There are two websites, a.com and b.com. After logging into the website a.com, you will automatically log in to b.com, and vice versa. In short, the login and logout status of the two websites remain synchronized.
In addition, in addition to a.com and b.com, there are countless websites with the same different domain names that need to synchronize their login status.
For example, in the Duoshuo comment system, after logging in once, you can log in on other websites that use Duoshuo without having to log in. How is this done?
我想大声告诉你2017-05-19 10:12:39
SSO(single sign on)
The situation you mentioned can be solved by the above solution. There are many ways to implement this solution. You can check it out.
I will also give you a simple example:
When you log in to a website,
1) He obtained your username and password and sent them to the background
2) After passing the verification, an encrypted authentication character oauth will be generated by the backend
3) Then send a message to the front desk saying that you have successfully logged in, and then use the background script to insert relevant authentication information into a series of specified domain names.
In this way, although you are only logged in under one domain name, your authentication information will also be available under other domain names. Of course, the above is just one implementation plan, there are others
The implementation method is quite different from this.
淡淡烟草味2017-05-19 10:12:39
All browser state saving methods are saved by domain. Taking cookies as an example, assume you want to be in the a.com使用b.com的授权登录,当你登录的时候调用了oauth,那么其实你是跳转到b.com进行登录的,那么你的浏览器就会保存b.com登录状态。那么当你在c.com登录的时候,你的浏览器已经保存了b.com的登录状态,那么自然就可以自动登录了。当然,a.com和c.com在浏览器中是无法获取到b.com state.
伊谢尔伦2017-05-19 10:12:39
Let me give you a few keywords, single sign-on, document.cookie domain (of course there are other methods.)
仅有的幸福2017-05-19 10:12:39
There is a resource below, you can check it out, https://m.toutiao.com/group/6...
