chantasaur / lightopenid

Automatically exported from code.google.com/p/lightopenid
0 stars 0 forks source link

quick authorization on subsequent pages #38

Closed GoogleCodeExporter closed 8 years ago

GoogleCodeExporter commented 8 years ago
After the initial validation, how can I quickly check on other pages to see 
that the user has been authorized to view the site?
Thanks
David

Original issue reported on code.google.com by drho...@gmail.com on 5 May 2011 at 2:35

GoogleCodeExporter commented 8 years ago
You have to do it yourself. OpenID performs only authentication, i.e. 
confirming an identity. The information returned are not in any way managed by 
LightOpenID (as it's not part of the protocol), so you can do whatever you want 
with them.

Perhaps, use php sessions[1] to preserve the identity between requests.

That said, the library itself does one and only one thing: confirms an user's 
identity using OpenID protocol. It doesn't do things like session handling, 
user management, or whatever else. So after calling validate, LightOpenID can't 
do anything for you (except returning the values obtained through validation, 
but it still doesn't preserve anything between requests).

  [1]: http://php.net/manual/en/book.session.php

Original comment by mewp...@gmail.com on 5 May 2011 at 11:00