doucong8553 2014-10-13 11:30
浏览 59

自定义PHP应用程序中的OpenID实现

I have been given a task for implementing "User authentication through Google Apps account", in our custom php web application. User should be able to login both directly, or using google account.

I am trying to use openID for this. I have read about openID and found following:

In our existing users table, we will add an other field 'openid_identity'. While login, we will send Google login and password to Google and get response. From response, we will get user's identity and then by matching it with the identity in database, we can get user details.

One thing that is not clear:

In our application, admins can create users. Users can then login with their email (like john@myapp.com) and password.

Initially, before using Google sign in, our user's table 'openid_identity' field will be empty. How can we handle OpenID login for first time? What do we show to user? A 'signup with Google' page? If user signs up with their Google mail (like 'john@gmail.com'), how can we know which user he is, from users table?

  • 写回答

1条回答 默认 最新

  • dqf2015 2014-10-13 17:05
    关注

    I'd suggest to implement another table to handle external login methods instead of adding a field to your current users table. This "one to many" relationship will help to make your application more flexible: one day you might be asked to add support for Twitter, Github, Facebook login too.

    I guess that you are planning to modify your login form to present different login methods, let's say the classic login form and a "Login with Google" button.

    Then I think you should plan this case: when the user authenticates with Google, the Google Api will return the user's email and you'll check the external login table to see if the record is already there.

    If there is no record you start the user subscription process as usual but you can pre-fill user's data with what you've got from Google. You'll save both the record in the external login table and in your common users table keeping them related.

    If the record is already there then you'll consider the user as authorized. You will have to adjust a little your current authentication process.

    Talking about flexibility, eventually, while you write your code, you can take in consideration the idea to allow each user to authenticate with more than one account and more than one external service.

    I also would consider to use this composer package https://packagist.org/packages/google/apiclient to deal with Google's Apis

    评论

报告相同问题?

  • php 自定义菜单 openid,微信自定义菜单链接网页获取openid
    2021-04-18 08:11
    独识的博客 用户点击view类型按钮后,微信客户端将会打开开发者在按钮填写的url值(即网页链接),达到打开网页的目的,但是view不能获取用户的openid,需与网页授权获取用户基本信息接口结合使用,获得用户的登入个人信息。...
  • PHP后台实现微信小程序登录
    2020-10-18 06:56
    小程序的用户量巨大,许多开发者选择通过小程序来构建轻量级的应用服务。微信小程序的开发涉及到前端和后端的交互,其,登录功能是用户使用小程序的第一步,也是安全、数据交互的基础。本文将详细介绍如何使用PHP...
  • 自定义修改QQ在线状态_QQ_php_
    2021-10-03 08:43
    在本文,我们将深入探讨如何使用PHP编程语言来实现自定义修改QQ在线状态的功能。QQ作为国最流行的即时通讯工具之一,提供了丰富的API接口供开发者使用。PHP是一种广泛应用于Web开发的服务器端脚本语言,它能很好...
  • php 自定义菜单 openid,微信公众平台开发(99) 自定义菜单获取OpenID
    2021-04-26 13:10
    weixin_39614521的博客 在这篇微信公众平台开发教程,我们将介绍如何在自定义菜单获得用户的OpenID。本篇开发教程的实质是微信自定义菜单及OAuth2.0授权的灵活运用。本文分为以下两个部分:拥有高级接口权限时的获取(基于view事...
  • php对接微信小程序获取openid
    2019-10-20 14:04
    PHPKHL的博客 获取微信小程序openid获取微信小程序的openid代码生成一个适合你的列表创建一个表格设定内容居、居左、居右SmartyPants创建一个自定义列表如何创建一个注脚注释也是必不可少的KaTeX数学公式新的甘特图功能,丰富你...
  • PHP实现微信小程序在线支付功能(代码实例)
    2020-12-20 01:01
    在本文,我们将深入探讨如何使用PHP实现微信小程序的在线支付功能。首先,我们需要了解一些基本概念和技术背景。 1. **微信小程序支付流程**: 微信小程序在线支付涉及的主要流程包括: - 用户在小程序选择...
  • 微信小程序实现红包功能(后端PHP实现逻辑)
    2020-10-18 09:38
    在微信小程序的前端实现,用户可以通过点击“领红包”按钮触发相关的JavaScript函数,与后端PHP服务进行通信。在微信小程序的wxml代码,需要展示领红包按钮和相关提示信息。此外,前端代码还应该处理各种状态,...
  • PHP实现微信提现功能
    2020-10-17 22:25
    在本文,我们将深入探讨如何使用PHP实现微信提现功能,即企业付款到用户零钱。这个功能在很多在线业务都有应用,如电商平台、金融系统等,它允许用户将账户余额提取到微信钱包。 首先,要实现这个功能,我们...
  • active-directory-b2c-php-webapp-openidconnect:一个PHP Web应用程序,使用OpenID Connect通过Azure AD B2C对用户进行身份验证
    2021-02-06 03:59
    本项目是"active-directory-b2c-php-webapp-openidconnect",它是一个基于PHP的Web应用程序,专门设计用于实现用户身份验证,利用Azure Active Directory B2C(Azure AD B2C)服务和OpenID Connect协议。Azure AD ...
  • 公众号php关键词回复小程序,微信自定义关键词回复信息
    2021-04-22 19:24
    weixin_29452603的博客 在微信公众号里输入指定关键词返回指定的内容信息,主要应用于微信定制内容回复、自定义菜单推送事件、智能客服回复、微号帮功能关联等。>>点击查看操作步骤功能细节描述:1、支持回复文本信息、单图文、图片...
  • 没有解决我的问题, 去提问