Jump to content

Sharing authorization between ProcessWire installations


Ivan Gretsky
 Share

Recommended Posts

Good day everyone! Hope you all safe and healthy!

I am thinking about a rather ambitious project (for me). It should consist of a number of ProcessWire based sites which will serve the same group of registered users. I need to make the user registration a one time process. And I need to share the user data across the sites. Single sign-in is also in plans. I am thinking about placing the user info and all the user data in one installation and somehow sharing it between all the other. But I am open to any suggestions.

Please share your thoughts and experience on the topic. I am only in the very beginning and trying to estimate is it even doable.

Link to comment
Share on other sites

10 hours ago, Rudy said:

a modified SessionRedis module that works on PW3.x with Predis if you want a copy.

 I want to have a copy, if I can. 👋  🙂 

Link to comment
Share on other sites

Here is the customized module. You will need to run:

composer require predis/predis

 to use it.

Add the following settings to your `config.php`

    $config->redis_session_server_ip     = '127.0.0.1';
    $config->redis_session_server_port   = 6379;
    $config->redis_session_server_db     = 0;
    $config->redis_session_server_prefix = "PHPSESSID:";
    $config->redis_session_server_ttl    = 1800;

Change the session prefix to whatever you want.

Once installed, you can then share the same session (using the prefix) across multiple sites as long as those sites are reading/writing to the same redis server.

SessionHandlerRedis.zip

  • Like 2
Link to comment
Share on other sites

Cool stuff, @Rudy!

May I ask a few additional questions?

  1. Do you limit the ability to login/register to only one installation? How?
  2. You do not re-create users on all installations, do you?
  3. Are you using user info from one installation in all the others? I mean something like $user->hasRole() and things like finding users? How? Are you using API call to other instances?
Link to comment
Share on other sites

@Ivan Gretsky my usage is slightly different than yours. It's more for running a website on a multiple servers through a load-balancer. I have my database running on AWS RDS and a separate Redis server.

I think you should:
- limit the login/register to only one installation
- use either database or redis to store your sessions
- use AppAPI module to make REST calls from the primary site

  • Like 2
Link to comment
Share on other sites

Thanks for the great suggestions! Will make my mind around it and try.

If anyone has other ideas or experience on the topic, please share. I did not consider REST API for using $user data from the main registration site on the other installations (and do not have expertise in this). Are there other (simpler? more PW-ish?) ways to do it?

Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
  • Similar Content

    • By hheyne
      Hello, has anyone here implemented something that gives the users a 2-factor authorization via username, password and SMS?
      BR Henning
    • By wheelmaker24
      Hello there,
      I've already realized many projects with ProcessWire and would love to use it for a bigger project now. Maybe you can help and allay my doubts
      Enterprise Single Sign-On?

      We are currently using Microsoft SharePoint (2003…) as a publishing tool for our intranet web pages. This of course is no good solution concerning responsive design, flexibility and scalability. Because we are talking of a big company (about 9000 employees) it is important to protect the ProcessWire installation with an Enterprise Single Sign On (SSO). It seems like Shibboleth is a good solution to handle the communication between the Microsoft Server from the company and the Linux Apache for the intranet web page.

      Has anyone already used ProcessWire in an environment like this? It would be great to use the employees IDs and hand them viewing / editing rights for single pages.
        Permission Management for 9k users?

      Of course most of the employees should only get viewing rights. But it would be great being able to give editing restrictions for specific pages. As I understand this is something ProcessWire does not support with its core features – even though there are modules for this particular case.

      The question is: Is it responsible to build a big system based on many modules in consideration of future upgrading, scalability and co.? Looking forward to your comments on this
      Happy coding!
      wheelmaker24
    • By quickjeff
      Hi Guys,
      I am working on a project for a startup company. I will be building a portal for users to access company related information. I am required to connect the portal to an LMS which is a learning management system. I am looking to hire someone to assist with the SSO since I have a lot of work already with the portal. The portal will be built on ProcessWire and require user management.
      Please message me if you are interested in helping out. I would like to get some quotes before the weekend is over.
      Looking to start ASAP on this project.
      Let me know if you have any questions.
      Also note, once we have the SSO out of the way, more work may arise from this project, since our timeline is somewhat short.
      Thanks!
×
×
  • Create New...