How To Make People Login Into Your Website With Their Google Account

This is a step-by-step beginner tutorial so show you how to implement Google login in PHP from scratch.

OpenID provides a safe, elegant and easy way for people to login into your website without having to fill in a registration form. They just have to have an account to one OpenID provider, a Google account for instance, and they will login into your site with this account.

I will show you how to implement it with Google accounts, but the source code is exactly the same for other providers (such as Yahoo!), you just have to change the URLs.

How does it work?

You just have to know that you don't have to deal with the user authentication. You will provide a link to a Google page in which the user will:

  1. give his credentials (or not, if he is already logged on Gmail for instance):

  2. give the authorization to Google to give you some his personnal data that you request:

Then the user will be redirect to a page of your website, that you chose, and you will be able to retrieve his personal data.

Let's write some code!

We will have two part in our the code:

  1. First, the code to retrieve the user personal data. Here, you just want to execute that code once, only when the user clicks on "Login with my Google account". 

  2. Then, the code to render the login button. You might want to display the login button on several pages, in your sidebar or whatever, so that code has to run each time you render the button.

We will be using a one-file PHP OpenID library that you can download here: LightOpenID. Just put this file in your project folder.

Here is the login.php file, it will be the page that the user willl be redirected to after having given his credentials and authorization to Google. This code retrieve and display the personal data of the user:

<?php // login.php
require_once 'openid.php';
$openid = new LightOpenID("");

if ($openid->mode) {
    if ($openid->mode == 'cancel') {
        echo "User has canceled authentication!";
    } elseif($openid->validate()) {
        $data = $openid->getAttributes();
        $email = $data['contact/email'];
        $first = $data['namePerson/first'];
        echo "Identity: $openid->identity <br>";
        echo "Email: $email <br>";
        echo "First name: $first";
    } else {
        echo "The user has not logged in";
} else {
    echo "Go to index page to log in.";

Make sure to replace by your domain name. If you have already a running signup/login system on your website, you might want to add a openid_identity field to your table users in your database and store in it $openid->identity. It is the unique ID that Google provides you to identify the user. The other fields may change if the user changes his Google profile.

And last step, the code to render the button, let's say on the home page, index.php. It will call a Google window and it will tell this window to redirect to your site after.

<?php // index.php
require_once 'openid.php';
$openid = new LightOpenID("");

$openid->identity = '';
$openid->required = array(
$openid->returnUrl = ''

<a href="<?php echo $openid->authUrl() ?>">Login with Google</a>

Here you have to change the returnUrl field: put the absolute URL of the PHP page. Once again, make sure to replace by your domain name.

Persisting the authenticated state

OpenID is just the authentication mechanism: is the user the one he claims to be? In order to persist the state in your application you can use sessions.

When you have the user's data, you can authenticate him in your application

$_SESSION['user'] = $email;

To test if the user is logged in your application or not:

if (isset($_SESSION['user'])) {
    // user logged in
} else {
    // user not logged in

To logout the user, just destroy the session:


Other OpenID providers

And that's it! Finally, some figures about with what authentication provider users prefer login according to JanRain.

You can use this code to make people login into your website with some other accounts: Yahoo, Wordpress, AOL, ... You just have to change the url $openid->identity by:

  • Google:

  • Google profile:\~YOURUSERNAME

  • Yahoo:

  • AOL:

  • Wordpress:

  • LiveJournal:

However, Facebook and Twitter are not OpenID provider: you cannot use the above code with them. Here is an article I wrote for implementing Facebook authentication in PHP. As for Twitter, refer to the official documentation.

Other languages

You can find the equivalent of LightOpenID that I used in PHP in the other languages on this page of the wiki.

Quentin Pleplé
April 2011