Hi, this is Milo, a blogger who would like to share his test development techniques, interview tips and growing experiences with you!

Welcome everyone to pay attention to my public number: test development pit goods.


Background knowledge

At present, the platform maintains its own user system, but do you think it would be troublesome to manually register every new user? In the enterprise, if we all use the same account to log in, will it be very convenient?

In fact, there is such an SSO system in the enterprise, which can share all platforms with one account. So what do we have that’s universal, that everybody has?

In fact, there are many, QQ/ wechat/Alipay these basic everyone has. However, considering the difficulty of access, I choose to support github account access.

If you do not know, you can search for the corresponding keywords: single sign-on, SSO, OAuth

conceived

Single sign-on also includes sessions, but since we only want github to access user information, we don’t need it to manage user login status for us. So when we access it, we get the user information and integrate it into our pity_user table.

Create a request app

Making the official document: docs.github.com/v3/oauth/

  • Enter the Settings

  • Choose the Developer Settings

  • Switch to the OAuth app

As you can see, HERE I apply two, one is local (for local debugging), the other is online address.

  • Click the New OAuth App

After registering, you can view it!

  • Get ClientID and ClientSecrets

Remember to save these two values for later use.

Detailed Access Process

Redirect to the login page

Assuming our home page is www.wqrf.com, when we visit the home page, we will be redirected to the login page due to ‘not logged in’.

We provide a button or link called: Log in with Github. When the user clicks on this button, we redirect to:

The Github authentication page is displayed

Github.com/login/oauth…

If the user is not even logged in to Github, this page will become a Github login page, otherwise it will become an authorization page asking if you want to log in to the site, as shown below:

Through the verification

After login Github will generate a code based on your clientId, redirect to your home page and enter the code parameter:

www.wqrf.com? Code = ‘Github generated code’

Access token

Then we used code+ Clientid +secret to get the Github token.

Call the Github interface

Once you have it, you can call Github’s interface to retrieve the user’s information.

conclusion

Can’t wait to see the github usage documentation, which is in English but detailed. Wait for and of, can see my next real operation!

Github is very slow to open recently, which will affect the login effect.