As you might know, I am using the
Code Igniter Framework for SD.
Openid works the following way (dont know if you know it):
The user selects the provider of his choice on your page.
He is redircted to the OID Provider and logs in there.
Then he is redirected back to your page with the details you have requested from the provider (if the provider supports it)
In SD I have continued this way:
I queried the admin db for the OpenID-Identity.
If the Identitiy is in the admin db, I create a session with the openid identitiy.
And on every page, I check if the openid identity is set in the session (the user cant create a session by himself, because they are encrypted and stored in the DB)
__________________