How to implement [ single ]?

96 5

management user web site

  • User account url: http://accounts.com
  • User login url: http://accounts.com/login
  • User etc. Url: http://accounts.com/logout.

web site
  • Application 1: http://app1.com
  • Application 2: http://app2.com

implementation scenario
  • Login application 1, jump to http://accounts.com/login for login
  • Login successfully jump response with 1. The address will be followed by a token, for example: http://app1.com/callback?token=xxxx To verify the login.
  • After the application 1 has been viewed, the user enters the application 2 ( the user may enter app2.com 's address access application annex ).
  • At this point, the application 2 is used to determine whether the current user is logged in by means of a "some way".

  • The problem is how to implement 4 in the scene?
    What I now think of is:
  • Synchronous login: like discuz, in the login other applications are logged in, the disadvantage is that after logging in, it's best to wait for a few seconds
  • Use,: although you know how to use, requests, it's difficult to implement, and it's safe to handle problems.

  • I don't know what you've.
    ----------------------- ---------------------------
    The afternoon spent some time on the login of the two groups:
  • google.com and youtube.com
  • taobao.com and etao.com

  • , google.com and youtube.com.
    : not logged in, but browsing on youtube
  • Login google.com through https://accounts.google.com/ServiceLoginAuth Verify user name password
  • Jump to after validation https://accounts.google.com/CheckCookie Check if there are other apps for browsing, such as youtube, then jump again https://accounts.youtube.com/accounts/SetSID Log in
  • Finally, jump back to google.com is home page.

  • : the google.com has been logged in, but didn't browse for youtube
  • Because I was logged on to google.com, I was first able to access the address in the address book directly from the address book.
  • Entering the youtube page shows what I need to log in, so click login.
  • Still jump to https://accounts.google.com/ServiceLoginAuth But without any input, go straight to the yutube home page.

  • , taobao.com and etao.com.
  • No matter whether I'm logged on taobao.com, I'm going to the etao.com home page, first check that cookies are logged on
  • Login: etao.com home page displays login status
  • Jump to http://jump.taobao.com/jump?target=http%3A%2F%2Fwww.etao.com%2F%3Ftbpm%3Dt To check if there's a login in taobao.com.
  • Log back to http://pass.etao.com/add?.. to log back on, after you jump back to the home page, login status is login
  • You aren't logged on to the home page and login status isn't logged in
  • Now you know how to do it, or there are other ways. Talk about it..
9 Answers

139 2

I know there are three ways:

1. Page nesting js requests, like uCenter products.
2. Let the page jump to different application domain names in order to solve the problem of; problem.
3. The same as google, user active request.

The following are detailed:
1. App3, app2, is mounted on uc and the user asks for regedit login and the mixin program is verifying that the code needs to be synchronized at the same time ( below ) to print to the page.

<script type="text/javascript" src="http://app2/api/uc.php?time=132
4695020&code=f97bp%2FyiCrfFF%2B4lIndT1k3PoVk5%2BmVvNJMYiBzq7ssWE8FS
smj7T3jujWyDpKpT2t8vO7o5M19FlzvNdihXMDWqvyoko9C3lkpG%2BQX57zL112gb
GH%2FPwS9YD9A3%2BQVKNFSDzriFOqq9IFWJx6q4x%2Fk%2FMAltJygTiwRZ" 
reload="1"></script>
<script type="text/javascript" src="http://app3/api/uc.php?time=1324
695020&code=2b55qIaEphMxdvEYZJok8GEoDW%2BctvZeWS84LvaH8MHf8AzrRXiLD
ZFIvS4cmUkXAGGeDnSVQ9rsu62iDnSAUSTEdSH2%2Bup5xZFvtgl9KRMEcOLLySih2w
vNL%2BSjRQgqErT5kEK0878zxlhRQn0ypgxXgmoCY3zE87sy" reload="1"></script>

Note that the uc.php requires a macro header.

header('P3P: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"');

2. App3, app2. User requests login, app1 when validation passes the to app2.com ( add a section of js to at the output page ), then jump to app3.com. cookie last jump to app1.com.

