Shulou(Shulou.com)06/01 Report--

Today, I will talk to you about how to simplify user binding by web authorization in the development of Wechat official account. Many people may not know much about it. In order to make you understand better, the editor summarized the following content for you. I hope you can get something from this article.

First of all, we need to explicitly bind Wechat users and system users, so that after a binding, the system can automatically log in for users when they access the system through Wechat again, so as to prevent users from logging in repeatedly. Make the user operation experience more smooth.

In fact, the core logic of Wechat binding users is to establish a relationship between Wechat users' OpenID and the system's user UserId. Currently, there are two ways to obtain the OpenID of Wechat users:

1 obtain from the xml of user interaction:

To obtain a page that does not require authorization, but requires the user to actively interact with the official account, the common way is to use the official account menu, set it to the reply message, obtain the OpenId when the user clicks on the menu event and push it to the XML of the server interface, and then organize a link related to OpenId to put it in the reply, and the user clicks on this link and then jumps to the binding page.

2 use web authorization to obtain basic information of users

This uses the OAuth3.0 interface provided by Wechat, does not require users to click on menu items and reply messages, and can be initiated directly from any page of the mobile site in the official account of Wechat. In particular, when binding users, you only need to know OpenId, and you do not need perfect user information, and you can also use the silent authorization mode provided by Wechat, where even the page authorized by the user does not need to appear, and the process of obtaining OpenId is almost transparent to users, which is smoother.

This article focuses on the second way. The corresponding Wechat official documents are authorized to obtain basic user information on the web page.

Take a look at the overall flow chart first.

The judgment that the user has logged in is judged by the system itself. When it detects that the user is not logged in, the program jumps to the Wechat OAuth authorization page, such as

Https://open.weixin.qq.com/connect/oauth3/authorize?appid=wx520c15f417810387&redirect_uri=https%3A%2F%2Fchong.qq.com%2Fphp%2Findex.php%3Fd%3D%26c%3DwxAdapter%26m%3DmobileDeal%26showwxpaytitle%3D1%26vb2ctag%3D4_2030_5_1194_60&response_type=code&scope=snsapi_base&state=123#wechat_redirect

Notice the silent authorization method we use. The scope parameter should be set to snsapi_base. The redirect_uri parameter value is to jump back to the URL address of my system, which is URL encoded.

When you jump to the Wechat authorization page, the user does not need to click on authorization, so it will not stop, jump directly back to the URI of this system, and then add the code parameter, such as in the example above.

Https://chong.qq.com/php/index.php?d=&c=wxAdapter&m=mobileDeal&showwxpaytitle=1&vb2ctag=4_2030_5_1194_60&code=xxxx

And the page that jumps back is where the program that gets the OpenId is located. The program on this page uses the code parameter value obtained when you jump back, and then calls the Wechat server access_token API to get OpenId, that is, this API returns OpenId when it returns access_token:

Https://api.weixin.qq.com/sns/oauth3/access_token?appid=APPID&secret=SECRET&code=CODE&grant_type=authorization_code

Note that the URL of this interface is preceded by https://api.weixin.qq.com/sns/oauth3, which is different from other Wechat interfaces https://api.weixin.qq.com/cgi-bin/!

At this point, we have got the OpenId of the Wechat user, at this time, output a login form to the user, let the user fill in the user name / password, or use the more fluent user login method now, fill in the mobile number to get the SMS verification code, after POST submission, you can find the user's UserId in this system, we record the association relationship on the server side, and the whole binding process is completed.

As a Wechat user identification string, OpenId, in principle, cannot appear in the form or submitted in clear text for full consideration. OpenId anti-counterfeiting, anti-duplication and so on, there have been a lot of research on the Internet. In the actual development, I found that the more concise way is to directly use the session with a validity period of 5 minutes to store the OpenId, which expires immediately when the session is used, and then outputs the key of the session as a parameter to the user.

After reading the above, do you have any further understanding of how web authorization can simplify user binding in the development of Wechat official account? If you want to know more knowledge or related content, please follow the industry information channel, thank you for your support.

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.