Home > Article > Backend Development > PHP programming SSO detailed introduction and examples
This article mainly introduces the detailed introduction of PHP programming SSO and the relevant information of simple examples. Here we introduce the three modes of cross-subdomain single sign-in, complete cross-single point domain sign-in, and station group shared identity authentication. Friends in need You can refer to the following
PHP SSO detailed explanation
SSO has three modes: ① Cross-subdomain single point login ② Complete cross-single point domain login ③ Station group shared identity authentication
The first mode is very simple, you only need to set the cookie domain to the root domain of multiple applications
The second mode The second method is also very simple, which is to change the authentication addresses of all applications to the same authentication address, and check whether you log in at the certification center each time. If you log in, issue an encrypted token to the calling application
The third type of cross-domain is that it is slightly troublesome to jump back and forth to verify the token.
Configure the directory structure
In the server root directory, create three new ones Project directory:
|–/website root directory/
|–|–/oa/
|–|–/bbs/
|–|–/blog/
Create a new functions.PHP script file in the root directory. The specific content is as follows:
<?php /** * 获取登陆token * @param string $url 获取token的地址 * 2017-01-03T13:08:43+0800 */ function getToken($url) { $bool = isLogin(); if ($bool) { // 如果登陆了跳转到本站首页 header('location: index.php'); exit(); } // 否则没有登陆,去另一个站点看是否登陆 header('location: '.$url); } // 校验令牌是否正确 function yzToken($domain) { $url = isset($_GET['url']) ? $_GET['url'] : ''; $username = isset($_GET['username']) ? $_GET['username'] : ''; $token = isset($_GET['token']) ? $_GET['token'] : ''; if (!empty($username) && !empty($token)) { $salt = 'taoip'; $_token = md5($salt.$username); // 校验第三方站点过来时的token是否正确 if ($_token == $token) { // 设置跳转过来的网站的Cookie setCook($username, $_token, $domain); header('location: index.php'); } } } // 设置cookie function setCook($username, $_password, $domain) { // 校验成功,开始登陆 setcookie('username', $username, time()+3600, '/', $domain); setcookie('token', $_password, time()+3600, '/', $domain); header('location: index.php'); } // 判断是否登陆 function isLogin() { $username = isset($_COOKIE['username']) ? $_COOKIE['username'] : ''; $token = isset($_COOKIE['token']) ? $_COOKIE['token'] : ''; $salt = 'taoip'; $_token = md5($salt.$username); if ($token == $_token) { return true; } else { return false; } } ?>
In the oa project directory, create new index.php and login.php Two script files
Edit the index.php file
<?php // OA站点 // (1)开启Session会话 session_name('taoip'); session_start(); // (2)获取用户名和token进行校验 $username = isset($_COOKIE['username']) ? $_COOKIE['username'] : ''; $token = isset($_COOKIE['token']) ? $_COOKIE['token'] : ''; $salt = 'taoip'; $_token = md5($salt.$username); if ($token != $_token) { header('location: login.php'); exit(); } echo "欢迎{$username}用户,访问OA站点"; ?>
Edit the login.php file
<?php // OA站点登陆系统 require '../functions.php'; // (2)验证 yzToken('taoip.cn'); // (1)判断是否登陆,登陆则跳转首页,未登录则去其他站点获取token $url = isset($_GET['url']) ? $_GET['url'] : ''; if (empty($url)) { getToken('http://dengpeng.cc/login.php?url=http://oa.taoip.cn/login.php'); } // (1)判断用户是否登陆 $bool = isLogin(); $url = isset($_GET['url']) ? $_GET['url'] : ''; if ($bool) { if (empty($url)) { header('location: index.php'); } else { $username = isset($_COOKIE['username']) ? $_COOKIE['username'] : ''; $token = isset($_COOKIE['token']) ? $_COOKIE['token'] : ''; $lurl = $url.'?username='.$username.'&token='.$token; header('location: '.$lurl); } } if (!empty($_POST)) { $username = isset($_POST['username']) ? $_POST['username'] : ''; $password = isset($_POST['password']) ? $_POST['password'] : ''; // 从库中查询用户密码 @$link = mysql_connect('localhost', 'root', ''); mysql_query('use sso', $link); mysql_query('set names utf8', $link); $sql = "select * from users where username = '".