一. 小程序不支持cookie会话
1. 通过传递与检验3rd_session来保持会话
2. 3rd_session可以执行‘`head -n 80 /dev/urandom | tr -dc A-Za-z0-9 | head -c 168`该命令生成
3. 使用Redis或者数据库存储session
4. 生成的3rd_session发送给客户端,写入storage
5. 客户端的每次请求必须带上3rd_session
二、加密数据解码
1. $iv,$code是被加密过的数据,由于请求过程中因为编码原因+号变成了空格,所以我们需要用下面的方法转换回来
function define_str_replace($data){ return str_replace(' ','+',$data); }
三、例子:
php
// 微信登录 public function weixin_login(){ $session_db=D('Session'); $session_id=I('get.sessionid',''); $session=$session_db->getSession($session_id); if( !empty( $session ) ){ $this->ajaxReturn(['error_code'=>0,'sessionid'=>$session_id]); }else{ $iv=define_str_replace(I('get.iv')); //把空格转成+ $encryptedData=urldecode(I('get.encryptedData')); //解码 $code=define_str_replace(I('get.code')); //把空格转成+ $msg=D('Weixin')->getUserInfo($code,$encryptedData,$iv); //获取微信用户信息(openid) if($msg['errCode']==0){ $open_id=$msg['data']->openId; $users_db=D('Users'); $info=$users_db->getUserInfo($open_id); if(!$info||empty($info)){ $users_db->addUser(['open_id'=>$open_id,'last_time'=>['exp','now()']]); //用户信息入库 $info=$users_db->getUserInfo($open_id); //获取用户信息 $session_id=`head -n 80 /dev/urandom | tr -dc A-Za-z0-9 | head -c 168`; //生成3rd_session $session_db->addSession(['uid'=>$info['id'],'id'=>$session_id]); //保存session } if($session_id){ $this->ajaxReturn(['error_code'=>0,'sessionid'=>$session_id]); //把3rd_session返回给客户端 }else{ $this->ajaxReturn(['error_code'=>0,'sessionid'=>$session_db->getSid($info['id'])]); } }else{ $this->ajaxReturn(['error_code'=>'用户信息获取失败!']); } } }
获取微信信息模型(包括信息解密,官方例子点击下载)
require_once ABS_APP_PATH.'/Addon/Aes/wxBizDataCrypt.php'; class WeixinModel{ // 获取微信的用户信息(openid) public function getUserInfo($code,$encryptedData,$iv){ $appid=C('appid'); $secret=C('secret'); $grant_type='authorization_code'; $url='https://api.weixin.qq.com/sns/jscode2session'; $url= sprintf("%s?appid=%s&secret=%s&js_code=%s&grant_type=%",$url,$appid,$secret,$code,$grant_type); $user_data=json_decode(file_get_contents($url)); $session_key= define_str_replace($user_data->session_key); $data=""; $wxBizDataCrypt=new WXBizDataCrypt($appid,$session_key); $errCode=$wxBizDataCrypt->decryptData($encryptedData,$iv,$data); return ['errCode'=>$errCode,'data'=>json_decode($data),'session_key'=>$session_key]; } }
javascript
getUserInfo: function(cb) { var that = this if (this.globalData.userInfo) { typeof cb == "function" && cb(this.globalData.userInfo) } else { //调用登录接口 wx.login({ success: function(r) { wx.getUserInfo({ success: function(res) { that.login({ code: r.code, iv: res.iv, encryptedData: encodeURIComponent(res.encryptedData), }) that.globalData.userInfo = res.userInfo typeof cb == "function" && cb(that.globalData.userInfo) } }) } }) } }, login: function(param) { wx.request({ url: this.requestUrl('Index/weixin_login'), data: param, header: { 'content-type': "application/json", }, success: function(res) { var data = JSON.parse(res.data.trim()); wx.setStorageSync('sessionid', data.sessionid); } }) },