- Front-end
- HTML| CSS| JavaScript| Vue.js
Latest Recommendations
-
Php8, I'm coming too
84669 person learning
- native foundation
- HTML| CSS| HTML5| CSS3| JavaScript
Latest Recommendations
-
Learn website layout in 30 minutes
152542 person learning
- Introduction to Fundamentals
- MySQL| SQL Server
Latest Recommendations
-
Shangguan Oracle Beginner to Proficient Video Tutorial
20005 person learning
Latest Recommendations
-
Your first line of UNI-APP code
5487 person learning
-
Flutter from scratch to app launch
7821 person learning
- Tool usage
- PhpStudy| Git| Other tools
Latest Recommendations
-
Brother Lian New Linux Video Tutorial
359900 person learning
Latest Recommendations
-
AXURE 9 Video Tutorial (Suitable for Product Manager Interactive Product Design UI)
3350 person learning
-
Zero Basic Proficiency PS Video Tutorial
180660 person learning
-
16 day UI video tutorial to get you started
48569 person learning
-
PS Techniques and Slicing Techniques Video Tutorial
18603 person learning
- Class Library Classification
- HTTP| TCP/IP| basic programming
Latest Recommendations
-
Alibaba Cloud Environment Construction and Project Launch Video Tutorial
40936 person learning
-
Overview of Computer Networks - Basic Knowledge that Programmers Must Master
1549 person learning
-
Essential Tutorial for Programmers - HTTP Protocol Explanation
1183 person learning
-
Websocket Video Tutorial
32909 person learning
![[Web front-end] Node.js quick start](https://img.php.cn/upload/course/000/000/067/662b5d34ba7c0227.png)
Single sign-on under the same first-level domain name on the PC side only needs to operate cookies
Of course, using tokens and cookies are the same.
The principles are almost the same. I don’t know what’s wrong with you not being able to implement it. Just take a look Look,
1. Can I get the token on the new page? 2. Can I check the user data in redis based on the token? 3. If I can check the user data, are there any other questions?
The main question is, how do you allow users to bring token information when they visit.
Use Redis to store it, and then verify it with the cookie value.
When users click on other pages, they bring the user's ID. When you generate the token, you use uid salt or a more complex encryption algorithm to encrypt and generate the token. After receiving the user's ID, use the ID to encrypt and compare it with the token. If you agree, you are logged in. (This is probably the effect you want to achieve?)
Wait a minute, in addition to considering the token issue for single sign-on, you have to consider how to get the generated information directly when you open site B when you log in to site A. In fact, the cookies and sessions of different sites are different and cannot be obtained. I have seen what ucenter does. After A logs in, he will initiate http requests through js to all his brother sites, which is equivalent to passing the token to all sites for login operations. Each site will generate sessions and cookies.
Token actually replaces password user_id=xxx&token=xxxx. Query login information through user ID and compare whether the queried token is consistent with the parameter token
The solution I thought of for single sign-on
For example
User center passport.test.com
Payment center pay.test.com
In passport.test.com
Set p3p header("P3P: CP=CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR");
Encrypt the user's login information and write it into the cookie
Get the cookie information from pay.test.com and send it to the passport.test.com interface to verify the login information