uniapp一键登陆（php）

后台PHP代码

    /**
     * 一键登陆
     */
    public function phoneLogin()
    {
    
    
        $access_token = $_POST['access_token'];
        $openid = $_POST['openid'];
        if (!$access_token && !$openid)
        {
    
    

            $this->weberror(self::THIS_ACTION_ERROR,'参数错误');
        }
        $secret = '';
        $params = array(
            'access_token' => $access_token,
            'openid' =>$openid
        );
        $stringSignTemp = '';
        foreach ($params as $k => $v){
    
    
            $stringSignTemp .= $k . '=' . $v . '&';
        }
        $stringSignTemp = rtrim($stringSignTemp, '&');
        $sign = hash_hmac('sha256', $stringSignTemp, $secret);
        $url = "https://tcb-kz54q4wey3ivqxv8bbcb6-c4fd02.service.tcloudbase.com/getPhoneNumber?sign=".$sign."&".$stringSignTemp;
        $response = json_decode(file_get_contents($url),true);
        if ($response)
        {
    
    
            $mobile = $response['phoneNumber'];
            $user = M('user')->where(array('mobile'=>$mobile))->find();
            if (!$user){
    
    
                $data['session_id'] = session_id();
                $data['login_time'] = time();
                $data['reg_time'] = time();
                $data['mobile'] = $mobile;
                $data['username'] = $mobile;
                $data['password'] = "";
                $data['login_ip'] = get_client_ip();
                $data['token'] = $this->createtoken();
                $newid = M('user')->add($data);
                if ($newid) {
    
    
                    $this->get_reward_goldcoin($newid,'reg_reward');//注册奖励
                    $_user = M('user')->where(array('mobile'=>$mobile))->find();
                    $this->memberlogin($_user['mobile'],$_user['password'],get_client_ip());
                }
            }elseif ($user){
    
    
                $this->memberlogin($user['mobile'],$user['password'],get_client_ip());
            }else{
    
    
                session("ses_uid",NULL);
                session("ses_mobile",NULL);
                $this->weberror(self::THIS_ACTION_ERROR,'登陆失败');
            }
        }else{
    
    
            $this->weberror(self::THIS_ACTION_ERROR,'获取信息失败');
        }

    }

云函数

// 云函数验证签名，此示例中以接受GET请求为例作演示
const crypto = require('crypto')
module.exports = async(event){
    
    

  const secret = 'your-secret-string' // 自己的密钥不要直接使用示例值，且注意不要泄露
  const hmac = crypto.createHmac('sha256', secret);

  let params = event.queryStringParameters
  const sign = params.sign
  delete params.sign
  const signStr = Object.keys(params).sort().map(key => {
    
    
    return `${
     
     key}=${
     
     params[key]}`
  }).join('&')

  hmac.update(signStr);

  if(sign!==hmac.digest('hex')){
    
    
    throw new Error('非法访问')
  }

  const {
    
    
    access_token,
    openid
  } = params
  const res = await uniCloud.getPhoneNumber({
    
    
      provider: 'univerify',
    appid: 'xxx', // DCloud appid，不同于callFunction方式调用，使用云函数Url化需要传递DCloud appid参数
      apiKey: 'xxx', // 在开发者中心开通服务并获取apiKey
      apiSecret: 'xxx', // 在开发者中心开通服务并获取apiSecret
      access_token: access_token,
      openid: openid
  })
  // 返回手机号给自己服务器
  return res
}

获取的结果：

“{“code”:0,“success”:true,“phoneNumber”:“x******”}”