• 使用php实现单点登录实例详解


    1.首先准备两个虚拟域名

    127.0.0.1  www.openpoor.com
    
    127.0.0.1  www.myspace.com
    

    2.在openpoor的根目录下创建以下文件

    index.php文件

    <?php  
    session_start();  
    ?>  
    <!DOCTYPE html>  
    <html>  
    <head>  
    <meta charset="UTF-8"/>  
    <title>sync login</title>  
    </head>  
    <body>  
    
    <?php if(empty($_SESSION['username'])):?>  
    hello,游客;请先<a href="login.php">登录</a><a href="http://www.myspace.com/index.php">进入空间</a>  
    <?php else: ?>  
    hello,<?php echo $_SESSION['username']; ?>;<a href="http://www.myspace.com/index.php">进入空间</a>  
    <?php endif; ?>  
      <a href="http://www.openpoor.com/index.php">home</a>  
    </body>  
    </html>  

    login.php文件

    <?php  
    session_start();  
    if(!empty($_POST['username'])){  
      require '../Des.php';  
      $_SESSION['username'] = $_POST['username'];  
      $redirect = 'http://www.openpoor.com/index.php';  
      header('Location:http://www.openpoor.com/sync.php?redirect='.urlencode($redirect).'&code='.Des::encrypt($_POST['username'],'openpoor'));exit;  
    }  
    ?>  
    <!DOCTYPE html>  
    <html>  
    <head>  
    <meta charset="UTF-8"/>  
    <title>sync login</title>  
    </head>  
    <body>  
    <form action="" method="post">  
      <input type="text" name="username" placeholder="用户名"/>  
      <input type="text" name="password" placeholder="密码"/>  
      <input type="submit" value="登录"/>  
    </form>  
    </body>  
    </html> 

    sync.php文件

    <?php  
    $redirect = empty($_GET['redirect']) ? 'www.openpoor.com' : $_GET['redirect'];  
    if(empty($_GET['code'])){    
      header('Loaction:http://'.urldecode($redirect));  
      exit;  
    }  
    
    $apps = array(  
      'www.myspace.com/slogin.php'  
    );  
    ?>  
    <!DOCTYPE html>  
    <html>  
    <head>  
    <meta charset="UTF-8"/>  
    <?php foreach($apps as $v): ?>  
    <script type="text/javascript" src="http://<?php echo $v.'?code='.$_GET['code'] ?>"></script>  
    <?php endforeach; ?>  
    <title>passport</title>  
    </head>  
    <body>  
    <script type="text/javascript">  
    window.οnlοad=function(){  
      location.replace('<?php echo $redirect; ?>');  
    }  
    </script>  
    </body>  
    </html>  

    3.在myspace的根目录下创建如下文件

    slogin文件 完成session的设置

    <?php  
    session_start();  
    header('Content-Type:text/javascript; charset=utf-8');  
    if(!empty($_GET['code'])){  
      require '../Des.php';  
      $username = Des::decrypt($_GET['code'],'openpoor');  
      if(!empty($username)){  
        header('P3P: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"');  
        $_SESSION['username'] = $username;  
      }  
    }  
    ?>  

    index.php

    <?php  
    session_start();  
    if(!empty($_SESSION['username']))  
    {  
        echo "欢迎来到".$_SESSION['username']."的空间";  
    }else{  
        echo "请先登录";  
    }  
    ?>  

    4.Des.php的文件内容如下

    <?php  
    /** 
     *@see Yii CSecurityManager; 
     */  
    class Des{  
    
      public static function encrypt($data,$key){  
          $module=mcrypt_module_open('des','', MCRYPT_MODE_CBC,'');  
          $key=substr(md5($key),0,mcrypt_enc_get_key_size($module));  
          srand();  
          $iv=mcrypt_create_iv(mcrypt_enc_get_iv_size($module), MCRYPT_RAND);  
          mcrypt_generic_init($module,$key,$iv);  
          $encrypted=$iv.mcrypt_generic($module,$data);  
          mcrypt_generic_deinit($module);  
          mcrypt_module_close($module);  
          return md5($data).'_'.base64_encode($encrypted);  
      }  
    
      public static function decrypt($data,$key){      
          $_data = explode('_',$data,2);  
          if(count($_data)<2){  
        return false;  
          }  
          $data = base64_decode($_data[1]);        
          $module=mcrypt_module_open('des','', MCRYPT_MODE_CBC,'');  
          $key=substr(md5($key),0,mcrypt_enc_get_key_size($module));  
          $ivSize=mcrypt_enc_get_iv_size($module);  
          $iv=substr($data,0,$ivSize);  
          mcrypt_generic_init($module,$key,$iv);  
          $decrypted=mdecrypt_generic($module,substr($data,$ivSize,strlen($data)));  
          mcrypt_generic_deinit($module);  
          mcrypt_module_close($module);  
          $decrypted = rtrim($decrypted,"\0");         
          if($_data[0]!=md5($decrypted)){  
        return false;  
          }  
          return $decrypted;  
      }  
    
    }  
    ?>  

    当在openpoor登录后将session信息传到其他域名下的文件下进行处理,以script标签包含的形式进行运行。


    5.此时访问www.openpoor.com和www.myspace.com都是未登录状态

    登录后两个域名下都是登录状态

    到此我们实现了一个简单的单点登录。

    https://mp.weixin.qq.com/s/4h_SA1TUR7hJWO1MSS2jtg

  • 相关阅读:
    史上最全最强SpringMVC详细示例实战教程
    使用Mapper专用的MyBatis Generator插件
    list集合为空或为null的区别
    Hibernate三大类查询总结
    mybatis深入理解之 # 与 $ 区别以及 sql 预编译
    Hibernate 中Criteria Query查询详解【转】
    mybatis example使用 and和or联合查询(转)
    mybatis中的mapper接口文件以及example类的实例函数以及详解
    iOS安全攻防之越狱设备检测
    iOS安全攻防之阻止GDB依附
  • 原文地址:https://www.cnblogs.com/lxwphp/p/15453979.html
Copyright © 2020-2023  润新知