Single-Sign-On for E-Com Plus platform users with PHP
Based on Official Single-Sign-On for Discourse (sso)
- Save the secret (32 bytes string) on SSO_SECRET environment variable
- Import the script and create new object with
EcomSSO
class - Call
login_url
to redirect user to new login flow - Call
handle_response
at callback endpoint /session/sso_login
require './ecomplus-sso.php';
$sso = new EcomSSO();
$sso->login_url(true);
$user = $sso->handle_response();
if ($user !== null) {
if ($user['logged']) {
/*
user attributes:
name; external_id; email; username; require_activation;
custom.locale; custom.edit_storefront; custom.store_id;
custom.access_token.
*/
if ($user['email']) {
// do the stuff
}
} else {
// user unlogged
http_response_code(401);
}
} else {
// invalid request
http_response_code(400);
}
Custom secret token:
// default is to get from SSO_SECRET env
$sso = new EcomSSO('cb68251eefb5211e58c00ff1395f0c0b');
Custom service name:
// default service name is 'market'
// must match with subdomain name
// eg.: 'builder' for 'builder.e-com.plus'
$sso = new EcomSSO(null, 'builder');
Both custom secret and service:
$sso = new EcomSSO('cb68251eefb5211e58c00ff1395f0c0b', 'builder');