PHP programming SSO detailed introduction and simple examples

高洛峰
Release: 2023-03-04 22:02:01
Original
1579 people have browsed it

PHP SSO Detailed Explanation

SSO has three modes: ①Cross-subdomain single point login ②Complete cross-single point domain login ③Station group shared identity authentication

The first mode is very simple. You only need to set the cookie domain to the root domain of multiple applications.

The second method is also very simple, which is to replace the authentication addresses of all applications with the same authentication address each time. Check whether you are logged in at the certification center. If you are logged in, issue an encrypted token to the calling application.

The third type of cross-domain is that it is a little troublesome to jump back and forth to verify the token.

Configuration directory structure

In the server root directory, create three new project directories:

|–/Website root directory/
|–|–/oa/
| –|–/bbs/
|–|–/blog/

Create a new functions.PHP script file in the root directory. The specific content is as follows:

<?php
 
/**
 * 获取登陆token
 * @param string $url 获取token的地址
 * 2017-01-03T13:08:43+0800
 */
function getToken($url)
{
  $bool = isLogin();
  if ($bool) {
    // 如果登陆了跳转到本站首页
    header(&#39;location: index.php&#39;);
    exit();
  }
 
  // 否则没有登陆,去另一个站点看是否登陆
  header(&#39;location: &#39;.$url);
}
 
// 校验令牌是否正确
function yzToken($domain)
{
  $url = isset($_GET[&#39;url&#39;]) ? $_GET[&#39;url&#39;] : &#39;&#39;;
  $username = isset($_GET[&#39;username&#39;]) ? $_GET[&#39;username&#39;] : &#39;&#39;;
  $token = isset($_GET[&#39;token&#39;]) ? $_GET[&#39;token&#39;] : &#39;&#39;;
 
 
  if (!empty($username) && !empty($token)) {
    $salt = &#39;taoip&#39;;
    $_token = md5($salt.$username);
    // 校验第三方站点过来时的token是否正确
    if ($_token == $token) {
      // 设置跳转过来的网站的Cookie
      setCook($username, $_token, $domain);
      header(&#39;location: index.php&#39;);
    }
  }
 
}
 
// 设置cookie
function setCook($username, $_password, $domain)
{
  // 校验成功,开始登陆
  setcookie(&#39;username&#39;, $username, time()+3600, &#39;/&#39;, $domain);
  setcookie(&#39;token&#39;, $_password, time()+3600, &#39;/&#39;, $domain);
  header(&#39;location: index.php&#39;);
}
 
// 判断是否登陆
function isLogin()
{
  $username = isset($_COOKIE[&#39;username&#39;]) ? $_COOKIE[&#39;username&#39;] : &#39;&#39;;
  $token = isset($_COOKIE[&#39;token&#39;]) ? $_COOKIE[&#39;token&#39;] : &#39;&#39;;
  $salt = &#39;taoip&#39;;
 
  $_token = md5($salt.$username);
 
  if ($token == $_token) {
    return true;
  } else {
    return false;
  }
}
 
?>
Copy after login

In the oa project directory, Create two new script files, index.php and login.php

Edit the index.php file

<?php
 
// OA站点
 
// (1)开启Session会话
session_name(&#39;taoip&#39;);
session_start();
// (2)获取用户名和token进行校验
$username = isset($_COOKIE[&#39;username&#39;]) ? $_COOKIE[&#39;username&#39;] : &#39;&#39;;
$token = isset($_COOKIE[&#39;token&#39;]) ? $_COOKIE[&#39;token&#39;] : &#39;&#39;;
 
$salt = &#39;taoip&#39;;
 
$_token = md5($salt.$username);
 
if ($token != $_token) {
  header(&#39;location: login.php&#39;);
  exit();
}
 
echo "欢迎{$username}用户,访问OA站点";
 
?>
Copy after login

Edit the login.php file

<?php
 
// OA站点登陆系统
require &#39;../functions.php&#39;;
 
// (2)验证
yzToken(&#39;taoip.cn&#39;);
 
// (1)判断是否登陆,登陆则跳转首页,未登录则去其他站点获取token
$url = isset($_GET[&#39;url&#39;]) ? $_GET[&#39;url&#39;] : &#39;&#39;;
if (empty($url)) {
  getToken(&#39;http://dengpeng.cc/login.php?url=http://oa.taoip.cn/login.php&#39;);
}
 
