Two methods of obtaining user unionID in WeChat webpage development--multi-point login user identification based on WeChat

Suppose website A has the following functional requirements: 1. WeChat scan code login on the PC side; 2. Requirements for the silent login function in the WeChat browser. For these two requirements, the user's unionID needs to be used, so that multiple login points (terminals) can be used. ) to identify the user. So how to obtain the user's unionID under these two requirements?

1. Look at the solution

on Use snsapi_login as the scope to initiate web page authorization. First, use the appid and secret of the website application to obtain the "web page authorization access_token" through the authorization interface, and then use the "web page authorization access_token" to pass the "API interface for pulling user information". "Pull the user information to get the unionId.

This method is suitable for the scenario: without using the WeChat public account (subscription account, service account), the WeChat scan code login function of the PC-side website can be realized through the website application under the WeChat open platform. The requirements of this scenario are relatively simple. You can refer to the section "Website Application" - "WeChat Login Function" in the technical document of the WeChat open platform to implement the coding. Below, only the user scans the QR code to authorize WeChat login (user scan 2 The method and process of how to obtain the unionID after clicking the QR code in the authorization window that pops up on the WeChat client to confirm the login) are described below.

After the user authorizes the login, it is redirected to the login page of website A and brings back the code and state parameters. First take the code to obtain the web page authorization access_token:

1 $curl = new Curl();
2 $wxresponse = $curl->get('https://api.weixin.qq.com/sns/oauth2/access_token?appid=' . $appid
3 . '&secret=' . $secret . '&code=' . $code . '&grant_type=authorization_code'
4 $wxresult = json_decode($wxresponse);

Request parameter description:

1 Parameter is required Description
2 appid is the unique identifier of the application, obtained after the application is submitted to the WeChat open platform for approval
3 secret is the application key AppSecret, the application is submitted on the WeChat open platform After the approval, you will get
4 code Yes Fill in the code parameter obtained in the first step
5 grant_type Yes Fill in the authorization_code

If the request is correct, the return value:


copy code
{
"access_token":"ACCESS_TOKEN",
"expires_in":7200,
"refresh_token":"REFRESH_TOKEN ",
"openid":"OPENID",
"scope":"SCOPE"
}
Parameter Description
access_token API call credentials
expires_in access_token API call credentials timeout time, unit (seconds)
refresh_token User refresh access_token
openid Unique ID of authorized user
scope The scope of user authorization, separated by

commas

.

Then use the obtained access_token and openid to get the unionID:

1 //Get the user's personal information
2 $response = $curl->get('https://api.weixin.qq.com/sns/userinfo?access_token=' . $ wxresult->access_token
3 . '&openid=' . $wxresult->openid);

The return value will not be written in detail, including the user's unionID.



2. Look at the solution of the WeChat browser on the mobile phone.

Method 1: Use snsapi_userinfo as the scope to initiate webpage authorization, and the process of obtaining the unionID is the same as that of the PC terminal, but the service number appid and secret in the WeChat public account are used to obtain the webpage authorization access_token.

1 // The user accesses this page from WeChat and directly calls WeChat authentication
2 header('Location: https://open.weixin.qq.com/connect/oauth2/authorize?appid=' . $appid
3 . '&redirect_uri= http%3A%2F%2Fwww.host.com%2Fsite%2Fcallback'
4. '&response_type=code&scope=snsapi_userinfo&state=state#wechat_redirect');
5 exit;

This method does not have a good experience in WeChat browser, because when the user clicks on a webpage while browsing the webpage in WeChat browser, the login is triggered The authorization window will pop up when the function is activated, and a better experience should be that the user should be unaware when triggering the login function. The second method below can achieve this requirement.



Method 2: Use snsapi_base as the scope to initiate webpage authorization, first use the appid and secret of the official account to obtain the global unique credential access_token of the WeChat official account, and then use the obtained access_token to call the "Get user information" in the "User Management Interface" of the official account interface" to get the unionID.

Initiate an authorization request. Because the web page authorization request is initiated with snsapi_base as the scope, the authorization is silent and the user is unaware. It is explained in the section on Web authorization of the WeChat public platform development document.

1 header('Location: https://open.weixin.qq.com/connect/oauth2/authorize?appid=' . $appid
2 . '&redirect_uri=http%3A%2F%2Fwww.host.com%2Fsite%2Fcallback '
3 . '&response_type=code&scope=snsapi_base&state=state#wechat_redirect');


Get the globally unique access_token of the official account

            $curl = new Curl();
            $curl->setOption(CURLOPT_SSL_VERIFYPEER, false);
            $tokenresult = $curl->get('https://api.weixin.qq.com/cgi-bin /token?grant_type=client_credential&appid=' . $appid . '&secret=' . $secret);

If the request is correct, the return value:

1 {"access_token":"ACCESS_TOKEN","expires_in":7200}
2
3 Parameter Description
4 access_token The obtained credential
5 expires_in The valid time of the credential, unit: second

Call the official account "obtain user information interface":

1 $response = $curl->get('https://api.weixin.qq.com/cgi-bin /user/info?access_token=' . $token . '&openid=' . $wxresult->openid . '&lang=zh_CN');

Example of return value if correct:


copy code
1 {
2    "subscribe": 1,
3    "openid": "o6_bmjrPTlm6_2sgVt7hMZOPfL2M",
4    "nickname": "Band",
5    "sex": 1,
6    "language": "zh_CN",
7    "city": "广州",
8    "province": "广东",
9    "country": "中国",
10
11    "headimgurl":  "http://www.pangdan.com/songxiaobao//mmopen/g3MonUZtNHkdmzicIlibx6iaFqAc56vxLSUfpb6n5WKSYVY0ChQKkiaJSgQ1dZuTOgvLLrhJbERQQ4
12
13 eMsv84eavHiaiceqxibJxCfHe/0",
14   "subscribe_time": 1382694957,
15   "unionid": " o6_bmasdasdsad6_2sgVt7hMZOPfL"
16   "remark": "",
17
18   "groupid": 0,
19
20   "tagid_list":[128,2]
21 }
22
23 Parameter Description
24 Parameter Description
25 subscribe Whether the user subscribes to the official account ID, when the value is 0, it means that the user does not follow the official account, and the rest of the information cannot be pulled.
26 openid User's ID, unique to the current public account
27 nickname User's nickname
28 sex User's gender, when the value is 1, it is male, when the value is 2, it is female, and when the value is 0, it is unknown.
29 city The user's city
30 country user
31 province The province where the user is located 32
language The language of the user, Simplified Chinese is zh_CN
33 headimgurl User avatar, the last value represents the size of the square avatar (there are 0, 46, 64, 96, 132 values ​​to choose from, 0 represents 640*640 square avatar), this item is empty when the user does not have an avatar. If the user changes the avatar, the original avatar URL will be invalid.
34 subscribe_time User attention time, which is a timestamp. If the user has followed for many times, the last follow time
35 unionid will be used. This field will only appear after the user binds the official account to the WeChat Open Platform account.
36 remark Official account operator's remarks to fans, official account operators can add remarks to fans in the user management interface of WeChat official platform
37 groupid The group ID of the user (compatible with the old user group interface)
38 tagid_list The tag ID that the user is marked with List

Copy code



3, summary

Whether users log in to the website from the PC or access the website from the WeChat browser, we can obtain the unionID, thus realizing the user identification of multi-point login.

-------------------------------------------------- ----------------------------------------

End