14
how does kbin keep users logged in? (php symphony)
(kbin.social)
All things programming and coding related. Subcommunity of Technology.
This community's icon was made by Aaron Schneider, under the CC-BY-NC-SA 4.0 license.
I don't know how kbin login works and I didn't tested it, but here are my thoughts: the single sign on (like login with google) mostly works using the oauth2 workflow. You can use your favorite search engine and look for a nice wall of text for how it works. But basically the identity server (google) approves that you are who you said you are, and kbin uses an access token, for example a JWT token which includes your user information and the issuer, here Google. Kbin can ask Google for validity of the contents of that token, which kbin can approve against Google. So now you are logged into kbin using Google. This token has an expiration, and after that you have to login again. But since this is very inconvenient, there is also a refresh token. Using this token, google with give you a new valid access token with an expiration from now to whatever, let's say a week. This process happens in the back and is silent, so it works without entering your credentials, if it refreshes before expiration. If you don't login into kbin in that time window, you will probably have to enter your credentials again, because the tokens expired. Keep in mind that this summary is not very accurate since it's very simplified and describes the oauth2 process, not specifically what kbin and google are doing.