$username."'"; $user = mysql_fetch_assoc(mysql_query($sql, $link)); // 校验 $salt = 'taoip'; $_password = md5($salt.$username); // var_dump($user['password'] == $_password); // print_r($user);exit(); if ($user['password'] == $_password) { // 校验成功,开始登陆 setcookie('username', $username, time()+3600, '/', 'taoip.cn'); setcookie('token', $_password, time()+3600, '/', 'taoip.cn'); // 如果URL没有值重定向到首页,否则重定向到URL页面 if (empty($url)) { header('location: index.php'); } else { header('location: '.$lurl); } } } ?> <!DOCTYPE html> <html lang="en"> <head> <meta charset="UTF-8"> <meta name="generator" content="Sublime Text 3114"> <meta name="author" content="3@dengpeng.cc"> <meta name="keywords" content=""> <meta name="description" content=""> <title>OA站点登陆系统</title> </head> <body> <p class="container"> <h2>oa.taoip.cn站点登陆系统</h2> <form action="" method="post"> <label for="">用户名</label> <input type="text" name="username"> <br> <label for="">密码</label> <input type="text" name="password"> <hr> <button type="submit">提交</button> </form> </p> </body> </html>
In the bbs project directory, create two new script files, index.php and login.php
Edit the index.php file
<?php /** * @author DengPeng <3@dengpeng.cc> * @since 2017/01/03 * @copyright copyright (c) 2017 zixue.it GPL * @license http://www.zixue.it/ */ // BBS站点 // (1)开启Session会话 session_name('taoip'); session_start(); // (2)获取用户名和token进行校验 $username = isset($_COOKIE['username']) ? $_COOKIE['username'] : ''; $token = isset($_COOKIE['token']) ? $_COOKIE['token'] : ''; $salt = 'taoip'; $_token = md5($salt.$username); if ($token != $_token) { header('location: login.php'); exit(); } echo "欢迎{$username}用户,访问BBS站点"; ?>
Edit the login.php file
<?php /** * @author DengPeng <3@dengpeng.cc> * @since 2017/01/03 * @copyright copyright (c) 2017 zixue.it GPL * @license http://www.zixue.it/ */ // BBS站点登陆系统 require '../functions.php'; // (2)验证 yzToken('taoip.cn'); // (1)判断是否登陆,登陆则跳转首页,未登录则去其他站点获取token $url = isset($_GET['url']) ? $_GET['url'] : ''; if (empty($url)) { getToken('http://dengpeng.cc/login.php?url=http://bbs.taoip.cn/login.php'); } // (1)判断用户是否登陆 $bool = isLogin(); $url = isset($_GET['url']) ? $_GET['url'] : ''; if ($bool) { if (empty($url)) { header('location: index.php'); } else { $username = isset($_COOKIE['username']) ? $_COOKIE['username'] : ''; $token = isset($_COOKIE['token']) ? $_COOKIE['token'] : ''; $lurl = $url.'?username='.$username.'&token='.$token; header('location: '.$lurl); } } if (!empty($_POST)) { $username = isset($_POST['username']) ? $_POST['username'] : ''; $password = isset($_POST['password']) ? $_POST['password'] : ''; // 从库中查询用户密码 @$link = mysql_connect('localhost', 'root', ''); mysql_query('use sso', $link); mysql_query('set names utf8', $link); $sql = "select * from users where username = '".$username."'"; $user = mysql_fetch_assoc(mysql_query($sql, $link)); // 校验 $salt = 'taoip'; $_password = md5($salt.$username); // var_dump($user['password'] == $_password); // print_r($user);exit(); if ($user['password'] == $_password) { // 校验成功,开始登陆 setcookie('username', $username, time()+3600, '/', 'taoip.cn'); setcookie('token', $_password, time()+3600, '/', 'taoip.cn'); // 如果URL没有值重定向到首页,否则重定向到URL页面 if (empty($url)) { header('location: index.php'); } else { header('location: '.$lurl); } } } ?> <!DOCTYPE html> <html lang="en"> <head> <meta charset="UTF-8"> <meta name="generator" content="Sublime Text 3114"> <meta name="author" content="3@dengpeng.cc"> <meta name="keywords" content=""> <meta name="description" content=""> <title>BBS站点登陆系统</title> </head> <body> <p class="container"> <h2>bbs.taoip.cn站点登陆系统</h2> <form action="" method="post"> <label for="">用户名</label> <input type="text" name="username"> <br> <label for="">密码</label> <input type="text" name="password"> <hr> <button type="submit">提交</button> </form> </p> </body> </html>
In the blog project directory, create two new script files, index.php and login.php
Edit index.php file
