esyede/sso
Composer 安装命令:
composer require esyede/sso
包简介
Simple PHP SSO package for Laravel
README 文档
README
Simple PHP SINGLE Sign-On package for Laravel
Requirements
- Laravel 10x
- PHP >=8.1
Words meanings
- SSO - Single Sign-On.
- Server - page which works as SSO server, handles authentications, stores all sessions data.
- Broker - your page which is used visited by clients/users.
- Client/User - your every visitor.
How it works?
Client visits Broker and unique token is generated. When new token is generated we need to attach Client session to his session in Broker so he will be redirected to Server and back to Broker at this moment new session in Server will be created and associated with Client session in Broker's page. When Client visits other Broker same steps will be done except that when Client will be redirected to Server he already use his old session and same session id which associated with Broker#1.
Installation
Server
Install this package using composer.
composer require esyede/sso
Copy config file to Laravel project config/ folder.
php artisan vendor:publish --provider="Esyede\SSO\SSOServiceProvider"
Create table where all brokers will be saved.
php artisan migrate --path=vendor/esyede/sso/database/migrations
Edit app/Http/Kernel.php by removing throttle middleware and adding sessions middleware to api middlewares array.
It's necessary because we need sessions to work in API routes and throttle middleware can block connections that we need.
'api' => [ // .. \Illuminate\Routing\Middleware\SubtituteBindings::class \Illuminate\Session\Middleware\StartSession::class, ],
Now you should create brokers. You can create new broker using following Artisan CLI command:
$ php artisan sso:broker-create {name}
Note: Broker names should NOT contains non-alphanumeric characters.
Broker
Install this package using composer.
$ composer require esyede/sso
Copy config file to Laravel project config/ folder.
$ php artisan vendor:publish --provider="Esyede\SSO\SSOServiceProvider"
Change type value in config/sso.php file from server to broker.
If want to use relationship when returning data, set options SSO_WITH_RELATIONSHIP = true,
and set relation_name in config/ to relationship name in Server's User Model.
Set 3 new options in your .env file:
SSO_SERVER_URL= SSO_BROKER_NAME= SSO_BROKER_SECRET=
SSO_SERVER_URL is your server's http url without trailing slash. SSO_BROKER_NAME
and SSO_BROKER_SECRET must be data which exists in your server's brokers table.
Edit your app/Http/Kernel.php by adding \Esyede\SSO\Middleware\SSOAutoLogin::class middleware
to web middleware group. It should look like this:
protected $middlewareGroups = [ 'web' => [ // ... \Esyede\SSO\Middleware\SSOAutoLogin::class, ], 'api' => [ // ... ], ];
Last but not least, you need to edit app/Http/Controllers/Auth/LoginController.php.
You should add two functions into LoginController class which will authenticate your client
through SSO server but not your Broker page.
protected function attemptLogin(Request $request) { $credentials = $this->credentials($request); return (new \Esyede\SSO\LaravelSSOBroker)->login($credentials['phone'], $credentials['password']); } public function logout(Request $request) { (new \Esyede\SSO\LaravelSSOBroker)->logout(); $this->guard()->logout(); $request->session()->invalidate(); return redirect('/'); }
That's all. For other Broker pages you should repeat everything from the beginning just changing your Broker name and secret in configuration file.
Example .env options:
SSO_SERVER_URL=https://server.test SSO_BROKER_NAME=site1 SSO_BROKER_SECRET=892asjdajsdksja74jh38kljk2929023
Multiple mode
you can use the multiple mode by using like this:
you must use the newest version to use this feature.
- In
serverandclient's config filesso.phpmulti_enabledoption must be true:
'multi_enabled' => env('SSO_MULTI_ENABLED', false),
in .env file:
SSO_MULTI_ENABLED=true
when multi_enabled is true you can use the multi mode.
- In
LoginController.phpyou need rewrite the functionattemptLogin
protected function attemptLogin(Request $request) { $broker = new LaravelSSOBroker(); $credentials = $this->credentials($request); // this is your own field. $loginKey = $request->input('login_key', ''); return $broker->handleLogin($credentials[$this->username()], $credentials['password'], $loginKey); }
- your blade/js send the request with params:
login_key //your login key
username //your login key value
password // your login key password
or you can change the name of login_key to other key name like login_name
then you need to change the loginKey's name in attemptLogin function like this:
protected function attemptLogin(Request $request) { $broker = new LaravelSSOBroker(); $credentials = $this->credentials($request); // this is your own field. $loginKey = $request->input('login_name', ''); return $broker->handleLogin($credentials[$this->username()], $credentials['password'], $loginKey); }
In sso it will send a request like this:
$this->userInfo = $this->makeRequest('POST', 'loginMulti', [ $key => $keyValue, 'password' => $password, 'key' => $key ]);
And your own key login_key 's value will be used for authentication.
esyede/sso 适用场景与选型建议
esyede/sso 是一款 基于 PHP 开发的 Composer 扩展包,目前已累计 16 次下载、GitHub Stars 达 1, 最近一次更新时间为 2023 年 05 月 08 日, 在 PHP 生态内属于活跃度较高的组件。
它主要适用于以下技术方向: 「Authentication」 「login」 「SSO」 「laravel」 等业务场景。在实际项目中,围绕这些方向常见需要落地的问题包括:接口对接、性能调优、并发安全、与既有框架(Laravel / ThinkPHP / Yii / Webman 等)的兼容适配,以及生产环境的日志埋点与稳定性保障。
我们在过去多个企业项目中使用过 esyede/sso 或与其功能相近的方案,如果你在选型或落地过程中遇到问题,例如 版本兼容、二次改造、私有化封装、与内部系统对接、生产 BUG 排查,欢迎联系我们协助评估。
基于 esyede/sso 在你已有业务上做功能扩展、字段裁剪、UI 适配、与内部账号 / 权限 / 日志系统的深度对接。
线上偶发问题、内存泄漏、慢查询、并发异常等排查修复;针对高流量场景做缓存、队列、索引层面的调优。
承接完整的项目从需求 → 设计 → 开发 → 上线 → 长期运维;也可按月提供技术保姆服务。
与 esyede/sso 相关的其它包
同方向 / 同关键字的高下载量 PHP Composer 包推荐,方便对比选型:
WeChat OAuth SDK
Automatically logs-in users if they are already authenticated by a remote source. (e.g. environment variable REMOTE_USER)
GraphQL authentication for your headless Craft CMS applications.
Debugging a problem and need to login as one of your customers? This allows you to authenticate as any of your customers.
Laravel middleware to restrict a site or specific routes using HTTP basic authentication
Email Toolkit Plugin for CakePHP
统计信息
- 总下载量: 16
- 月度下载量: 0
- 日度下载量: 0
- 收藏数: 1
- 点击次数: 13
- 依赖项目数: 0
- 推荐数: 0
其他信息
- 授权协议: MIT
- 更新时间: 2023-05-08