump($user[&#39;password&#39;] == $_password);
  // print_r($user);exit();

  if ($user[&#39;password&#39;] == $_password) {
    // 校验成功,开始登陆
    setcookie(&#39;username&#39;, $username, time()+3600, &#39;/&#39;, &#39;taoip.cn&#39;);
    setcookie(&#39;token&#39;, $_password, time()+3600, &#39;/&#39;, &#39;taoip.cn&#39;);
    // 如果URL没有值重定向到首页,否则重定向到URL页面
    if (empty($url)) {
      header(&#39;location: index.php&#39;);
    } else {
      header(&#39;location: &#39;.$lurl);
    }
  }
}

?>

<!DOCTYPE html>
<html lang="en">
<head>
  <meta charset="UTF-8">
  <meta name="generator" content="Sublime Text 3114">
  <meta name="author" content="3@dengpeng.cc">
  <meta name="keywords" content="">
  <meta name="description" content="">
  <title>OA站点登陆系统</title>
</head>
<body>
  <p class="container">
    <h2>oa.taoip.cn站点登陆系统</h2>
    <form action="" method="post">
      <label for="">用户名</label>
      <input type="text" name="username">
      <br>
      <label for="">密码</label>
      <input type="text" name="password">
      <hr>
      <button type="submit">提交</button>
    </form>
  </p>
</body>
</html>
Copy after login

In the bbs project directory, create two new script files, index.php and login.php

Edit the index.php file

<?php
/**
 * @author DengPeng <3@dengpeng.cc>
 * @since 2017/01/03
 * @copyright copyright (c) 2017 zixue.it GPL
 * @license http://www.zixue.it/
 */

// BBS站点

// (1)开启Session会话
session_name(&#39;taoip&#39;);
session_start();
// (2)获取用户名和token进行校验
$username = isset($_COOKIE[&#39;username&#39;]) ? $_COOKIE[&#39;username&#39;] : &#39;&#39;;
$token = isset($_COOKIE[&#39;token&#39;]) ? $_COOKIE[&#39;token&#39;] : &#39;&#39;;

$salt = &#39;taoip&#39;;

$_token = md5($salt.$username);

if ($token != $_token) {
  header(&#39;location: login.php&#39;);
  exit();
}

echo "欢迎{$username}用户,访问BBS站点";

?>
Copy after login

Edit the login.php file

<?php
/**
 * @author DengPeng <3@dengpeng.cc>
 * @since 2017/01/03
 * @copyright copyright (c) 2017 zixue.it GPL
 * @license http://www.zixue.it/
 */

// BBS站点登陆系统
require &#39;../functions.php&#39;;

// (2)验证
yzToken(&#39;taoip.cn&#39;);

// (1)判断是否登陆,登陆则跳转首页,未登录则去其他站点获取token
$url = isset($_GET[&#39;url&#39;]) ? $_GET[&#39;url&#39;] : &#39;&#39;;
if (empty($url)) {
  getToken(&#39;http://dengpeng.cc/login.php?url=http://bbs.taoip.cn/login.php&#39;);
}

// (1)判断用户是否登陆
$bool = isLogin();
$url = isset($_GET[&#39;url&#39;]) ? $_GET[&#39;url&#39;] : &#39;&#39;;
if ($bool) {
  if (empty($url)) {
    header(&#39;location: index.php&#39;);
  } else {
    $username = isset($_COOKIE[&#39;username&#39;]) ? $_COOKIE[&#39;username&#39;] : &#39;&#39;;
    $token = isset($_COOKIE[&#39;token&#39;]) ? $_COOKIE[&#39;token&#39;] : &#39;&#39;;
    $lurl = $url.&#39;?username=&#39;.$username.&#39;&token=&#39;.$token;
    header(&#39;location: &#39;.$lurl);
  }
}


if (!empty($_POST)) {
  $username = isset($_POST[&#39;username&#39;]) ? $_POST[&#39;username&#39;] : &#39;&#39;;
  $password = isset($_POST[&#39;password&#39;]) ? $_POST[&#39;password&#39;] : &#39;&#39;;

