Overview
In many development projects, we are likely to encounter implement third-party login function (micro letter, QQ, Weibo, etc.); similar principles of its implementation, the implementation process is not very complicated. This blog from zero to about landing a third party to achieve micro-channel function.
Create a Web Application
Log in micro-channel development platform, create a web application (Figure), click Create site after the corresponding reference information to fill in as required to wait for approval. After review by the corresponding application available AppID and appsecret (FIG. 2).
1 Create a Web Application
FIG 2 and acquiring a corresponding appid appsecret
Realize the function
Preparatory work has been done to get to appid and appsecret; The following is the process of implementation of the code, we first write scan code to obtain authorization landing.
login.php
<?php
/**
* =======================================
* Created by ZHIHUA·WEI.
* Author: ZHIHUA·WEI
* Date: 2019/06/21
* Time: 14:13
* Power: 微信第三方登陆实现
* =======================================
*/
//AppID
$appid = "wx****************";
//授权回调地址
$redirect_uri = urlencode("http://notify.wx-login.com/notify.php");
//state 用于保持请求和回调的状态,授权请求后原样带回给第三方。
//该参数可用于防止csrf攻击(跨站请求伪造攻击),
//建议第三方带上该参数,可设置为简单的随机数加session进行校验
$state = md5("ws" . date("YmdH"));
$url = "https://open.weixin.qq.com/connect/qrconnect?appid=" . $appid . "&redirect_uri=" . $redirect_uri . "&response_type=code&scope=snsapi_login&state=" . $state . "#wechat_redirect";
header('location:' . $url);Secondly, we need to get authorization to return inside the callback, obtain authorization of the micro-channel user information (contained openid, etc.).
notify.php
<?php
/**
* =======================================
* Created by ZHIHUA·WEI.
* Author: ZHIHUA·WEI
* Date: 2019/06/21
* Time: 14:49
* Power: 微信第三方登陆实现
* =======================================
*/
//1 获得授权回调的数据信息(code)
$res = $_REQUEST;
if (empty($res['code'])) {
die('获取Code失败');
}
//2 获取access_token
$appid = "wx****************"; //AppID
$AppSecret = "00xxxxxxxxxxxxxxxxxxxxxxx"; //AppSecret
$url_access_token = "https://api.weixin.qq.com/sns/oauth2/access_token?appid=" . $appid . "&secret=" . $AppSecret . "&code=" . $res['code'] . "&grant_type=authorization_code";
$access = Curl($url_access_token);
$access = json_decode($access, true);
if (empty($access['access_token'])) {
die('获取access_token失败');
}
//3 检验授权凭证(access_token)是否有效
$url_verify = "https://api.weixin.qq.com/sns/auth?access_token=" . $access['access_token'] . "&openid=" . $access['openid'];
$verify_access_token = Curl($url_verify);
$verify_access_token = json_decode($verify_access_token, true);
if ($verify_access_token['errcode'] !== 0) {
die('access_token失效');
}
//4 获取用户个人信息
$url_user_info = "https://api.weixin.qq.com/sns/userinfo?access_token=" . $access['access_token'] . "&openid=" . $access['openid'];
$user_info = Curl($url_user_info);
$user_info = json_decode($user_info, true);
if (empty($user_info['openid'])) {
die('获取用户信息失败');
}
//5 获取微信用户信息成功,之后就可以根据项目需求逻辑进行后续处理....
//6 输出获得的微信用户信息
echo "<pre>";
var_dump($user_info);
/**
* Curl请求
* @param $url
* @return mixed
*/
function Curl($url)
{
$info = curl_init();
curl_setopt($info, CURLOPT_RETURNTRANSFER, true);
curl_setopt($info, CURLOPT_HEADER, 0);
curl_setopt($info, CURLOPT_NOBODY, 0);
curl_setopt($info, CURLOPT_SSL_VERIFYPEER, false);
curl_setopt($info, CURLOPT_SSL_VERIFYPEER, false);
curl_setopt($info, CURLOPT_SSL_VERIFYHOST, false);
curl_setopt($info, CURLOPT_URL, $url);
$output = curl_exec($info);
curl_close($info);
return $output;
}
So far, the micro-channel third-party sign-on function basically, write this article describes.