// (1)判断用户是否登陆
$bool = isLogin();
$url = isset($_GET[&#39;url&#39;]) ? $_GET[&#39;url&#39;] : &#39;&#39;;
if ($bool) {
  if (empty($url)) {
    header(&#39;location: index.php&#39;);
  } else {
    $username = isset($_COOKIE[&#39;username&#39;]) ? $_COOKIE[&#39;username&#39;] : &#39;&#39;;
    $token = isset($_COOKIE[&#39;token&#39;]) ? $_COOKIE[&#39;token&#39;] : &#39;&#39;;
    $lurl = $url.&#39;?username=&#39;.$username.&#39;&token=&#39;.$token;
    header(&#39;location: &#39;.$lurl);
  }
}
 
 
if (!empty($_POST)) {
  $username = isset($_POST[&#39;username&#39;]) ? $_POST[&#39;username&#39;] : &#39;&#39;;
  $password = isset($_POST[&#39;password&#39;]) ? $_POST[&#39;password&#39;] : &#39;&#39;;
 
  // 从库中查询用户密码
  @$link = mysql_connect(&#39;localhost&#39;, &#39;root&#39;, &#39;&#39;);
  mysql_query(&#39;use sso&#39;, $link);
  mysql_query(&#39;set names utf8&#39;, $link);
  $sql = "select * from users where username = &#39;".$username."&#39;";
  $user = mysql_fetch_assoc(mysql_query($sql, $link));
 
  // 校验
  $salt = &#39;taoip&#39;;
  $_password = md5($salt.$username);
 
  // var_dump($user[&#39;password&#39;] == $_password);
  // print_r($user);exit();
 
  if ($user[&#39;password&#39;] == $_password) {
    // 校验成功,开始登陆
    setcookie(&#39;username&#39;, $username, time()+3600, &#39;/&#39;, &#39;taoip.cn&#39;);
    setcookie(&#39;token&#39;, $_password, time()+3600, &#39;/&#39;, &#39;taoip.cn&#39;);
    // 如果URL没有值重定向到首页,否则重定向到URL页面
    if (empty($url)) {
      header(&#39;location: index.php&#39;);
    } else {
      header(&#39;location: &#39;.$lurl);
    }
  }
}
 
?>
 
<!DOCTYPE html>
<html>
<head>
  <meta charset="UTF-8">
  <meta name="generator" content="Sublime Text 3114">
  <meta name="author" content="3@dengpeng.cc">
  <meta name="keywords" content="">
  <meta name="description" content="">
  <title>OA站点登陆系统</title>
</head>
<body>
  <p>
    <h2>oa.taoip.cn站点登陆系统</h2>
    <form action="" method="post">
      <label for="">用户名</label>
      <input type="text" name="username">
      <br>
      <label for="">密码</label>
      <input type="text" name="password">
      <hr>
      <button type="submit">提交</button>
    </form>
  </p>
</body>
</html>
Copy after login

In the bbs project directory, create a new index .php and login.php two script files

Edit the index.php file

<?php
/**
 * @author DengPeng <3@dengpeng.cc>
 * @since 2017/01/03
 * @copyright copyright (c) 2017 zixue.it GPL
 * @license http://www.zixue.it/
 */
 
// BBS站点
 
// (1)开启Session会话
session_name(&#39;taoip&#39;);
session_start();
// (2)获取用户名和token进行校验
$username = isset($_COOKIE[&#39;username&#39;]) ? $_COOKIE[&#39;username&#39;] : &#39;&#39;;
$token = isset($_COOKIE[&#39;token&#39;]) ? $_COOKIE[&#39;token&#39;] : &#39;&#39;;
 
$salt = &#39;taoip&#39;;
 
$_token = md5($salt.$username);
 
if ($token != $_token) {
  header(&#39;location: login.php&#39;);
  exit();
}
 
echo "欢迎{$username}用户,访问BBS站点";
 
?>
Copy after login

Edit the login.php file

<?php
/**
 * @author DengPeng <3@dengpeng.cc>
 * @since 2017/01/03
 * @copyright copyright (c) 2017 zixue.it GPL
 * @license http://www.zixue.it/
 */
 
// BBS站点登陆系统
require &#39;../functions.php&#39;;
 
// (2)验证
yzToken(&#39;taoip.cn&#39;);
 
// (1)判断是否登陆,登陆则跳转首页,未登录则去其他站点获取token
$url = isset($_GET[&#39;url&#39;]) ? $_GET[&#39;url&#39;] : &#39;&#39;;
if (empty($url)) {
  getToken(&#39;http://dengpeng.cc/login.php?url=http://bbs.taoip.cn/login.php&#39;);
}
 
