I was looking at a schema and trying to figure out what this table could be used for:
CREATE TABLE "single_sign_ons"
"token" VARCHAR(64) NOT NULL,
"ip" VARCHAR(32) NOT NULL,
"expired_at" DATETIME NOT NULL,
"one_time" VARCHAR(64),
"created_at" DATETIME,
"updated_at" DATETIME,
"user_id" INTEGER,
PRIMARY KEY("token"));
What is "single sign on" and why did the author of this table include these columns for this purpose?
Single Sign On is an authentication technology for Web sites. It lets you log into one location, and have automated authentication by having sites check authentication servers to see if the person is already logged in. It tracks this with tokens. It behaves a bit like Kerberos did for local logons.
To clarify, it makes it so you don't have to keep logging in and maintaining separate accounts across multiple services.
It looks like it is an authentication store to determine who is logged on to a series of systems. My guess would be that various applications look at this table to see if someone at an ip address has authenticated. If the person has, they are allowed into the application without entering in a username and password.
Here is a link to wikipedia on the subject:
http://en.wikipedia.org/wiki/Single_sign-on
As a matter of perspective, Active directory is commonly used for this also.
"Single sign on" allows a user to authenticate once and use the same authentication token for several applications.
For instance, if you sign into Gmail and then go to Google Calendar, you don't need to log in again.
Usually it relies on some sort of authentication token created by the first application you log into (or rather, some security service that's part of the system in general, called by that first application). The token can then be presented to other applications.
Exactly how it works in your particular system will depend on various other aspects of the system, but that information should be enough to help you understand the basic purpose of the table.
It's a holder for a user's sign-on session. I believe that the table would be used when a user has signed in to verify that their session is still active, and allow them to access diverse servers/sites without logging in a second time.
I'm assuming that at first login, the user's session would be known to be new, so that the user would be queried for credentials. Then a row is entered in this table withe user's id, ip address, creation date, and a token. This token would then be attached to the user's session and used in subsequent logins.
Other processes would then recieve the token as part of the communication and check this table to be sure that the session is still valid. Each time the session is checked, the update field would be changed, so that the user is known to be active.
Still more logic would periodically check the table and expire any session rows that haven't been updated recently enough. Whatever "enough" is for this system. Then subsquent access requests with the token will register the expiration, query for credentials and establish a new row with a new token.