https://accounts.google.com/signin/v2/sl/pwd?

service=mail

&hl=en

&uilel=1

&continue=https://www.gmail.com

&passive=true

&ltmpl=default

&flowName=GlifWebSignIn

&flowEntry=ServiceLogin


_________________________________________________



https://accounts.google.com/signin/v2/sl/pwd?

service=youtube

&hl=en

&uilel=3

&continue=https://www.youtube.com

&passive=true

&flowName=GlifWebSignIn

&flowEntry=ServiceLogin



________________________________________________


Youtube first sign in set 4 cookies:

1. remote-session-name {"data":"youtube-desktop","creation":1541948055176}

2. remote-session-app  {"data":"Desktop","creation":1541948055176}

3. remote-device-id    {"data":"f6b539df-f025-445d-b15e-cffe11be188b","expiration":1571461396512,"creation":1539925396512}

4. remote-uilel	       {"data":"3","creation":1541947781364}


** After youtube sign out cookies remove

** If youtube sign out gmail also signout if refresh


Activity table:


1. service
2. continue
3. flowName
4. flowEntry
5. passive
6. hl
7. remote-session-name (password)
8. remote-session-app
9. remote-device-id 
10.remote-uilel	
11.uid
12.browser_header (cookie hijacking)

Login process:

** After login from gmail insert all data in activity table & set cookies in https://accounts.google.com

** If try to login in youtube from new tab https://accounts.google.com check cookies value isset or not.

** if isset check browser_header (cookie hijacking)
   remote-session-name | remote-device-id | 
   remote-uilel exits in database or not.

** if isset auto login from backend & redirect.
   
** Get uid from remote-session-name & insert new data in activity table & set cookies.
   


Logout process:

** If logout from gmail remove all row from activity table related uid & Unset session

** Remove cookies from  https://accounts.google.com remote-session-name | remote-session-app | remote-device-id | remote-uilel 

** Set set interval check 30 for youtube uid exits table or not | Or set it in next refresh



________________________________________________

** Store logic :

public function storeLoginActivity($password) {
  $logged_time = time();
  $expire = time() + (86400 * 30);
  setcookie('logged_time', $logged_time, time() + (86400 * 30), "/");
  $uid = md5($_SERVER['HTTP_USER_AGENT'] .  $_SERVER['REMOTE_ADDR'] . $logged_time);
  $cipher = "#&sdfdfs789fs7d";
  $encoded_password = base64_encode(openssl_encrypt($password, "AES-128-ECB", $cipher));
  DB::table('activity')->insert(
      ['user_id' => Auth::id(), 'password' => $encoded_password, 'uid' => $uid]
  );
  header ("Set-Cookie: logged_time=$logged_time; expires=$expire; path=/; domain=.kallyani.com.bd");
  return true;
}