// (1)判断用户是否登陆
$bool = isLogin();
$url = isset($_GET[&#39;url&#39;]) ? $_GET[&#39;url&#39;] : &#39;&#39;;
if ($bool) {
  if (empty($url)) {
    header(&#39;location: index.php&#39;);
  } else {
    $username = isset($_COOKIE[&#39;username&#39;]) ? $_COOKIE[&#39;username&#39;] : &#39;&#39;;
    $token = isset($_COOKIE[&#39;token&#39;]) ? $_COOKIE[&#39;token&#39;] : &#39;&#39;;
    $lurl = $url.&#39;?username=&#39;.$username.&#39;&token=&#39;.$token;
    header(&#39;location: &#39;.$lurl);
  }
}
 
 
if (!empty($_POST)) {
  $username = isset($_POST[&#39;username&#39;]) ? $_POST[&#39;username&#39;] : &#39;&#39;;
  $password = isset($_POST[&#39;password&#39;]) ? $_POST[&#39;password&#39;] : &#39;&#39;;
 
  // 从库中查询用户密码
  @$link = mysql_connect(&#39;localhost&#39;, &#39;root&#39;, &#39;&#39;);
  mysql_query(&#39;use sso&#39;, $link);
  mysql_query(&#39;set names utf8&#39;, $link);
  $sql = "select * from users where username = &#39;".$username."&#39;";
  $user = mysql_fetch_assoc(mysql_query($sql, $link));
 
  // 校验
  $salt = &#39;taoip&#39;;
  $_password = md5($salt.$username);
 
  // var_dump($user[&#39;password&#39;] == $_password);
  // print_r($user);exit();
 
  if ($user[&#39;password&#39;] == $_password) {
    // 校验成功,开始登陆
    setcookie(&#39;username&#39;, $username, time()+3600, &#39;/&#39;, &#39;taoip.cn&#39;);
    setcookie(&#39;token&#39;, $_password, time()+3600, &#39;/&#39;, &#39;taoip.cn&#39;);
    // 如果URL没有值重定向到首页,否则重定向到URL页面
    if (empty($url)) {
      header(&#39;location: index.php&#39;);
    } else {
      header(&#39;location: &#39;.$lurl);
    }
  }
}
 
?>
 
<!DOCTYPE html>
<html>
<head>
  <meta charset="UTF-8">
  <meta name="generator" content="Sublime Text 3114">
  <meta name="author" content="3@dengpeng.cc">
  <meta name="keywords" content="">
  <meta name="description" content="">
  <title>BBS站点登陆系统</title>
</head>
<body>
  <p>
    <h2>bbs.taoip.cn站点登陆系统</h2>
    <form action="" method="post">
      <label for="">用户名</label>
      <input type="text" name="username">
      <br>
      <label for="">密码</label>
      <input type="text" name="password">
      <hr>
      <button type="submit">提交</button>
    </form>
  </p>
</body>
</html>
Copy after login

In the blog project directory, create a new index.php and login.php two script files

Edit the index.php file

<?php
/**
 * @author DengPeng <3@dengpeng.cc>
 * @since 2017/01/03
 * @copyright copyright (c) 2017 zixue.it GPL
 * @license http://www.zixue.it/
 */
 
// blog站点
 
// (1)开启Session会话
session_name(&#39;taoip&#39;);
session_start();
// (2)获取用户名和token进行校验
$username = isset($_COOKIE[&#39;username&#39;]) ? $_COOKIE[&#39;username&#39;] : &#39;&#39;;
$token = isset($_COOKIE[&#39;token&#39;]) ? $_COOKIE[&#39;token&#39;] : &#39;&#39;;
 
$salt = &#39;taoip&#39;;
 
$_token = md5($salt.$username);
 
if ($token != $_token) {
  header(&#39;location: login.php&#39;);
  exit();
}
 
echo "欢迎{$username}用户,访问blog站点";
 
?>
 
<?php
/**
 * @author DengPeng <3@dengpeng.cc>
 * @since 2017/01/03
 * @copyright copyright (c) 2017 zixue.it GPL
 * @license http://www.zixue.it/
 */
 
// blog站点
 
// (1)开启Session会话
session_name(&#39;taoip&#39;);
session_start();
// (2)获取用户名和token进行校验
$username = isset($_COOKIE[&#39;username&#39;]) ? $_COOKIE[&#39;username&#39;] : &#39;&#39;;
$token = isset($_COOKIE[&#39;token&#39;]) ? $_COOKIE[&#39;token&#39;] : &#39;&#39;;
 
$salt = &#39;taoip&#39;;
 
$_token = md5($salt.$username);
 
if ($token != $_token) {
  header(&#39;location: login.php&#39;);
  exit();
}
 
echo "欢迎{$username}用户,访问blog站点";
 
