Categories

JavaScriptPHPHTMLCssPythonWordPressWeb developmentLinuxMySQLAndroidWindowsJavaC++ / C#LayoutReactUbuntuYiiDjangoProgramming1C-BitrixLaravelSystem administrationTelegramJSONDebianPostgreSQLIOSGoogleHtaccessWindows ServerGitMacOSGoogle ChromeCMSWooСommerceBootstrapNginxSQLUnityAPI
Make a leaderReport
G
G
grigor2014-08-19 21:56:58
PHP
grigor, 2014-08-19 21:56:58

How to create an authorization on one site based on a database of users from another site?

I created a news resource (xxx.ru), where you need to either register or log in through any social network in order to comment. network (used by uLogin).

I also have a popular Internet forum with 40k+ users who also read this news resource. Forum on IP.Board, domain separate from the news resource (yyy.ru).

I would like to do the following on the news site:
OR immediately make those who are already authorized on the forum authorized, simultaneously introducing a new user from the forum to the news site into the database;
OR allow users to log in through my forum (i.e. write a mini-authorization, like uLogin).

What is the best way to organize it?

I am not yet familiar with OpenID and have a bad idea of ​​what exactly I need to write on the forum and on the news resource in order to connect it. Prompt in what direction to dig. :-)

Reply
Answer the question

Answer the question

In order to leave comments, you need to log in

2 answer(s)
Report
A
Alexander Kubintsev, 2014-08-20
@akubintsev

You can't just make it so that authorized forum users can be automatically authorized on a different domain. If it was a family of subdomains - then no problem. It's about the security policy of the session cookie.
In any case, if you want to bind to forum accounts, you will need to implement the simplest API for authorization and set up cross-domain ajax to send requests directly from the client's javascript.
The algorithm comes to mind the following:
- when entering the site, the presence of a session cookie is checked
- if it is, then a request is sent to the forum API to check if the id in the cookie is associated with the user's data
- if there is no connection or the cookie was missing - the user is shown that he logged out
- if there is a connection, the necessary data is sent via the API to be displayed on the site.
For authorization, a login-password is passed to the API, the id of the same session cookie that is used on the forum is returned.

Report
Y
Yakov Akulov, 2014-08-19
@jakulov

I think it's possible to attach a script that implements oAuth to the forum and it will be there by analogy with authorization through social networks.

Similar questions
J
jasonOk2015-11-09 14:07:48
How to organize the right requests? 3Reply
V
vkup2018-03-17 13:06:12
Server connection error. Try later. How to fix? 1Reply
I
Ivanko2018-03-17 16:22:19
Which php framework is better to choose for such parameters? 5Reply
M
mitra_mc2018-03-17 17:07:02
Why is the VKontakte bot responding slowly and sending two messages each? 2Reply
Y
Yevhenii K2015-11-09 18:03:02
What is wrong with []? 1Reply

Didn't find what you were looking for?

Ask your question

Ask a Question

731 491 924 answers to any question