使用PHP的Google+登录
[英]Google+ Sign-In with PHP
问题描述
I'm a bit confused. 
我有点困惑。 I am trying to provide a simple Google Authentication sign-on. 我正在尝试提供一个简单的Google身份验证登录。
I would like to use Google's recommended method using the client-side flow: https://developers.google.com/+/web/signin/add-button 我想通过客户端流程使用Google推荐的方法: https : //developers.google.com/+/web/signin/add-button
If I use this method, how will I keep a user logged in as they move from page to page. 如果使用此方法,当用户在页面之间移动时如何保持登录状态。 I know I can't create PHP session via Javascript. 我知道我无法通过Javascript创建PHP会话。
How can I use the client-side flow and keep a user signed in. I am using PHP on my server. 如何使用客户端流并保持用户登录。我在服务器上使用PHP。
1 个解决方案
解决方案1
1 2014-11-25 19:29:11
After spending a few weeks researching, I now understand that I cannot just set a php session variable and stop using oAuth2. 经过几周的研究,我现在知道我不能只设置一个php会话变量并停止使用oAuth2。 I realize that everything I need to get information from Google, I must prove that I have still authenticated that user. 我意识到从Google获得信息所需的一切,我必须证明我仍然对该用户进行了身份验证。
Also, I have come to understand that unless you force prompt, Google will not resend a refresh-token. 另外,我了解到,除非您强制输入提示,否则Google不会重新发送刷新令牌。 To provide the best user experience, you must capture the token at first login and then re-use the token to make calls without having to force prompt. 为了提供最佳的用户体验,您必须在首次登录时捕获令牌,然后重新使用令牌进行呼叫,而不必强制提示。 This token must be stored in a secured location such as a database for each user. 该令牌必须存储在每个用户的安全位置(例如数据库)中。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.