<?php /** * @author DengPeng <3@dengpeng.cc> * @since 2017/01/03 * @copyright copyright (c) 2017 zixue.it GPL * @license http://www.zixue.it/ */ // blog站点 // (1)开启Session会话 session_name('taoip'); session_start(); // (2)获取用户名和token进行校验 $username = isset($_COOKIE['username']) ? $_COOKIE['username'] : ''; $token = isset($_COOKIE['token']) ? $_COOKIE['token'] : ''; $salt = 'taoip'; $_token = md5($salt.$username); if ($token != $_token) { header('location: login.php'); exit(); } echo "欢迎{$username}用户,访问blog站点"; ?> <?php /** * @author DengPeng <3@dengpeng.cc> * @since 2017/01/03 * @copyright copyright (c) 2017 zixue.it GPL * @license http://www.zixue.it/ */ // blog站点 // (1)开启Session会话 session_name('taoip'); session_start(); // (2)获取用户名和token进行校验 $username = isset($_COOKIE['username']) ? $_COOKIE['username'] : ''; $token = isset($_COOKIE['token']) ? $_COOKIE['token'] : ''; $salt = 'taoip'; $_token = md5($salt.$username); if ($token != $_token) { header('location: login.php'); exit(); } echo "欢迎{$username}用户,访问blog站点"; ?>
Edit login.php file
<?php /** * @author DengPeng <3@dengpeng.cc> * @since 2017/01/03 * @copyright copyright (c) 2017 zixue.it GPL * @license http://www.zixue.it/ */ // blog站点登陆系统 require '../functions.php'; // (2)验证 yzToken('dengpeng.cc'); // (1)判断是否登陆,登陆则跳转首页,未登录则去其他站点获取token $url = isset($_GET['url']) ? $_GET['url'] : ''; if (empty($url)) { getToken('http://oa.taoip.cn/login.php?url=http://dengpeng.cc/login.php'); } // (1)判断用户是否登陆 $bool = isLogin(); $url = isset($_GET['url']) ? $_GET['url'] : ''; if ($bool) { if (empty($url)) { header('location: index.php'); } else { $username = isset($_COOKIE['username']) ? $_COOKIE['username'] : ''; $token = isset($_COOKIE['token']) ? $_COOKIE['token'] : ''; $lurl = $url.'?username='.$username.'&token='.$token; header('location: '.$lurl); } } // (3)判断用户是否提交数据 if (!empty($_POST)) { $username = isset($_POST['username']) ? $_POST['username'] : ''; $password = isset($_POST['password']) ? $_POST['password'] : ''; // 从库中查询用户密码 @$link = mysql_connect('localhost', 'root', ''); mysql_query('use sso', $link); mysql_query('set names utf8', $link); $sql = "select * from users where username = '".$username."'"; $user = mysql_fetch_assoc(mysql_query($sql, $link)); // 校验 $salt = 'taoip'; $_password = md5($salt.$username); // var_dump($user['password'] == $_password); // print_r($user);exit(); if ($user['password'] == $_password) { setCook($username, $_password, 'dengpeng.cc'); if (empty($url)) { header('location: index.php'); } else { header('location: '.$lurl); } } } ?> <!DOCTYPE html> <html lang="en"> <head> <meta charset="UTF-8"> <meta name="generator" content="Sublime Text 3114"> <meta name="author" content="3@dengpeng.cc"> <meta name="keywords" content=""> <meta name="description" content=""> <title>blog站点登陆系统</title> </head> <body> <p class="container"> <h2>dengpeng.cc站点登陆系统</h2> <form action="" method="post"> <label for="">用户名</label> <input type="text" name="username"> <br> <label for="">密码</label> <input type="text" name="password"> <hr> <button type="submit">提交</button> </form> </p> </body> </html>
Configuring local virtual host
I think everyone should know the specific configuration steps, so I don’t need to go into details one by one. You only need to follow the reference I gave and configure the configuration corresponding to different domain names. Directory mapping is sufficient.
Domain name/project directory/
oa.taoip.cn /oa/
bbs.taoip.cn /bbs/
dengpeng.cc /blog/
Congratulations, you have completed a simple SSO system
After the configuration is completed, remember to restart the web server. Then you only need to access these three different sites to implement a site Log in, other sites will no longer send login requests.
The above is the entire content of this article, I hope it will be helpful to everyone's study.
Related recommendations:
PHP single sign-on SSO implementation method
Example Explain the principle of SSO single sign-on
##php uses two user-defined key name comparison functions array_udiff_uassoc()
The above is the detailed content of PHP programming SSO detailed introduction and examples. For more information, please follow other related articles on the PHP Chinese website!