  // 从库中查询用户密码
  @$link = mysql_connect(&#39;localhost&#39;, &#39;root&#39;, &#39;&#39;);
  mysql_query(&#39;use sso&#39;, $link);
  mysql_query(&#39;set names utf8&#39;, $link);
  $sql = "select * from users where username = &#39;".$username."&#39;";
  $user = mysql_fetch_assoc(mysql_query($sql, $link));

  // 校验
  $salt = &#39;taoip&#39;;
  $_password = md5($salt.$username);

  // var_dump($user[&#39;password&#39;] == $_password);
  // print_r($user);exit();

  if ($user[&#39;password&#39;] == $_password) {
    // 校验成功,开始登陆
    setcookie(&#39;username&#39;, $username, time()+3600, &#39;/&#39;, &#39;taoip.cn&#39;);
    setcookie(&#39;token&#39;, $_password, time()+3600, &#39;/&#39;, &#39;taoip.cn&#39;);
    // 如果URL没有值重定向到首页,否则重定向到URL页面
    if (empty($url)) {
      header(&#39;location: index.php&#39;);
    } else {
      header(&#39;location: &#39;.$lurl);
    }
  }
}

?>

<!DOCTYPE html>
<html lang="en">
<head>
  <meta charset="UTF-8">
  <meta name="generator" content="Sublime Text 3114">
  <meta name="author" content="3@dengpeng.cc">
  <meta name="keywords" content="">
  <meta name="description" content="">
  <title>BBS站点登陆系统</title>
</head>
<body>
  <p class="container">
    <h2>bbs.taoip.cn站点登陆系统</h2>
    <form action="" method="post">
      <label for="">用户名</label>
      <input type="text" name="username">
      <br>
      <label for="">密码</label>
      <input type="text" name="password">
      <hr>
      <button type="submit">提交</button>
    </form>
  </p>
</body>
</html>
Copy after login

In the blog project directory, create two new script files, index.php and login.php

Edit index.php file

<?php
/**
 * @author DengPeng <3@dengpeng.cc>
 * @since 2017/01/03
 * @copyright copyright (c) 2017 zixue.it GPL
 * @license http://www.zixue.it/
 */

// blog站点

// (1)开启Session会话
session_name(&#39;taoip&#39;);
session_start();
// (2)获取用户名和token进行校验
$username = isset($_COOKIE[&#39;username&#39;]) ? $_COOKIE[&#39;username&#39;] : &#39;&#39;;
$token = isset($_COOKIE[&#39;token&#39;]) ? $_COOKIE[&#39;token&#39;] : &#39;&#39;;

$salt = &#39;taoip&#39;;

$_token = md5($salt.$username);

if ($token != $_token) {
  header(&#39;location: login.php&#39;);
  exit();
}

echo "欢迎{$username}用户,访问blog站点";

?>

<?php
/**
 * @author DengPeng <3@dengpeng.cc>
 * @since 2017/01/03
 * @copyright copyright (c) 2017 zixue.it GPL
 * @license http://www.zixue.it/
 */

// blog站点

// (1)开启Session会话
session_name(&#39;taoip&#39;);
session_start();
// (2)获取用户名和token进行校验
$username = isset($_COOKIE[&#39;username&#39;]) ? $_COOKIE[&#39;username&#39;] : &#39;&#39;;
$token = isset($_COOKIE[&#39;token&#39;]) ? $_COOKIE[&#39;token&#39;] : &#39;&#39;;

$salt = &#39;taoip&#39;;

$_token = md5($salt.$username);

if ($token != $_token) {
  header(&#39;location: login.php&#39;);
  exit();
}

echo "欢迎{$username}用户,访问blog站点";

?>
Copy after login

Edit login.php file

<?php
/**
 * @author DengPeng <3@dengpeng.cc>
 * @since 2017/01/03
 * @copyright copyright (c) 2017 zixue.it GPL
 * @license http://www.zixue.it/
 */

// blog站点登陆系统
require &#39;../functions.php&#39;;

// (2)验证
yzToken(&#39;dengpeng.cc&#39;);

