微信小程序session_key、encryptedData、iv进行解密获取用户头像名称

    public function register(){
        $data['openid'] = input('openid','');
        //解密用户信息
        $userData = $this->getSessionKey();
        if($userData){
            $data['nickname'] = $userData['nickName'];
            $data['head'] = $userData['avatarUrl'];
        }
        $data['token'] = getRandChar(32);
        $data['token_time'] = time();
        $id = Db::name('store_member')->strict(false)->insertGetId($data);
        if($id){
            $user = Db::name('store_member')->where('id', $id)->find();
            return json_encode(['code'=>200, 'msg'=>'注册成功', 'data'=>$user]);
        }else{
            return json_encode(['code'=>400, 'msg'=>'注册失败']);
        }
    }
    
    //获取session_key
    public function getSessionKey(){
        $url = 'https://api.weixin.qq.com/sns/jscode2session';
        $data = array(
            'appid' =>$this->wxpay['appid'],
            'secret' => $this->wxpay['secret'],
            'js_code' => input('js_code',''),
            'grant_type' => 'authorization_code'
        );
        $res = httpRequest($url, 'POST', $data);
        $session_key = json_decode($res,true);
        if(!empty($session_key['session_key'])){
            $encryptedData = str_replace(' ', '+', input('encryptedData'));
            $iv = str_replace(' ', '+', input('iv'));
            $aesKey = base64_decode($session_key['session_key']);
            $aesIV = base64_decode($iv);
            $aesCipher = base64_decode($encryptedData);
            $result = openssl_decrypt($aesCipher, 'AES-128-CBC', $aesKey, 1, $aesIV);
            return json_decode($result,true);
        }else{
            return false;
        }
    }

小程序端

      login: function (e) {
        var that = this;
        wx.login({
          success: function (res_) {
            that.setData({
              session: res_.code,
            })
          }
        })
        wx.getUserProfile({
          desc: '用于完善会员资料', // 声明获取用户个人信息后的用途，后续会展示在弹窗中，请谨慎填写
          success: (res) => {
            var url = 'User/getUser'
            var params = { 
              js_code: that.data.session, 
              openid: app.globalData.openid,
              iv: res.iv,
              encryptedData: res.encryptedData,
              // 修正
              // nickname: e.detail.userInfo.nickName,
              // head: e.detail.userInfo.avatarUrl
            }
            util.wxRequest(url, params, data => {
              if (data.code == 200) {
                app.globalData.userInfo = data.data
                app.globalData.login = true
                this.setData({ login:true })
                wx.showToast({
                  title: '登录成功',
                  icon: 'success',
                  duration: 2000
                })
              } else {
                //错误，需用户重新授权登录
                app.globalData.login = false
                wx.showToast({
                  title: data.msg,
                  icon: 'none',
                  duration: 2000
                })
              }
            }, data => { }, data => { })
          }
        })
      },

以上代码大致流程为:

1.在小程序界面点击按钮发送js_code与encryptedData和iv到自己的服务器

2.服务器接收到js_code后配合appid与secret共同调用微信接口获取session_key与openid

3.使用获取到的encryptedData与iv以及获取到的session_key进行解密,将返回的数据转化为数组,提取其中的nickName与avatarUrl

4.连接服务器,将openid,nickName,avatarUrl,存入数据库之中