Single sign-on system [closed]

2

How to create a unique login system in PHP ? Give access to multiple sites for the user, without having to log in to each site. Like Google, with a single login, you use Google and YouTube.

    
asked by anonymous 28.07.2016 / 01:05

1 answer

1

Any session created, by default a cookie is created in the browser named PHPSESSID , which is the name of the session (in hash) created by your code in the temporary folder of the server.

You can access this cookie by using session_get_cookie_params() before session_start() which will show some parameters:

Array
(
[lifetime] => 0 
[path] => /
[domain] => 
[secure] => 
[httponly] => 
)

[lifetime] => 0 indicates that when the browser is closed the cookie will disappear and so the session will be closed.

Thinking in this way, in which whenever a session is opened a cookie is created. I do not see why not to use cookies for this case:

  • Create a cookie with a defined name so that other sites can access.
  • Make the cookie value a token (hash) that you create whenever the user logs in to one of the participating sites.
  • This hash is saved in the database that all participating sites have access to.
  • Check the db (user / key / cookie) each time he accesses anything on any of the sites to verify the identity of this user or log in automatically. You can use ip from the machine too.

So it will only log in to any of the sites.

Of course there is a whole security involved that you will have to accomplish.

I hope I have helped.

Hugs!

    
28.07.2016 / 18:02