WeChat public account-obtaining user information (webpage authorization acquisition) implementation steps

伊谢尔伦
Release: 2016-11-21 15:49:39
Original
3050 people have browsed it

Develop official documents based on the WeChat public account:

The steps to obtain user information are as follows:

1 Step 1: User agrees to authorize and obtain code
2 Step 2: Exchange code for web page authorization access_token
3 Step 3: Refresh access_token (if needed)
4 Step 4: Pull user information (scope is required to be snsapi_userinfo)

1 Obtain code

Under the premise of ensuring that the WeChat public account has the authorization scope (scope parameter) (the service account is obtained After the advanced interface, it has snsapi_base and snsapi_userinfo in the scope parameters by default), guiding followers to open the following page:

https://open.weixin.qq.com/connect/oauth2/authorize?appid=APPID&redirect_uri=REDIRECT_URI&response_type=code&scope =SCOPE&state=STATE#wechat_redirect

If it prompts "The link cannot be accessed", please check whether the parameters are filled in incorrectly and whether you have the authorization scope permissions corresponding to the scope parameter.

Special note: Due to the high security level of authorization operations, when initiating an authorization request, WeChat will perform a regular strong matching check on the authorization link. If the parameters of the link are in the wrong order, the authorization page will not be accessible normally

Among them:

AppID - the unique identifier of the official account
REDIRECT_URI - jump url
SCOPE - the value is snsapi_base (the authorization page does not pop up, jumps directly, only the user openid can be obtained) or snsapi_userinfo (the authorization page pops up, which can be obtained through openid) Nickname, gender, location. And, even if the user is not following, the information can be obtained as long as the user authorizes it)
STATE - Developers can customize the parameter values ​​​​of a-zA-Z0-9

2 through code In exchange for webpage authorization access_token

If the user agrees to the authorization, the page will jump to redirect_uri/?code=CODE&state=STATE.
state is passed as it is from the STATE parameter above.

Implementation code:

<code class="hljs php">$code = I(&#39;get.code&#39;);
if (empty($code)) {
   //todo 非微信访问
   exit(&#39;</code>&#39;);
 }else{ //授权后操作 }
Copy after login

Here we can get the code for subsequent acquisition of access_token.

After obtaining the code, request the following link to obtain the access_token:

https://api.weixin.qq.com/sns/oauth2/access_token?appid=APPID&secret=SECRET&code=CODE&grant_type=authorization_code

appid - the only one for the official account Identity
secret - Key
code - The code returned above
grant_type - The value is authorization_code

Implementation code:

<code class="hljs bash">$url = &#39;https://api.weixin.qq.com/cgi-bin/token?grant_type=client_credential&appid=&#39; . C(&#39;wechat.AppID&#39;) . &#39;&secret=&#39; . C(&#39;wechat.AppSecret&#39;);
$str = file_get_contents($url);
$str = json_decode($str, true);
$access_token = $str[&#39;access_token&#39;];</code>
Copy after login

The access_token can be cached here to avoid frequent acquisition
Implementation code, take the TP framework as an example:

<code class="hljs php">$access_token = S(&#39;access_token&#39;);
if (empty($access_token)) {
  $url = &#39;https://api.weixin.qq.com/cgi-bin/token?grant_type=client_credential&appid=&#39; . C(&#39;wechat.AppID&#39;) . &#39;&secret=&#39; . C(&#39;wechat.AppSecret&#39;);
  $str = file_get_contents($url);
  $str = json_decode($str, true);
  $access_token = $str[&#39;access_token&#39;];
  S(&#39;access_token&#39;, $access_token, 3600);
}</code>
Copy after login
Copy after login

After obtaining the access_token, it will also return the openid (user's unique identifier). The official WeChat document explains: the user's unique identifier. Please note that when the user does not follow the official account, accessing the official account's webpage will also generate A unique OpenID for a user and official account

openid uniquely identifies a WeChat user. If the user is not logging in for the first time, they can query the database after getting the openid to see if there is a user bound to this openid. There is no need to re-obtain user data afterwards. , directly obtain the database user_id, set the session, log in directly to access

3 Ignore the third step, only re-obtain the access_token at the required time

4 Pull user information (need to have the scope snsapi_userinfo)

There is no such WeChat ID in the database When the user is bound, it is equivalent to the user's first visit and login, and the user information is obtained through the fourth step (in the case of user authorization, the web page authorization scope is snsapi_userinfo, then the developer can pull the user through access_token and openid at this time information), then create a user in the background and bind this WeChat user (via openid)


Request method


http: GET (please use https protocol) https://api.weixin.qq.com/ sns/userinfo?access_token=ACCESS_TOKEN&openid=OPENID&lang=zh_CN

access_token - the access_token obtained above

openid - the unique identifier of the public account



Implementation code:

<code class="hljs php">$access_token = S(&#39;access_token&#39;);
if (empty($access_token)) {
  $url = &#39;https://api.weixin.qq.com/cgi-bin/token?grant_type=client_credential&appid=&#39; . C(&#39;wechat.AppID&#39;) . &#39;&secret=&#39; . C(&#39;wechat.AppSecret&#39;);
  $str = file_get_contents($url);
  $str = json_decode($str, true);
  $access_token = $str[&#39;access_token&#39;];
  S(&#39;access_token&#39;, $access_token, 3600);
}</code>
Copy after login
Copy after login

The above are the specific steps for the WeChat public account to obtain user information.

Related labels:
source:php.cn
Statement of this Website
The content of this article is voluntarily contributed by netizens, and the copyright belongs to the original author. This site does not assume corresponding legal responsibility. If you find any content suspected of plagiarism or infringement, please contact admin@php.cn
Popular Tutorials
More>
Latest Downloads
More>
Web Effects
Website Source Code
Website Materials
Front End Template
About us Disclaimer Sitemap
php.cn:Public welfare online PHP training,Help PHP learners grow quickly!