douyi2664
2016-06-21 22:21
浏览 23
已采纳

限制访问我的App Engine PHP应用程序以获取一组Google帐户?

Is there a way I can restrict access to my App Engine PHP app for only a certain set of Google account holders (who are logged in at the time of course)? The additional requirement is the PHP scripts on my site will be called via AJAX. It's fine for the users not to see a Google login prompt as they are internal users and will know that they are supposed to be already logged in.

Looking at the PHP app.yaml https://cloud.google.com/appengine/docs/php/config/appref#handlers_login and User auth info https://cloud.google.com/appengine/docs/php/users/#choosing_an_authentication_option I wasn't clear how this could be achieved (apart for Admin roles which are too permissive for these users)

Thanks, Alex

图片转代码服务由CSDN问答提供 功能建议

我是否可以限制仅限某些Google帐户持有人访问我的App Engine PHP应用程序( 谁在当然登录?)? 附加要求是我的网站上的PHP脚本将通过AJAX调用。 用户不要看到Google登录提示,因为他们是内部用户并且知道他们应该已经登录了。

查看PHP app.yaml https://cloud.google.com/appengine/docs/php/config/appref #handlers_login 和用户身份信息 https://cloud.google。 com / appengine / docs / php / users /#Selecting_an_authentication_option 我不清楚如何实现这一目标(除了对这些用户来说过于宽松的管理员角色)

谢谢, Alex

  • 写回答
  • 关注问题
  • 收藏
  • 邀请回答

2条回答 默认 最新

  • donglu9978 2016-06-22 10:38
    已采纳

    A very crude/simple solution would be implemented like this:

    In app.yaml, add something like this

    - url: .*
      script: main.php
      login: required
    

    Then in main.php, something like this

    $user = \google\appengine\api\users\UserService::getCurrentUser();
    if($user) {
        if(in_array($user->getEmail(), ['user1@domain.com', 'user2@domain.com'])) {
            // OK, user is allowed
        } else {
            // Logged in, but UNKNOWN user
        }
    } else {
        // User not logged in
    }
    
    已采纳该答案
    打赏 评论
  • duanqiongniu1469 2016-06-22 09:59

    You can easily use oauth to get users email address while authenticating and use that to allow a group of emails to qualify and raise oauthexception for others

    打赏 评论

相关推荐 更多相似问题