I have implement SOS concept between two php application. it application it available different domain like one is www.example.com and another is www.test.com.
My required following condition.
1.When user is login any appplication to login this user with check user name and password into mysql database table
2.After login any application username and password is not required/reenter user can directly login this application similar to Google.
3.When user logout at time both application can be logout.
-->my first application can be created Yii framework and another is moodle
please give idea to implement this concept in my both application
Related
I have two laravel applications. 1 as a client(www.myclient.com) and another laravel app(www.myserver.com) and I would like to build the following case.
When user wants to login on www.myclient.com he gets redirected to www.myserver.com and there on a page he writes the username and password he have with www.myserver.com and once he is successfully logged in he gets redirected back to www.myclient.com where is now also logged.
I've been reading this guide: https://blog.logrocket.com/laravel-passport-a-tutorial-and-example-build/
However there are only API requests in the end of the guide, there is no redirect of the user to the server app to provide the username and password directly on the server's page. I don't want to send username and password over the API.
Am I even looking correctly by trying to achieve such functionality with OAuth2?
Basically I would like to achieve functionality LIKE "Login with Facebook" where you get redirected and you fill your login data there.
Can you suggest any other approach or guide?
Note: There is no code to show or prove it, we just need a methodology to solve the problem before implementing the code to our code base.
We have more than one user for our fashion web (laravel app)
Guest (does not matter to this issue)
User (Fashion lovers/Customers/Clients)
Tailors (Fashion designers new/existing accounts in the platform)
The users(customers) can login and register to their application without no problem but our problem is how can we filter the two users(customers/tailors) such that when a user (tailor) logins to www.app.dev/tailor#dashboard (without access) it redirects to (www.app.dev/login) and when the user is a tailor it takes the user to tailors login page instead the user (customers) login, Do you understand me??
check for following stackoverflow questions
Can anyone explain Laravel 5.2 Multi Auth with example
How to use multi Auth in laravel 5.2
Multiple auth user types in Laravel 5
I created a website , this website has a backend with the usual login / logout, my website also has this feature for the registered clients, however Yii is taking the same user for the website and for the backend.
If I sign out from the backend it also sign me out from the website, how can I have multiple users so this won't happen?
You just assign roles to users. Then you do RBAC and let those qualified (admin group) to have access to the backend, while clients not.
If you are authenticating with Yii, that authenticated user will be the current user everywhere in Yii until you log out and someone else does.
I have been given a task for implementing "User authentication through Google Apps account", in our custom php web application. User should be able to login both directly, or using google account.
I am trying to use openID for this. I have read about openID and found following:
In our existing users table, we will add an other field 'openid_identity'. While login, we will send Google login and password to Google and get response. From response, we will get user's identity and then by matching it with the identity in database, we can get user details.
One thing that is not clear:
In our application, admins can create users. Users can then login with their email (like john#myapp.com) and password.
Initially, before using Google sign in, our user's table 'openid_identity' field will be empty. How can we handle OpenID login for first time? What do we show to user? A 'signup with Google' page? If user signs up with their Google mail (like 'john#gmail.com'), how can we know which user he is, from users table?
I'd suggest to implement another table to handle external login methods instead of adding a field to your current users table. This "one to many" relationship will help to make your application more flexible: one day you might be asked to add support for Twitter, Github, Facebook login too.
I guess that you are planning to modify your login form to present different login methods, let's say the classic login form and a "Login with Google" button.
Then I think you should plan this case: when the user authenticates with Google, the Google Api will return the user's email and you'll check the external login table to see if the record is already there.
If there is no record you start the user subscription process as usual but you can pre-fill user's data with what you've got from Google. You'll save both the record in the external login table and in your common users table keeping them related.
If the record is already there then you'll consider the user as authorized. You will have to adjust a little your current authentication process.
Talking about flexibility, eventually, while you write your code, you can take in consideration the idea to allow each user to authenticate with more than one account and more than one external service.
I also would consider to use this composer package https://packagist.org/packages/google/apiclient to deal with Google's Apis
I am writing an application in CodeIgniter and I have concluded that it's best to write two applications. One for back office and one for client use.
I would like to have just one login screen. It will be in the back office application but if a client user logs in then I want to redirect to the client app and create a session there. The database user table stores the user type i.e. client or admin.
I have come up with the following solution. As I want to this the correct way I said i'd run it by you guys to see what ye think.
User logs into admin CI app.
Admin CI app verifies user and determines type. If admin then go ahead and create session etc.
If the user is a client then MD5(user_ip+timestamp OR make a secure token some other way) and store in a token field (user_table) in DB.
redirect the user to the client admin via a login page. The paramters would be the token and username. The login function would then go to that user in the database and verify the token.
On successful authorization of token the CI client app would start a session and let the user in.
This seems like a very long winded method. Ideally there would be a way to start a session for one CI app from another?
Any ideas?
Thanks.
Once you've verified admin or client, I would use the CodeIgniter session class with the ci_sessions table in your database.
http://codeigniter.com/user_guide/libraries/sessions.html
Then to distinguish users from client or employee add a variable to the session.
$this->session->set_userdata('user_type', 'client');
Then just use that if ever you need it.
I would go about making 2 applications under HMVC (Hierarchical-Model-View-Controller) framework.
HMVC CodeIgniter Tutorial
Then you can go about using same sessions under multiple applications, as well as use the same models for user management, etc..
HMVC helps you modularize your applications, thus if you want to add more applications in the future, you can easily do that, passing over same sessions and such.
I answered your question in a bigger scope, one central login with 2 apps, best should be done with HMVC.
:)
Might wanna check out BackEndPro for CodeIgniter, could save you a lot of time.
Includes:
User Authentication with registration & account activation
User Permissions by using ACL (Access Control Lists)
Admin GUI backend for editing Site-wide Preferences
Built on Matchbox (for Modular development)
Asset Library (optimize, cache, and load JS & CSS)
ReCAPTCHA
Status messages (info/success/warning/error messages for the user)