<script type="text/javascript" reload="1">window.location.href='app1.com
/loginAuth.phpcode=ctvZeWS84LvaH8MHf8AzrRXiLDZFIvS4cmUkXAGGeDnSVQ9rsu62i
DnSAUSTEdSH2%2Bup5xZFvtgl9KRMEcOLLySih2wvNL%2BSjRQgqErT5kEK0878zxlhRQn0yp
gxXgmoCY3zE87s'';</script>

The downside is that the page has a good time for the user to look, not for multiple applications.

3, google method, the disadvantage is that users have to click on the login button, can't achieve seamless synchronization, the benefits are suitable for multiple

哪一个好, 得看什么要求, 如果不需要做到无缝的同步登录的话, 肯定是使用 Google 的方案!
141 0

I know there are three ways:

1. Page nesting js requests, like uCenter products.
2. Let the page jump to different application domain names in order to solve the problem of; problem.
3. The same as google, user active request.

The following are detailed:
1. App3, app2, is mounted on uc and the user asks for regedit login and the mixin program is verifying that the code needs to be synchronized at the same time ( below ) to print to the page.

<script type="text/javascript" src="http://app2/api/uc.php?time=132
4695020&code=f97bp%2FyiCrfFF%2B4lIndT1k3PoVk5%2BmVvNJMYiBzq7ssWE8FS
smj7T3jujWyDpKpT2t8vO7o5M19FlzvNdihXMDWqvyoko9C3lkpG%2BQX57zL112gb
GH%2FPwS9YD9A3%2BQVKNFSDzriFOqq9IFWJx6q4x%2Fk%2FMAltJygTiwRZ" 
reload="1"></script>
<script type="text/javascript" src="http://app3/api/uc.php?time=1324
695020&code=2b55qIaEphMxdvEYZJok8GEoDW%2BctvZeWS84LvaH8MHf8AzrRXiLD
ZFIvS4cmUkXAGGeDnSVQ9rsu62iDnSAUSTEdSH2%2Bup5xZFvtgl9KRMEcOLLySih2w
vNL%2BSjRQgqErT5kEK0878zxlhRQn0ypgxXgmoCY3zE87sy" reload="1"></script>

Note that the uc.php requires a macro header.

header('P3P: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"');

2. App3, app2. User requests login, app1 when validation passes the to app2.com ( add a section of js to at the output page ), then jump to app3.com. cookie last jump to app1.com.

<script type="text/javascript" reload="1">window.location.href='app1.com
/loginAuth.phpcode=ctvZeWS84LvaH8MHf8AzrRXiLDZFIvS4cmUkXAGGeDnSVQ9rsu62i
DnSAUSTEdSH2%2Bup5xZFvtgl9KRMEcOLLySih2wvNL%2BSjRQgqErT5kEK0878zxlhRQn0yp
gxXgmoCY3zE87s'';</script>

The downside is that the page has a good time for the user to look, not for multiple applications.

3, google method, the disadvantage is that users have to click on the login button, can't achieve seamless synchronization, the benefits are suitable for multiple

哪一个好, 得看什么要求, 如果不需要做到无缝的同步登录的话, 肯定是使用 Google 的方案!
62 3

If it's a web rather than app, iframe is the easiest way to maintain https://www.zhihu.com/question/19779937/answer/16503799.
If you use app, <img/> is replaced.
A bit of soil, but it's really simple.

140 3

If it's a web rather than app, iframe is the easiest way to maintain https://www.zhihu.com/question/19779937/answer/16503799.
If you use app, <img/> is replaced.
A bit of soil, but it's really simple.

84 5

I've a, perfect solution, and when the app is more difficult, it can be a,

Plus script label.

<script src="http://app2.com/callback=<?php echo $token?>".. .

This allows you to log in as well, but you can also see that if your app is more likely to refer to other apps, I say that the address of the app is

82 1

I've a, perfect solution, and when the app is more difficult, it can be a,

Plus script label.

<script src="http://app2.com/callback=<?php echo $token?>".. .

This allows you to log in as well, but you can also see that if your app is more likely to refer to other apps, I say that the address of the app is

...