Cackle - Single Sign On
In this article we will talk about a single authentication, which can be useful for sites with an existing database of registered users.
Single sign-on (Single Sign-On) allows existing site users to leave comments through the Cackle widget on behalf of a user account on the site without the need for authorization in the widget using a social network (OAuth) or an OpenID provider.
To set up a single authorization, the variable mcSSOAuth is added to the widget code, the value of which is the encrypted user data and the secret key of the widget. In case of successful key verification, the data is saved in the system, and the user is authorized.
The value of a variable must be formed on the server and be equal to:
')
JSON user data includes the following attributes:
MD5 request signature is configured as:
The cackle_auth function returns the string to be placed in the location of the widget code:
Incidentally, in the new version of the plugin for WordPress , a single authorization has already been implemented. You can turn it on by checking the settings.
Single sign-on (Single Sign-On) allows existing site users to leave comments through the Cackle widget on behalf of a user account on the site without the need for authorization in the widget using a social network (OAuth) or an OpenID provider.
How does this happen?
To set up a single authorization, the variable mcSSOAuth is added to the widget code, the value of which is the encrypted user data and the secret key of the widget. In case of successful key verification, the data is saved in the system, and the user is authorized.
The value of a variable must be formed on the server and be equal to:
')
<JSON Base64><><MD5 ><>< >
JSON user data includes the following attributes:
- id - unique user ID
- name - username
- email (optional) - email address
- avatar (optional) - link to avatar
- www (optional) - link to web site
MD5 request signature is configured as:
md5(<JSON Base64>< >)
Site API Key - API. "", WordPress .
, JSON , JSON {}.
www.example.org. Freeman. , Freeman Cackle , . , Freeman .
- Freeman :
id - 7, email - freeman@example.org, avatar - example.org/freeman.png, Site API Key - 123456789, is_user_logged_in() .
function cackle_auth(){ $timestamp = time(); $siteApiKey = 123456789; if (is_user_logged_in()){ $user = array( 'id' => '7', 'name' => 'Freeman', 'email' => 'freeman@example.org', 'avatar' => 'http://example.org/freeman.png' ); $user_data = base64_encode(json_encode($user)); } else{ $user = '{}'; $user_data = base64_encode($user); } $sign = md5($user_data . $siteApiKey . $timestamp); return "$user_data $sign $timestamp"; } md5(<JSON Base64>< >)
Site API Key - API. "", WordPress .
, JSON , JSON {}.
www.example.org. Freeman. , Freeman Cackle , . , Freeman .
- Freeman :
id - 7, email - freeman@example.org, avatar - example.org/freeman.png, Site API Key - 123456789, is_user_logged_in() .
function cackle_auth(){ $timestamp = time(); $siteApiKey = 123456789; if (is_user_logged_in()){ $user = array( 'id' => '7', 'name' => 'Freeman', 'email' => 'freeman@example.org', 'avatar' => 'http://example.org/freeman.png' ); $user_data = base64_encode(json_encode($user)); } else{ $user = '{}'; $user_data = base64_encode($user); } $sign = md5($user_data . $siteApiKey . $timestamp); return "$user_data $sign $timestamp"; } md5(<JSON Base64>< >)
Site API Key - API. "", WordPress .
, JSON , JSON {}.
www.example.org. Freeman. , Freeman Cackle , . , Freeman .
- Freeman :
id - 7, email - freeman@example.org, avatar - example.org/freeman.png, Site API Key - 123456789, is_user_logged_in() .
function cackle_auth(){ $timestamp = time(); $siteApiKey = 123456789; if (is_user_logged_in()){ $user = array( 'id' => '7', 'name' => 'Freeman', 'email' => 'freeman@example.org', 'avatar' => 'http://example.org/freeman.png' ); $user_data = base64_encode(json_encode($user)); } else{ $user = '{}'; $user_data = base64_encode($user); } $sign = md5($user_data . $siteApiKey . $timestamp); return "$user_data $sign $timestamp"; }
md5(<JSON Base64>< >)
Site API Key - API. "", WordPress .
, JSON , JSON {}.
www.example.org. Freeman. , Freeman Cackle , . , Freeman .
- Freeman :
id - 7, email - freeman@example.org, avatar - example.org/freeman.png, Site API Key - 123456789, is_user_logged_in() .
function cackle_auth(){ $timestamp = time(); $siteApiKey = 123456789; if (is_user_logged_in()){ $user = array( 'id' => '7', 'name' => 'Freeman', 'email' => 'freeman@example.org', 'avatar' => 'http://example.org/freeman.png' ); $user_data = base64_encode(json_encode($user)); } else{ $user = '{}'; $user_data = base64_encode($user); } $sign = md5($user_data . $siteApiKey . $timestamp); return "$user_data $sign $timestamp"; } md5(<JSON Base64>< >)
Site API Key - API. "", WordPress .
, JSON , JSON {}.
www.example.org. Freeman. , Freeman Cackle , . , Freeman .
- Freeman :
id - 7, email - freeman@example.org, avatar - example.org/freeman.png, Site API Key - 123456789, is_user_logged_in() .
function cackle_auth(){ $timestamp = time(); $siteApiKey = 123456789; if (is_user_logged_in()){ $user = array( 'id' => '7', 'name' => 'Freeman', 'email' => 'freeman@example.org', 'avatar' => 'http://example.org/freeman.png' ); $user_data = base64_encode(json_encode($user)); } else{ $user = '{}'; $user_data = base64_encode($user); } $sign = md5($user_data . $siteApiKey . $timestamp); return "$user_data $sign $timestamp"; }
md5(<JSON Base64>< >)
Site API Key - API. "", WordPress .
, JSON , JSON {}.
www.example.org. Freeman. , Freeman Cackle , . , Freeman .
- Freeman :
id - 7, email - freeman@example.org, avatar - example.org/freeman.png, Site API Key - 123456789, is_user_logged_in() .
function cackle_auth(){ $timestamp = time(); $siteApiKey = 123456789; if (is_user_logged_in()){ $user = array( 'id' => '7', 'name' => 'Freeman', 'email' => 'freeman@example.org', 'avatar' => 'http://example.org/freeman.png' ); $user_data = base64_encode(json_encode($user)); } else{ $user = '{}'; $user_data = base64_encode($user); } $sign = md5($user_data . $siteApiKey . $timestamp); return "$user_data $sign $timestamp"; } The cackle_auth function returns the string to be placed in the location of the widget code:
<script type="text/javascript"> var mcSSOAuth = '<?php echo cackle_auth(); ?>'; // </script> Incidentally, in the new version of the plugin for WordPress , a single authorization has already been implemented. You can turn it on by checking the settings.
Source: https://habr.com/ru/post/157853/
All Articles