I have 5 different laravel applications including with one python app having each different database.i want SSO implementation where i can register and create account on one app and it will redirect to dashboard where cards of others apps are shown.when i click on any of these app it will redirect me to that specific app without giving login credential again for that app
Is there any solution or any thing that will help me to do so
Related
I am currently working on a small project.
I use flutter for the frontend and springboot for the backend.
I want the springboot application to run locally on a raspberry pi.
Now I am wondering, if it is possible to implement a firebase (email/password) like authentication/authorization in springboot (without using firebase or any other cloud-based solutin) where you don't have to login every time you open the app.
Or you could compare it to facebook, instagram, snapchat, ... in all of these apps you stay logged in the whole time.
What possible ways are there to implement this in springboot?
I mean I could store the login credentials on the phone but I guess that wouldn't be secure or the correct way, right?
As you are approaching, there are several ways you can authenticate your end user in the mobile application.
Using email password
Using phone number verification
Using third party authentication provider ( facebook, gmail etc)
Without knowing your target end users, its hard to determine appropriate authentication mechanism.
By far as you are developing a flutter application and targeting mobile users, i assume your end users has some sim card installed in their mobile device and using the phone number and otp based solution seems frictionless for your end user.
You can use firebase admin sdk, prompt the user to type in their phone number and send otp to that phone number, then ask the end user for the correct otp. Send back the otp to firebase, firebase will give you a idToken (a token in firebase realm). Pass that idToken to the server ( spring boot rest service) and verify it from firebase. firebase will reply with user details ( basically the phone number)
Whole process involves setting up a firebase project, installing admin sdk and some tweaking in both mobile application and spring boot end.
For more info start here https://firebase.google.com/docs/admin/setup
I'm developing a mobile app + SPA using Laravel as a web service. I'm not sure which grant flow will be good for this. I would avoid any third party login like facebook, google, etc. Id'like to handle user login simply with email and password. I want user to login only once on mobile app.
I had gone through some articles. I'm very confused. I found out 2 flows which might work here. 1st is implicit Grant & 2nd one is password grant.
If SPA is built inside your Laravel project you can handle user login simply with standard laravel authorization method.
For external use (mobile app or external SPA) you should authenticate users with API.
Laravel Passport mainly offers two way to handle this.
Personal Access Token
Fresh API Token
I suggest using the second one cause is the "Standard way" to consuming your web app with a nonsecure source.
At the moment we have a React application that uses OAuth2 for authentication and a second application that uses Laravel with Backpack. Is there any viable way to share the login between the two apps, as they are just two parts of the same system.
[UPDATED]
Additional information: both the Laravel project using session auth (https://laravel.com/docs/5.7/authentication) and the React application using OAuth 2 (https://laravel.com/docs/5.7/passport) will be running in the same browser. The intention is to make a seamless transition between these two parts.
Both Session auth and OAuth are using the default implementations provided by Laravel.
Short story behind the requirement - we have a system where the user can order products, but some of the users are also sellers. We have the Laravel project as the front-end shop part and the React app as a panel for moderating the products that you sell.
We are an existing web application where schools are subscriptions and students under that school can use our web app. They currently have logins with projects under the logins.
Since students keep forgetting logins, schools want to start migrating to Google Apps marketplace app approach where all students have to do is click on universal navigation icon.
But since the students could already have an account with us, the first time they login from universal icon, they are provided with a screen to map any existing account or create a new one. Once that is done, next time the student comes in, they login and enter the app right away. No intermediate steps.
With that background, our marketplace app is being rejected with the reason, we do not implement SSO.
Can somebody help me understand how are we not implementing SSO?
It was an issue with mismatch credentials in the marketplace app and PHP code.
Used the same API keys in both places fixed it.
So I'm building a cloud platform to handle a bunch of CodeIgniter Apps.
The idea is to share credentials between those apps, so the user can purchase App1 and App2 with the same account.
One process can be described like :
The user view the Site : http://myapps.tld
The user creates an account on http://myapps.tld
The user browses apps on http://myapps.tld/apps
The user purchases App1 && App2
there is a registration form on the main site (let say 'http://myapps.tld')
The user enter his same credentiels (of http://myapps.tld) on http://myapp1.tld and http://myapp2.tld
The authentication on http://myapps.tld is coded from scratch (very basic one).
I think that a way of achieving this is to use an OpenID mechanism built on http://openid.myapps.tld and whenever a user have the need to authenticate with an app from the platform he will be redirected to openid.myapps.tld to confirm/verify his credentials and redirected back to his app completely identified.
Is OpenID the right choice for me ? can I rely on it to handle authentications on the main site and the different apps ?
If so, I've seen a library or two for implementing OpenID on CI 2 but if you have some tips/tutorials, I'll appreciate the sharing :)
I'm thinking also of adding the same OpenID mechanism for 'forum/wiki/blog' tools/services so again the user/client wouldn't have to create multiple accounts to use whatever service/app on the platform.
Thanks in advance !
OpenID is the way to go. There are a couple of sparks on getsparks.org:
The latest oauth2 is the probably the best option.
http://getsparks.org/packages/oauth2/versions/HEAD/show