How To Make People Login Into Your Website With Their Google Account
Apr 27th, 2011This is a step-by-step beginner tutorial so show you how to implement Google login in PHP from scratch.
OpenID provides a safe, elegant and easy way for people to login into your website without having to fill in a registration form. They just have to have an account to one OpenID provider, a Google account for instance, and they will login into your site with this account.
I will show you how to implement it with Google accounts, but the source code is exactly the same for other providers (such as Yahoo!), you just have to change the URLs.
How does it work?
You just have to know that you don’t have to deal with the user authentication. You will provide a link to a Google page in which the user will:
-
give his credentials (or not, if he is already logged on Gmail for instance):
-
give the authorization to Google to give you some his personnal data that you request:
Then the user will be redirect to a page of your website, that you chose, and you will be able to retrieve his personal data.
Let’s write some code!
We will have two part in our the code:
-
First, the code to retrieve the user personal data. Here, you just want to execute that code once, only when the user clicks on “Login with my Google account”.
-
Then, the code to render the login button. You might want to display the login button on several pages, in your sidebar or whatever, so that code has to run each time you render the button.
We will be using a one-file PHP OpenID library that you can download here: LightOpenID. Just put this file in your project folder.
Here is the login.php file, it will be the page that the user willl be
redirected to after having given his credentials and authorization to
Google. This code retrieve and display the personal data of the user:
<?php // login.php
require_once 'openid.php';
$openid = new LightOpenID("my-domain.com");
if ($openid->mode) {
if ($openid->mode == 'cancel') {
echo "User has canceled authentication!";
} elseif($openid->validate()) {
$data = $openid->getAttributes();
$email = $data['contact/email'];
$first = $data['namePerson/first'];
echo "Identity: $openid->identity <br>";
echo "Email: $email <br>";
echo "First name: $first";
} else {
echo "The user has not logged in";
}
} else {
echo "Go to index page to log in.";
}
?>
Make sure to replace my-domain.com by your domain name. If you have
already a running signup/login system on your website, you might want to
add a openid_identity field to your table users in your database and
store in it $openid->identity. It is the unique ID that Google
provides you to identify the user. The other fields may change if the
user changes his Google profile.
And last step, the code to render the button, let’s say on the home
page, index.php. It will call a Google window and it will tell this
window to redirect to your site after.
<?php // index.php
require_once 'openid.php';
$openid = new LightOpenID("my-domain.com");
$openid->identity = 'https://www.google.com/accounts/o8/id';
$openid->required = array(
'namePerson/first',
'namePerson/last',
'contact/email',
);
$openid->returnUrl = 'http://my-domain.com/login.php'
?>
<a href="<?php echo $openid->authUrl() ?>">Login with Google</a>
Here you have to change the returnUrl field: put the absolute URL of
the PHP page. Once again, make sure to replace my-domain.com by your domain name.
Persisting the authenticated state
OpenID is just the authentication mechanism: is the user the one he claims to be? In order to persist the state in your application you can use sessions.
When you have the user’s data, you can authenticate him in your application
session_start();
$_SESSION['user'] = $email;To test if the user is logged in your application or not:
session_start();
if (isset($_SESSION['user'])) {
// user logged in
} else {
// user not logged in
}To logout the user, just destroy the session:
session_start();
session_destroy();Other OpenID providers
And that’s it! Finally, some figures about with what authentication provider users prefer login according to JanRain.
You can use this code to make people login into your website with some
other accounts: Yahoo, Wordpress, AOL, … You just have to change the
url $openid->identity by:
- Google:
https://www.google.com/accounts/o8/id - Google profile:
http://www.google.com/profiles/\~YOURUSERNAME - Yahoo:
https://me.yahoo.com - AOL:
https://www.aol.com - Wordpress:
http://YOURBLOG.wordpress.com - LiveJournal:
http://www.livejournal.com/openid/server.bml
However, Facebook and Twitter are not OpenID provider: you cannot use the above code with them. Here is an article I wrote for implementing Facebook authentication in PHP. As for Twitter, refer to the official documentation.
Other languages
You can find the equivalent of LightOpenID that I used in PHP in the other languages on this page of the OpenID.net wiki.