{var%20f='http://v.t.sina.com.cn/share/share.php?appkey=1515056452',u=z||d.location,p=['&url=',e(u),'&title=',e(t||d.title),'&source=',e(r),'&sourceUrl=',e(l),'&content=',c||'gb2312','&pic=',e(p||'')].join('');function%20a(){if(!window.open([f,p].join(''),'mb',['toolbar=0,status=0,resizable=1,width=440,height=430,left=',(s.width-440)/2,',top=',(s.height-430)/2].join('')))u.href=[f,p].join('');};if(/Firefox/.test(navigator.userAgent))setTimeout(a,0);else%20a();})(screen,document,encodeURIComponent,'','','https://www.manongdao.com/data/attach/logo/logo.png', '推荐 We Are One 的问题《single sign on (sso) laravel》','https://www.manongdao.com/q-1320725.html','页面编码gb2312|utf-8默认gb2312'));){kind=link}
I have three different laravel websites, I want to make user sign in at one website then he will be automatically logged in to the other two websites. eg. if you logged in at your stackoverflow then open stackexchange you will be logged in with StackOverflow account. I have tried many packages but they end with infinite exceptions or they simply not working. Most of the packages based on SAML, I have no idea why it did not work with me? I do not know what I miss? Is there any config for this to work? I am using laravel 5.6. All the apps are on the same server.
I have tried many solutions based on SAML, OpenID and share session, but all of them did not work with me. I do not know if I miss something. this is the last example I tried and it did not work
this is my code
SITE A
$site_b = 'http://s_sesstion_2.test/';
Route::get('/', function (Request $request) use ($site_b) {
$session_id = Session::getId();
try {
$http = new Client();
$response = $http->post($site_b . 'api/sessions/server', [
'form_params' => [
'session_id' => $session_id,
],
'headers' => [
'Accept' => 'application/json',
]
]);
} catch (Exception $e) {
dd($e->getMessage());
}
return view('welcome');
});
SITE B (route/api.php)
Route::post('/sessions/server', function (Request $request) {
Storage::disk('local')->put('file.txt', $request->get('session_id'));
});
SITE B (route/web.php)
Route::get('/', function () {
$session_id = Storage::disk('local')->get('file.txt');
Session::setId($session_id);
Session::start();
//return Session::getId();// will return the same session id
return \auth()->user();//this should return the auth user but it did not!!
});
All I want is to sign in at site A then open site B I will be signed in. I will accept any solution achieve that purpose
I implemented an SSO solution without using SAML. I'll share my solution here, hope it helps.
Single Sign On
One application runs as the main authentication server at
auth.domain. Other applications run in different domainsapp1.domain,app2.domain, ...Every user is linked with SSO tokens. These tokens have very short expiration times. All authentication processes (signing in, resetting passwords, registering, ...) happen only in
auth.domainapplication.When a user visits any applications, for example,
app-1.domain:auth.domain/login.auth.domainremember me cookie to the response.app-1.domain/sso/{sso_token}.app-1.domainapplication read the database. If the SSO token is valid and does not expire, find the user associated to that token.app-1.domainauthenticates the user found in the previous step withAuth::login($user)method.app-1.domainclear the received SSO token from the database.After this step, the user is authenticated to
app-1.domain.Session sharing
All shared session variables should be saved to databases. I implemented a new session driver:
If your both applications share the same databases then you can follow the approach :
-> In your database , create a default session id that will be marked as false initially
-> Now as soon as user login to any of the site, generate a new hash and replace it with the default value.
optionally
-> You can also save the hash on browser local storage with hash as a key and null as value.
-> Now when user is logging into/switching to any of the site, check that hash -> If the hash matches the default, show the login page else show the profile page.
My answer is valid only if you are using common database for login else you need mapping for this.
Alternatively you can use cookies to store hash and can access them in cross domain. Can find example at Cross-Domain Cookies By @ludovic