Share an example of the authentication method of the Mini Program API

Is your mini programAPIauthenticated?

##API authentication method has Basic Auth Compared with OAuth

1.Basic Auth is easier to understand, that is, the user's username and password are provided every time the API is requested. It is simple to use, easy to develop and debug, and does not have too many complicated page jump logic and interactions. process; but the security is low. Username and password need to be passed every time, which may be intercepted and stolen to a large extent. At the same time, the application itself also needs to save the username and password. In terms of the security of the application itself, there are also many problems. Big problem.

2. OAuth provides a secure, open standard for the authorization of user resources. WeChat platform, Weibo, Douban, etc. all provide support for it; high security, the user's username and password It only needs to be provided once, and the Access Token access permission is limited to the application. Even if the Access Token is lost due to monitoring, it can be revoked at any time. If the user changes the password, it will not affect the normal use of the application.

This article mainly introduces the mini program and the first A simple way to connect the three-party API interfaces. First try to use Basic Auth for verification. Xiao O will add the OAuth verification method later. This article is for reference only. If you have any questions, please feel free to communicate.

1. Step 1 It is to open an API service based on Basic Auth. If the service is correct, a "Authentication required" dialog box will pop up during access

##2. Add a base64-encrypted username and password information to the

head

er header in each request. JS can use btoa's function . In the mini program, third-party js is required. Library, as shown in the figure

3. With the development interface wx.login of the small program, the security will be greatly increased

The current development habit is to first release demos in the early stage, and then continue to improve as the business develops.

[Related recommendations]

1.

WeChat applet complete source code download

2.

WeChat mini program game demo select different color blocks

3.

WeChat mini program demo: Guoku updated version

The above is the detailed content of Share an example of the authentication method of the Mini Program API. For more information, please follow other related articles on the PHP Chinese website!