Home > Backend Development > PHP Tutorial > Further optimize Yii2 cross-domain SSO login Livzon portal sso sso.dinghuo123 sso

Further optimize Yii2 cross-domain SSO login Livzon portal sso sso.dinghuo123 sso

WBOY
Release: 2016-07-29 08:52:07
Original
2702 people have browsed it

data-id="1190000004999380" data-licence="">

Preface

This article is mainly an improvement on "How Yii2 implements cross-domain SSO login analysis", because I have already written about SSO in that article The basic implementation process of login is now further optimized. There are two main optimization points: 1. When entering login.XXX.com in the address bar of the login status page of www.XXX.com, you will return to the login page, but do not log out, and then enter www.XXX.com time, let it return to the www.XXX.com page and remain logged in; 2. Modify the expiration time of the session and set it to a maximum value.

Requirement Analysis

1. Entering login.XXX.com will only return it to the login interface, but it will not exit the login. The values ​​of session and cookie are still saved.
2. Achieve permanent login status. As long as you don't click to log out, you will remain logged in.

Code analysis

1. Modify the Login method of the login module SiteController.php
1.1, modify the code before

<code>public function actionLogin()
        {   
            $URL=Yii::$app->request->get('redirectURL');  
            $model = new LoginForm();
            if (!\Yii::$app->user->isGuest) { 
                $this->actionLogout();//退出登陆
                return $this->redirect('http://'.DOMAIN_LOGIN.'?redirectURL=http://'.DOMAIN_HOME);
            } 
        
            if ($model->load(Yii::$app->request->post()) && $model->login()) {
                if(empty($URL)){
                    return $this->redirect('http://'.DOMAIN_HOME,301);
                }else{
                    return $this->redirect($URL,301);
                }           
                // return $this->goBack();
            } else { 
                return $this->renderPartial('login', [
                    'model' => $model,
                ]);
            }
        }</code>
Copy after login

1.2, modify the code

<code> public function actionLogin()
    {  
        $URL=Yii::$app->request->get('redirectURL');  
        $URL1='http://'.DOMAIN_CRM;
        $URL2='http://'.DOMAIN_HR;
        $URL3='http://'.DOMAIN_ADMIN;
        $URL4='http://'.DOMAIN_OA;
       
        $redirectURL1='http://'.DOMAIN_LOGIN.'?redirectURL=http://'.DOMAIN_CRM;
        $redirectURL2='http://'.DOMAIN_LOGIN.'?redirectURL=http://'.DOMAIN_HR;
        $redirectURL3='http://'.DOMAIN_LOGIN.'?redirectURL=http://'.DOMAIN_ADMIN;
        $redirectURL4='http://'.DOMAIN_LOGIN.'?redirectURL=http://'.DOMAIN_OA;
        $model = new LoginForm();

        //验证是否已登录,非空为登录
        if (!\Yii::$app->user->isGuest) { 
           if(!empty($URL)){
                $this->actionLogout();//退出登陆
                if($URL==$URL2){
                    return $this->redirect($redirectURL2);
                }elseif($URL==$URL3){
                    return $this->redirect($redirectURL3);
                }
                if($URL==$URL4){
                    return $this->redirect($redirectURL4);
                }
                return $this->redirect($redirectURL1);

           }else{
                //redirectURL不存在时,提交表单判断
                if(DOMAIN_LOGIN){   
                   if ($model->load(Yii::$app->request->post()) && $model->login()) {
                        if(empty($URL)){ 
                            return $this->redirect($URL1,301);             
                        }else{
                            if($URL==$URL2){
                                return $this->redirect($URL2,301);
                            }elseif($URL==$URL3){
                                return $this->redirect($URL3,301);
                            }
                            if($URL==$URL4){
                                return $this->redirect($URL4,301);
                            }
                            return $this->redirect($URL1,301);
                        }           
                    } else { 
                        return $this->renderPartial('login', [
                            'model' => $model,
                        ]);
                    }
                }else{ 
                    return $this->goHome(); //与之前的代码主要的区别在这里,登陆就让它回到登陆页面。
                }  
           }  
        } else { 
            //redirectURL存在时,提交表单判断
            if ($model->load(Yii::$app->request->post()) && $model->login()) {
                if(empty($URL)){ 
                    return $this->redirect($URL1,301);             
                }else{
                    if($URL==$URL2){
                        return $this->redirect($URL2,301);
                    }elseif($URL==$URL3){
                        return $this->redirect($URL3,301);
                    }
                    if($URL==$URL4){
                        return $this->redirect($URL4,301);
                    }
                    return $this->redirect($URL1,301);
                }           
            } else { 
                return $this->renderPartial('login', [
                    'model' => $model,
                ]);
            }
        }
    }</code>
Copy after login

2. Modify the expiration time of the session and set it to a maximum value.
commonconfigmain.php
2.1. Code before modification

<code>'session' => [           
            'cookieParams' => ['domain' => '.' . DOMAIN, 'lifetime' => 0],            
            'timeout' => 3600,
        ],</code>
Copy after login

2.2. Code after modification

<code>'session' => [           
            'cookieParams' => ['domain' => '.' . DOMAIN, 'lifetime' => 0],            
            'timeout' => 7200,
        ],</code>
Copy after login

FAQ

1. Although the session expiration time has been set to a maximum value and the login success cookie has value, but after login about It will still log out after about two hours. Why is this? How to achieve true permanent login in Yii2? I would like to ask the experts to explain. If I solve the problem in the future, I will continue to update and make progress together.

Related information

Yii2 configuration Cross-domain login example: http://www.kuitao8.com/20150507/3735.shtml
Yii2 How to use redirect to automatically jump to an external site? : https://segmentfault.com/q/1010000002549004

The full text is complete. If there are any shortcomings or better methods, everyone is welcome to actively propose them. Let's communicate and learn from each other.

The above introduces the further optimization of Yii2 cross-domain SSO login, including the content of sso and yii. I hope it will be helpful to friends who are interested in PHP tutorials.

Related labels:
source:php.cn
Statement of this Website
The content of this article is voluntarily contributed by netizens, and the copyright belongs to the original author. This site does not assume corresponding legal responsibility. If you find any content suspected of plagiarism or infringement, please contact admin@php.cn
Popular Tutorials
More>
Latest Downloads
More>
Web Effects
Website Source Code
Website Materials
Front End Template