?>
Copy after login

Edit the login.php file

<?php
/**
 * @author DengPeng <3@dengpeng.cc>
 * @since 2017/01/03
 * @copyright copyright (c) 2017 zixue.it GPL
 * @license http://www.zixue.it/
 */
 
// blog站点登陆系统
require &#39;../functions.php&#39;;
 
// (2)验证
yzToken(&#39;dengpeng.cc&#39;);
 
// (1)判断是否登陆,登陆则跳转首页,未登录则去其他站点获取token
$url = isset($_GET[&#39;url&#39;]) ? $_GET[&#39;url&#39;] : &#39;&#39;;
if (empty($url)) {
  getToken(&#39;http://oa.taoip.cn/login.php?url=http://dengpeng.cc/login.php&#39;);
}
 
 
// (1)判断用户是否登陆
$bool = isLogin();
$url = isset($_GET[&#39;url&#39;]) ? $_GET[&#39;url&#39;] : &#39;&#39;;
if ($bool) {
  if (empty($url)) {
    header(&#39;location: index.php&#39;);
  } else {
    $username = isset($_COOKIE[&#39;username&#39;]) ? $_COOKIE[&#39;username&#39;] : &#39;&#39;;
    $token = isset($_COOKIE[&#39;token&#39;]) ? $_COOKIE[&#39;token&#39;] : &#39;&#39;;
    $lurl = $url.&#39;?username=&#39;.$username.&#39;&token=&#39;.$token;
    header(&#39;location: &#39;.$lurl);
  }
}
 
 
// (3)判断用户是否提交数据
if (!empty($_POST)) {
  $username = isset($_POST[&#39;username&#39;]) ? $_POST[&#39;username&#39;] : &#39;&#39;;
  $password = isset($_POST[&#39;password&#39;]) ? $_POST[&#39;password&#39;] : &#39;&#39;;
 
  // 从库中查询用户密码
  @$link = mysql_connect(&#39;localhost&#39;, &#39;root&#39;, &#39;&#39;);
  mysql_query(&#39;use sso&#39;, $link);
  mysql_query(&#39;set names utf8&#39;, $link);
  $sql = "select * from users where username = &#39;".$username."&#39;";
  $user = mysql_fetch_assoc(mysql_query($sql, $link));
 
  // 校验
  $salt = &#39;taoip&#39;;
  $_password = md5($salt.$username);
 
  // var_dump($user[&#39;password&#39;] == $_password);
  // print_r($user);exit();
 
  if ($user[&#39;password&#39;] == $_password) {
    setCook($username, $_password, &#39;dengpeng.cc&#39;);
    if (empty($url)) {
      header(&#39;location: index.php&#39;);
    } else {
      header(&#39;location: &#39;.$lurl);
    }
  }
}
 
?>
 
<!DOCTYPE html>
<html>
<head>
  <meta charset="UTF-8">
  <meta name="generator" content="Sublime Text 3114">
  <meta name="author" content="3@dengpeng.cc">
  <meta name="keywords" content="">
  <meta name="description" content="">
  <title>blog站点登陆系统</title>
</head>
<body>
  <p>
    <h2>dengpeng.cc站点登陆系统</h2>
    <form action="" method="post">
      <label for="">用户名</label>
      <input type="text" name="username">
      <br>
      <label for="">密码</label>
      <input type="text" name="password">
      <hr>
      <button type="submit">提交</button>
    </form>
  </p>
</body>
</html>
Copy after login

Configure the local virtual host

Specific configuration I think everyone should be familiar with the steps, so I don’t need to go into details one by one. You only need to follow the reference I gave and configure the mapping to the directories corresponding to different domain names.

Domain Name/Project Directory/
oa.taoip.cn /oa/
bbs.taoip.cn /bbs/
dengpeng.cc /blog/

Congratulations, you have completed a simple SSO system

After the configuration is completed, remember to restart the web server. Then you only need to visit these three different sites to log in to one site, and other sites will no longer send login requests.

Thanks for reading, hope It can help everyone, thank you for your support of this site!

For more articles related to PHP programming SSO detailed introduction and simple examples, please pay attention to the PHP Chinese website!

Related labels:
source:php.cn
Statement of this Website
The content of this article is voluntarily contributed by netizens, and the copyright belongs to the original author. This site does not assume corresponding legal responsibility. If you find any content suspected of plagiarism or infringement, please contact admin@php.cn
Popular Tutorials
More>
Latest Downloads
More>
Web Effects
Website Source Code
Website Materials
Front End Template
About us Disclaimer Sitemap
php.cn:Public welfare online PHP training,Help PHP learners grow quickly!