Looking for cross-site membership solution/services for my PHP websites_问答_开发者

Looking for cross-site membership solution/services for my PHP websites

开发者 https://www.devze.com 2023-02-07 07:32 出处：网络

My problem set: I develop websites for multiple clients (PHP-based, mostly WordPress). Many of these sites need a login/membership solution for subscription services, etc. Is there some sort of web-based solution, ideally with a RESTful interface, that I could hook into to handle this stuff, instead of implementing on a per-site basis?

Features I seek:

RESTful interface
One master account could handle multiple sets of users from different domains/sites.

NO开发者_如何学GoTES:

OpenID would be the closest example, but I want users to be able to set their credentials from within the given sites.

If this doesn't exist, might you have recommendations on creating such a system hosted on AWS cloud, for example?

Thanks-

You can use OpenID to do that! Google for openID and delegation. You can make any UserID an OpenID. If you allow your Users to use the userid they get on your site as an openid they do not have to register on any eternal open id website.

If you do not want to allow any external id at all you should check out oauth. oauth is an token based cross-site auth system used by many providers including google.

For both there are mature PHP implementations.

I think what you are looking for is called SSO(learned from separate post. Somebody else also asked this question today. But I think you could use OpenID for this just like stackoverflow.com does with there affiliate websites(superuser.com/etcetera). I think the flow looks something like this:

The user logs in to OpenID.
Store the openID in an encrypted cookie(lookup from RESTful server if cookie still valid) so that all your affiliate websites can read it, but the rest of the world can't.
Create a RESTful interface which can be reached by affiliate websites from a server.
When an affiliate website needs more information or to modify information you query the RESTful interface.

What to use to speed up your development:

LightOpenID: In my opinion this is the most lightweight OpenID library I know of. I developed a simple project on github on top of LightOpenId utilizing openid-selector to make an even better openID experience.

I think something like this can be created within an hour.

If all of them were based on Wordpress, this openId plugin for WP could be the solution, or part of it. From the author:

[...]This plugin allows users to login to their local WordPress account using an OpenID, as well as enabling commenters to leave authenticated comments with OpenID. The plugin also includes an OpenID provider, enabling users to login to OpenID-enabled sites using their own personal WordPress account.[...]