// (1)判断是否登陆,登陆则跳转首页,未登录则去其他站点获取token
$url = isset($_GET[&#39;url&#39;]) ? $_GET[&#39;url&#39;] : &#39;&#39;;
if (empty($url)) {
  getToken(&#39;http://oa.taoip.cn/login.php?url=http://dengpeng.cc/login.php&#39;);
}


// (1)判断用户是否登陆
$bool = isLogin();
$url = isset($_GET[&#39;url&#39;]) ? $_GET[&#39;url&#39;] : &#39;&#39;;
if ($bool) {
  if (empty($url)) {
    header(&#39;location: index.php&#39;);
  } else {
    $username = isset($_COOKIE[&#39;username&#39;]) ? $_COOKIE[&#39;username&#39;] : &#39;&#39;;
    $token = isset($_COOKIE[&#39;token&#39;]) ? $_COOKIE[&#39;token&#39;] : &#39;&#39;;
    $lurl = $url.&#39;?username=&#39;.$username.&#39;&token=&#39;.$token;
    header(&#39;location: &#39;.$lurl);
  }
}


// (3)判断用户是否提交数据
if (!empty($_POST)) {
  $username = isset($_POST[&#39;username&#39;]) ? $_POST[&#39;username&#39;] : &#39;&#39;;
  $password = isset($_POST[&#39;password&#39;]) ? $_POST[&#39;password&#39;] : &#39;&#39;;

  // 从库中查询用户密码
  @$link = mysql_connect(&#39;localhost&#39;, &#39;root&#39;, &#39;&#39;);
  mysql_query(&#39;use sso&#39;, $link);
  mysql_query(&#39;set names utf8&#39;, $link);
  $sql = "select * from users where username = &#39;".$username."&#39;";
  $user = mysql_fetch_assoc(mysql_query($sql, $link));

  // 校验
  $salt = &#39;taoip&#39;;
  $_password = md5($salt.$username);

  // var_dump($user[&#39;password&#39;] == $_password);
  // print_r($user);exit();

  if ($user[&#39;password&#39;] == $_password) {
    setCook($username, $_password, &#39;dengpeng.cc&#39;);
    if (empty($url)) {
      header(&#39;location: index.php&#39;);
    } else {
      header(&#39;location: &#39;.$lurl);
    }
  }
}

?>

<!DOCTYPE html>
<html lang="en">
<head>
  <meta charset="UTF-8">
  <meta name="generator" content="Sublime Text 3114">
  <meta name="author" content="3@dengpeng.cc">
  <meta name="keywords" content="">
  <meta name="description" content="">
  <title>blog站点登陆系统</title>
</head>
<body>
  <p class="container">
    <h2>dengpeng.cc站点登陆系统</h2>
    <form action="" method="post">
      <label for="">用户名</label>
      <input type="text" name="username">
      <br>
      <label for="">密码</label>
      <input type="text" name="password">
      <hr>
      <button type="submit">提交</button>
    </form>
  </p>
</body>
</html>
Copy after login

Configuring local virtual host

I think everyone should know the specific configuration steps, so I don’t need to go into details one by one. You only need to follow the reference I gave and configure the configuration corresponding to different domain names. Directory mapping is sufficient.

Domain name/project directory/
oa.taoip.cn /oa/
bbs.taoip.cn /bbs/
dengpeng.cc /blog/

Congratulations, you have completed a simple SSO system

After the configuration is completed, remember to restart the web server. Then you only need to access these three different sites to implement a site Log in, other sites will no longer send login requests.

The above is the entire content of this article, I hope it will be helpful to everyone's study.


Related recommendations:

PHP single sign-on SSO implementation method

Example Explain the principle of SSO single sign-on

##php uses two user-defined key name comparison functions array_udiff_uassoc()

The above is the detailed content of PHP programming SSO detailed introduction and examples. For more information, please follow other related articles on the PHP Chinese website!

Related labels:
source:php.cn
Statement of this Website
The content of this article is voluntarily contributed by netizens, and the copyright belongs to the original author. This site does not assume corresponding legal responsibility. If you find any content suspected of plagiarism or infringement, please contact admin@php.cn
Popular Tutorials
More>
Latest Downloads
More>
Web Effects
Website Source Code
Website Materials
Front End Template