WeChat public account development: Introduction to URL and Tocken

1. Introduction to URL and Tocken

1. If you want to become a developer, you must have a public network address (URL). This network address must be accessible to the WeChat public platform. To obtain the network address, Multiple ways: You can use other platforms, or you can rent a server yourself (it is recommended to rent a server yourself, because we need to deploy applications); in short, you need to provide a URL on the public Internet;

2, Tocken ( Mark): Tocken can fill in a string at will and use it during authentication;

3. Authentication process: Developers are required to program, so an application must be deployed on the developer server (provide a URL); when When a URL on the public Internet is accessed by WeChat, WeChat will send some data. Your application must encrypt the data sent by WeChat, and then compare the ciphertext with the signature. If they are the same, return echostr to the WeChat public platform, and the WeChat public platform Verify, if correct, congratulations, your public account has become a developer account;

2. Verification flow chart

You have provided the URL to the WeChat public platform (developer Server URL) and Tocken, the picture below is the WeChat public platform authentication process;

As can be seen from the above picture, the main verification function is on the developer server side, among which When performing token, timestamp, and nonce encryption authentication (sha1 encryption) on the developer server side, the token is provided by the developer to the WeChat public platform; if the encryption result is the same as the signature provided by the WeChat public platform, then we return echostr Perform echostr certification on WeChat public platform; WeChat public platform. If passed, the public account will become a developer

3. Code description

I use python for development Language, if you are using other languages, the logical structure is similar, but the implementation is different;

@csrf_exempt
def wx_valid(request):#提供给微信公众平台的url，微信公众平台请求url时，会执行此方法

    '''微信开发者验证，是GET请求；GET 和 POST 区分是认证还是发送消息（发送消息的时候是POST）'''
    if(request.method == 'GET'):
        tocken='zainanjing6tocken'#提供给微信公众平台的tocken，可以保持在数据库、文件或者直接硬编码到代码中；
        if tocken:
            timestamp = request.GET['timestamp']
            nonce = request.GET['nonce']
            signature = request.GET['signature']
            echostr = request.GET['echostr']
           
            arr = [tocken,timestamp,nonce]
            arr.sort()
            data = ''
            for s in arr :
                data += s
            sha1 = hashlib.sha1() #或hashlib.md5()  
            sha1.update(data)
            _signature = sha1.hexdigest() #生成40位(sha1)或32位(md5)的十六进制字符串  
            if _signature == signature :
                return HttpResponse(echostr)#返回 echostr
    return HttpResponse('error')#返回 error

The above is the developer verification URL and Tocken logic process and source code, let’s talk about the overall operation process below;

4. Operation process

1. First deploy the application on the developer server and provide the URL and Tocken (this URL requires the WeChat public platform to be accessible)

2 . After adding the URL and Tocken to the WeChat public platform developer mode, the WeChat public platform will automatically request the URL, and the developer server will perform data verification (signature verification). If the verification is passed, echostr will be returned to the WeChat public platform

3. If you successfully become a developer account and the mode of the public account is adjusted to developer mode, the messages sent by the user to the public account will not be replied to by the WeChat public platform. The WeChat public platform will forward the message to Developer server, developer server responds to the message

At this point, the authentication of URL and Tocken is over. If the authentication passes, then congratulations, your account is already a developer account, the next step must be done It is to develop the function of replying to user messages, otherwise users will not receive any messages;

The above is the detailed content of WeChat public account development: Introduction to URL and Tocken. For more information, please follow other related articles on the PHP Chinese website!