1. Baidu login introduction (test site: address )
Baidu login includes identity authentication, user relationship and content dissemination. Users are allowed to log in and access third-party websites with Baidu accounts, share content, and synchronize information. It has the following characteristics:
1. Log in to your app or website directly with your Baidu account.
2. Obtain high-quality Baidu active users.
3. It is more convenient to share to Baidu, and improve the power of website information dissemination.
1.1 Authorization mechanism
Calls to Baidu's open interface, such as sending logins, obtaining basic user information, and obtaining popular Baidu content, all require user identity authentication.
At present, Baidu open platform user identity authentication mainly adopts OAuth2.0. In addition, in order to facilitate developers to develop and test their own applications, we also provide the identity authentication method of developer's own authorization, but the developer's own authorization is only applicable to the developer's own calling interface to which the application belongs.
If a Baidu user visits a third-party application webpage, the third-party application can obtain the basic information of the Baidu user through the webpage authorization mechanism, and then realize its own business functions.
interface documentation
Developers can first browse the OAuth2.0 interface document to get familiar with the meaning of the OAuth2.0 interface and parameters, and then we explain how to use OAuth2.0 according to the application scenarios.
| Access | Authorization process | introduce | validity period |
|---|---|---|---|
| new acquisition | Authorization Code | Also known as Web Server Flow, it is applicable to all applications that cooperate with the server side. | Access Token valid for one month + Refresh Token valid for ten years. |
| Implicit Grant | Also known as User-Agent Flow, it is applicable to all applications without server cooperation (the desktop client needs an embedded browser). | Access Token valid for one month. | |
| Client Credentials | That is, use the application public key and secret key to obtain the Access Token, which is applicable to any application with server type. Obtaining an Access Token through this authorization method can only access the interface of the platform authorization class. | Access Token valid for one month + Refresh Token valid for ten years. | |
| Device | Applicable to some devices with limited input (such as printers and TVs with only digital LCD screens, etc.). | Access Token valid for one month + Refresh Token valid for ten years. | |
| to refresh | Refresh Token | The access token refresh method is applicable to all applications that cooperate with the server side. | Ten-year refresh period. |
Precautions
When requesting user authorization, Baidu provides a parameter not mentioned in the OAuth2.0 protocol: display. It is used to identify the authorization pages of different presentation forms corresponding to different forms of clients, and its values are defined as follows
page: full-screen authorization page (default), suitable for web applications.
popup: The authorization page in the form of a bullet box, applicable to desktop software applications and web applications.
dialog: An authorization page in the form of a floating layer, which can only be used for web applications on the site.
mobile: The authorization page used on smart mobile terminals such as Iphone/Android, applicable to applications on smart mobile terminals such as Iphone/Android.
tv: The authorization page used by super-large displays such as TVs.
pad: The authorization page used by smart tablets such as IPad/Android.
2. Become a developer ( official document )
Developers can access the Weibo open platform through the following steps: Visit the official website of Baidu Developer Center → log in to the official website with a Baidu account → register as a Baidu developer → create/manage applications → pass the review and obtain interface permissions.
2.1 Registered Developer
1. If you are already a Baidu user, please visit the Baidu Developer Center and log in directly with your Baidu account.
2. If you are not a Baidu user, please visit Baidu Passport , fill in the registered email address and password and activate to become a Baidu user.
3. Visit the Baidu Developer Center and log in with your Baidu account.
2.2 After logging in, register developer http://developer.baidu.com/user/reg#app/project to enter the registered developer page, please fill in the relevant information to register.
(If you go directly to the developer information page, it means that you have already registered as a developer, you can skip this step and go directly to step 4). The figure below shows the individual developer registration page:
2.3 After submitting the materials as required, the reviewers will conduct a review. After passing the review, identity verification is required, upload the ID card information, and wait for review after submission.
3 Website application and mobile application access application
Before the application is connected, it is necessary to apply first to obtain the corresponding API Key (client_id) and Secret Key (client_secret), so as to ensure that the website and users can be correctly authenticated and authorized in the subsequent process.
3.1 Create an application
1. After registering as a developer, you can create and manage the application management console - Baidu Open Cloud Platform
2. Choose to create an application, and select the type of application to be created. Let's take a website application as an example, click the "Create" button, and complete the information as required:
3. After the project is successfully created, the page jumps to the project basic information page, where you can view the API Key (AK) and Secret Key (SK) of the application.
3.2 Perfect website information
1. Click "Security Settings" on the right side of the application, and edit the authorization callback page in the advanced information, which must be consistent with the callback address in the code behind
3.3 official website code SDK download ( SDK sample code download )
3.4 At this point, the preparatory work is over, and the website development process (introduced in the next part)
3.5 Everyone's project needs are different, and different problems may arise. This article is for reference only
3.6 SpringBoot+Vue implements third-party Baidu login (2)
3.7 Other third-party login methods: https://www.cnblogs.com/liyhbk/category/2089783.html
4. Source code purchase
4.1 Concise version ( Taobao source code )
Including login, third-party login, jump homepage, SpringBoot+SpringSecurity+Mysql+Redis+Vue+ElementUI, etc.
4.2 Multifunctional version ( Taobao source code )
Including login, registration, third-party login, complete system management module, system tool module, system monitoring module, personal center, etc., SpringBoot+SpringSecurity+Mysql+Redis+Vue+ElementUI, etc.