The background,
Single sign-on (SSO) is one of the most popular solutions for enterprise business integration. It is mainly used when there are many systems in the company, which is convenient for employees to use and log in uniformly. That is, in many systems, log in once and you can access other trusted application systems.
Two, the basic process
-
When a user accesses the CMS system, the user can determine whether to log in based on the token in the LocalStorage. If the user logs in, the corresponding service module is displayed. If the user does not log in, the SSO login system is displayed.
-
The CAS server (SSO) login system is switched to. The SSO system is not logged in, and the user login page is displayed.
-
The SSO system generates a Service Ticket (ST) after the user enters the user name and password. The SSO system then switches to the CMS and passes the Ticket as a parameter to the CMS.
-
After the CMS obtains a Ticket, it sends an AUth request to the SSO from the background to verify whether the Ticket is valid.
-
After the authentication succeeds, the CMS writes the returned token and user information to localStorage, enters the service module, and adds auth information to the Header of each request as a Cookie through the interceptor.
-
If the authentication fails, the page with no permission is displayed.
Three, front-end part of the code
Interceptor section
Remark:
This scheme is CAS access, based on JWT (Json Web Token)
User right information Maintenance On the CAS server, role information is returned when the CAS server uses the ticket to initiate permission verification
Koa login session and token way: segmentfault.com/a/119000002…
The front end is based on the VUE framework