|
|
本帖最后由 Test 于 2014-3-26 14:05 编辑
Nowadays every website authenticating a user using some of the greatest trusty third party websites like Google, yahoo or some of the social networks. Today we are learning how to authenticate a user using his Yahoo account. By using third party login we make user feel happy by avoiding filling a registration form. So just start with a simple illustration.
The Basic work flow
Little Description
1. If user want to login with his yahoo account he is redirected to yahoo login page from our website for authentication.
2. After successful login yahoo issues user data along with his GUID (Globally Unique Identifier) to our website.
3. We are identifying a user using his GUID in our database. In third step we need to check our database for existence of GUID if it is present the user is old user and display his account. If GUID is not present insert a new record and allot new privileges for him by creating a new account.
4. Display user account with his data.
In order to start working with Yahoo SDK you need to register a web application and get the Application ID, Consumer keys.
1. Creating a new Application
a) Register a new application
b) Get the Application ID, Consumer Key and Consumer Secret.
After getting the Keys for your application next step is to Create a Table for the users.
2. Designing the Database
Create a table for the users with the fields uid, oauth_vendor, oauth_id, name
- CREATE TABLE users(
- uid INT(11) PRIMARY KEY AUTO_INCREMENT,
- oauth_vendor VARCHAR(15),
- oauth_id varchar(50),
- name VARCHAR(30)
- );
3. User authentication and Storing User GUID
yahoo_connect.php
- <?php
- // Include the YOS library.
- require 'lib/Yahoo.inc';
- include 'db_config.php';
- session_start();
- define('OAUTH_CONSUMER_KEY', 'your_consumer_key'); // Place Yoru Consumer Key here
- define('OAUTH_CONSUMER_SECRET', 'your_consumer_secret'); // Place your Consumer Secret
- define('OAUTH_APP_ID', 'your_app_id'); // Place Your App ID here
- // If user clicks on LOGIN button
- if (array_key_exists("login", $_GET))
- {
- $session = YahooSession::requireSession(OAUTH_CONSUMER_KEY, OAUTH_CONSUMER_SECRET, OAUTH_APP_ID);
- if (is_object($session))
- {
- $user = $session->getSessionedUser();
- $profile = $user->getProfile();
- $name = $profile->nickname; // Getting user name
- $guid = $profile->guid; // Getting Yahoo ID
- //Retriving the user
- $query = mysql_query("SELECT guid,name from yahoo_users where guid = '$guid' and oauth_type = 'yahoo'") or die (mysql_error());
- $result = mysql_fetch_array($query);
- if (empty($result))
- {
- // user not present in Database. Store a new user and Create new account for him
- $query = mysql_query("INSERT INTO yahoo_users(oauth_type, guid, name) VALUES('yahoo', '$guid', '$name')");
- $query = mysql_query("SELECT guid,name from yahoo_users where guid = '$guid' and oauth_type = 'yahoo'");
- $result = mysql_fetch_array($query);
- }
- // Creating session variable for User
- $_SESSION['login'] = true;
- $_SESSION['name'] = $result['name'];
- $_SESSION['guid'] = $result['guid'];
- $_SESSION['oauth_provider'] = 'yahoo';
- }
- }
- // If user clicks on LOGOUT button
- if (array_key_exists("logout", $_GET)) {
- // User logging out and Clearing all Session data
- YahooSession::clearSession();
- unset ($_SESSION['login']);
- unset($_SESSION['name']);
- unset($_SESSION['guid']);
- unset($_SESSION['oauth_provider']); // After logout Redirection here
- header("Location: index.php");
- }
- ?>
Login Page
login.php
- <?php
- include 'yahoo_connect.php';
- ?>
- <!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01//EN">
- <html>
- <head>
- <title>Yahoo Authentication</title>
- </head>
- <body>
- <?php
- if ($_SESSION['login'] == true)
- {
- echo '<br/><a href="?logout"><img src="images/logout_btn.png" alt="Yahoo Logout"/></a>';
- }
- else
- {
- echo '<a href="?login"><img src="images/login_btn.png" alt="Yahoo Login"/></a>';
- }
- ?>
- </body>
- </html>
|
|
窥视卡
雷达卡
发表于 2014-3-26 14:02:23
提升卡
置顶卡
沉默卡
喧嚣卡
变色卡
抢沙发
千斤顶
显身卡