WeChat Mini Program officials have given a very detailed login sequence diagram. Of course, for security reasons, signature encryption should be added.
WeChat applet
login: function(e) { var that = this; wx.login({ success: function(res){ var code = res.code; //获取code wx.getUserInfo({ //得到rawData, signatrue, encryptData success: function(data){ var rawData = data.rawData; var signature = data.signature; var encryptedData = data.encryptedData; var iv = data.iv; wx.request({ url: '你自己的后台地址', data: { "code" : code, "rawData" : rawData, "signature" : signature, 'iv' : iv, 'encryptedData': encryptedData }, method: 'GET', success: function(info){ console.log(info); } }) } }) }, }) }
Call
wx.login
to get the code.Call
wx.getUserInfo
to obtain the rawData, signatrue, and encryptData required for the signature.Initiate a request to send the obtained data to the background.
ThinkPHP backend
//开发者使用登陆凭证 code 获取 session_key 和 openid $APPID = ''; $AppSecret = ''; $code = I('get.code'); $url="https://api.weixin.qq.com/sns/jscode2session?appid=".$APPID."&secret=".$AppSecret."&js_code=".$code."&grant_type=authorization_code"; $arr = vget($url); // 一个使用curl实现的get方法请求 $arr = json_decode($arr,true); $openid = $arr['openid']; $session_key = $arr['session_key']; // 数据签名校验 $signature = I('get.signature'); $signature2 = sha1($_GET['rawData'].$session_key); //记住不应该用TP中的I方法,会过滤掉必要的数据 if ($signature != $signature2) { echo '数据签名验证失败!';die; } //开发者如需要获取敏感数据,需要对接口返回的加密数据( encryptedData )进行对称解密 Vendor("PHP.wxBizDataCrypt"); //加载解密文件,在官方有下载 $encryptedData = $_GET['encryptedData']; $iv = $_GET['iv']; $pc = new \WXBizDataCrypt($APPID, $session_key); $errCode = $pc->decryptData($encryptedData, $iv, $data); //其中$data包含用户的所有数据 if ($errCode != 0) { echo '解密数据失败!';die; } //生成第三方3rd_session $session3rd = null; $strPol = "ABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789abcdefghijklmnopqrstuvwxyz"; $max = strlen($strPol)-1; for($i=0;$i<16;$i++){ $session3rd .=$strPol[rand(0,$max)]; } echo $session3rd;
Get session_key and openid based on login credentials code.
Data signature verification.
Data decryption.
Generate third-party 3rd_session and return to WeChat applet.
The get method implemented by curl requests the method
public function vget($url){ $info=curl_init(); curl_setopt($info,CURLOPT_RETURNTRANSFER,true); curl_setopt($info,CURLOPT_HEADER,0); curl_setopt($info,CURLOPT_NOBODY,0); curl_setopt($info,CURLOPT_SSL_VERIFYPEER, false); curl_setopt($info,CURLOPT_SSL_VERIFYHOST, false); curl_setopt($info,CURLOPT_URL,$url); $output= curl_exec($info); curl_close($info); return $output; }
The above is the detailed content of Use ThinkPHP as the backend for WeChat login. For more information, please follow other related articles on the PHP Chinese website!

Hot AI Tools

Undresser.AI Undress
AI-powered app for creating realistic nude photos

AI Clothes Remover
Online AI tool for removing clothes from photos.

Undress AI Tool
Undress images for free

Clothoff.io
AI clothes remover

Video Face Swap
Swap faces in any video effortlessly with our completely free AI face swap tool!

Hot Article

Hot Tools

Atom editor mac version download
The most popular open source editor

SublimeText3 Linux new version
SublimeText3 Linux latest version

SublimeText3 Mac version
God-level code editing software (SublimeText3)

SublimeText3 English version
Recommended: Win version, supports code prompts!

SAP NetWeaver Server Adapter for Eclipse
Integrate Eclipse with SAP NetWeaver application server.