I want to build a login system with javascript and PHP, that will let users use existing accounts to login to my site.
They should be able to use at least these accounts...
- Yahoo
- OpenID
plus option to create an account on my site if they don't have a login above.
I have seen all these services below which offer what I am wanting to do,
- http://www.janrain.com/products/engage
- http://www.gigya.com/socia开发者_运维知识库l-login/
- http://www.loginradius.com/loginradius/demo.aspx
- http://www.lanoba.com/
I would like to build this myself or use some open source project. In other words, I do not want a 3rd party to handle this like the sites above.
So does anyone know if an open source project exists that can handle this, or point me in the direction on how I should create this? (I can do PHP and javascript, so asking more about the design theory/project flow, more than how to code it)
I am aware that there might be similar questions, but I have not found what I am looking for.
It's not so simple, unfortunately. I don't know any existing library, so here are some thoughts about what would need to be done. I'm going to assume that you want to create an open source project -- if that's wrong, ignore the parts concerning other possible users of your project.
Protocols
Both Google and Yahoo are OpenID providers, so you easily have three points off your list. I recommend LightOpenID for that. (disclamer: I wrote LightOpenID)
Twitter and Facebook use OAuth, so you need to find a suitable library that supports it.
Interface
You probably want to have a unified login interface for all the methods. For that, extending OpenID Selector might be a good idea.
Database storage
That's the hardest part. You'll have to store the authentication data in some sort of database. Many people will want to use mysql, some postgresql, and some may even want to store them in text files. Even if you decide to use only MySQL, there are a lot of adapters in php, and they aren't interchangeable. Of course, you could require a library to do that, like Doctrine, but it will be probably orders of magnitude bigger than your project. And it won't integrate well with frameworks.
Depending on your needs, the best solution may be to require the user to implement functions like addAccount($type, $login, $password), userAuthenticated($login), checkPassword($login, $password), etc.. It certainly gives the most flexibility to the user, but requires effort to start using it.
I'm not saying, of course, that this solution is perfect, or even good for your case -- it's the best I can think of now.
Integration
In order to use an authentication mechanism, it needs to be integrated into the application. So you can't force any particular interface, but you should give a good default. You can't force a database choice, but you should make it easy to implement and give good, ready to use examples for some common cases. So I'd recommend separating the protocol support from interface and storage parts.
That's about it. I can't think of anything else right now.
Have a look at HybridAuth (http://hybridauth.sourceforge.net/).. I have not yet started my work but is serious considering this apporach
The easy way (the one you don't want, i think):
Facebook login button: http://developers.facebook.com/docs/reference/plugins/login/
Twitter sign in : https://dev.twitter.com/docs/auth/sign-in-with-twitter
The rest is easy enough to find on google as well, took exactly two minutes for these.
The bit-harder way , Download PHP libraries such as Facebook-php5 twitter-lib and such and perform OAuth based authenticated from your server and store the access token as a "user" on your system. I've done this in some system one time and its pretty useful and simple once you get the hang of it :)
Shai.
![Interactive visualization of a graph in python [closed]](https://www.devze.com/res/2023/04-10/09/92d32fe8c0d22fb96bd6f6e8b7d1f457.gif)
加载中,请稍侯......
精彩评论