Multi-domain synchronous login, single sign-on SSO
[Multiple domain names + 1 login domain name. After the login is successful, other multiple domain names are assigned the SESSION value, which realizes the simultaneous login of multiple domain names. Same thing for logging out! 】
session_start();//Here will create a cookie named by default: PHPSESSID
//Single sign-on interface, sending synchronous login data to other domain names.
if(isset($_SESSION['a']) && $_SERVER['HTTP_HOST'] =='www.a.com')
//[--------------Method 1----------] Only applicable to all subdomains of the current domain name.Just set the domain parameter
//Here you can save the value of the cookie in the database table.When the user requests each time, whether there is the ck_a_value in the query table, if there is, it is considered as the login state.
//[--------------The second method----------] Using iframe, this method has a wider range.Can be applied to other domain names.
$_SESSION['a'] = $_GET['ssid'];
Suppose you have three different domain names, a.com, b.com, http://c.com, and use one of them as the real login entrance.All logins initiated under all domain names will be redirected to this node.Let’s assume Select http://a.com/login.php as the unified login node.For the convenience of explanation, call http://a.com the master node, and the rest are called slave nodes. Suppose now that a login request is sent from any site, it will eventually be taken to http://a.com/login.php?from=b.com&sfkey=xxxxxx, and the user enters the login information.Assuming the login is successful, a successful login intermediate page will be returned.In this page, include the following html code width="0" height="0" src="https://b.com/sso.php?sessid=xxxxxxxxxxxx&sfkey=xxxxxxxxxxx">> width="0" height=" 0" src="https://c.com/sso.php?sessid=xxxxxxxxxxxx&sfkey=xxxxxxxxxxx">>sessid is the session ID after successful login, sfkey is a security code, these two strings are tied in login.php Set to the currently logged-in user record. At this time, http://a.com has actually logged in and obtained the PHPSESSID cookie. The function of the two iframes is to immediately synchronize the obtained session id to the slave node.After obtaining the sessid and sfkey from the sso.php of the node, first check whether the pairing exists, and if it exists, immediately set the sessid value to the current session idsession_id ($_GET['sessid']); // Use the session id session_start() generated by a.com; After the sso.php request is completed, the two sites b.com and c.com have obtained the sum a. PHPSESSID cookie like com; This page will redirect the user back to the page from which they came (remembered when they arrive at login.php).After the redirection is completed, the user has completed synchronous login on all websites. http://a.com uses the encrypted sessid= sessid in xxxxxx when sending iframe requests.After obtaining the ciphertext from the node’s sso.php, decrypt it to obtain the real session id.You can use a separate domain name as the login master node.For example, http://login.x.com, instead of any one of abc, http://login.x.com does and only serves as a login service.