dimanche 20 novembre 2016

Laravel 5 using phpbb/mybb user sessions

So...

I'm using Laravel 5 for a community website I am making, it will interface with a game database as well, to allow community members to view their in-game stats etc from the website...

However, obviously being a community site, a key feature of this is a good, solid forum. I also want to make it as user friendly as possible, so a key part of this is SSO. They should not need to login on the website AND the forums, it should all be the same login.

I'm still debating between phpBB3 and myBB, but that's mostly irrelevant for this question.

I've seen a lot of people with the same problems, and not a huge number of solutions, however, I have a couple of ideas, and I'd like to run these by the community here to see if I am missing anything major, as I'm not super familiar with the backends of either forum package and have only recently started using Laravel.

I've seen the lara-auth-bridge for phpbb3, however some report that it is outdated for the current version of phpBB3, where they have changed how modules work - I'm currently repairing my development environment so I can test the bridge...

Anyway, I saw this Authenticate MyBB with Laravel 5 question, and it prompted a question of my own...

If I wanted to use, lets say a myBB user/login in Laravel 5, could I do the following?

  • Use the myBB user registration/login system to handle user login/rego
  • Direct someone to the forums to register/login/logout
  • In Laravel 5, check for the existence of the myBB session/cookie, and use that to start a Laravel 5 session (since L5 has it's own session integration)
  • Whenever page is loaded, simply check for the myBB session to confirm user is still logged in / has logged out

It's not an ideal solution, but it would eliminate the issue of the two different session 'frameworks', and hopefully give the illusion of a seamless experience.

Is there anything wrong with this approach (from a theory or security POV)?

Apologies I don't have my usual code example snippets from testing code, managed to screw up my development environment, so have to descrew it before I can play around with things. I'll update this post once I've fixed my dev env and had a play around.

On the plus side, all of this will be completely irrelevant once myBB2 comes out, as they are using Laravel 5 as a framework.



via Chebli Mohamed
Publié par à
Libellés :

Aucun commentaire:

Enregistrer un commentaire

Inscription à : Publier les commentaires (Atom)