Implementation steps for obtaining web page authorization for WeChat public accounts

Develop official documents based on WeChat public account:

The steps to obtain user information are as follows:

1 Step 1: User agrees to authorize and obtain code
2 Step 2 : Exchange webpage authorization access_token through code
3 Step 3: Refresh access_token (if necessary)
4 Step 4: Pull user information (need to have scope snsapi_userinfo)

1 Get code

Under the premise of ensuring that the WeChat public account has the permissions of the authorization scope (scope parameter) (the service account obtains advanced Interface, by default it has snsapi_base and snsapi_userinfo in the scope parameter).

If it prompts "The link cannot be accessed", please check whether the parameters are filled in incorrectly and whether you have the corresponding scope parameters. Authorization scope permissions.

Special attention: Due to the high security level of authorization operations, when initiating an authorization request, WeChat will perform a regular strong matching check on the authorization link. If the order of the parameters of the link is incorrect, , the authorization page will not be accessible normally

Among them:

AppID - the unique identifier of the official account
REDIRECT_URI - jump url
SCOPE - the value is snsapi_base (no pop-up The authorization page jumps directly and can only obtain the user's openid) or snsapi_userinfo (the authorization page pops up and you can get the nickname, gender, and location through openid. Moreover, even if you are not following the user, you can also obtain the information as long as the user authorizes it. )
STATE - Developers can customize the parameter value of a-zA-Z0-9

2 Exchange the code for web page authorization access_token

If the user agrees to the authorization, the page will jump Go to redirect_uri/?code=CODE&state=STATE.
state is the STATE parameter passed as it is.

Implementation code:

<code class="hljs php">$code = I(&#39;get.code&#39;);
if (empty($code)) {
   //todo 非微信访问
   exit(&#39;</code>&#39;);
 }else{ //授权后操作 }

Here we can get the code. To obtain the access_token later.

After obtaining the code, request the following link to obtain the access_token:

appid - the unique identifier of the official account
secret - the key
code - returned by the above The code
grant_type - the value is authorization_code

implementation code:

<code class="hljs bash">$url = &#39;https://api.weixin.qq.com/cgi-bin/token?grant_type=client_credential&appid=&#39; . C(&#39;wechat.AppID&#39;) . &#39;&secret=&#39; . C(&#39;wechat.AppSecret&#39;);
$str = file_get_contents($url);
$str = json_decode($str, true);
$access_token = $str[&#39;access_token&#39;];</code>

The access_token here can be cache processed to avoid frequent retrieval of the
implementation code to Take the TP framework as an example:

<code class="hljs php">$access_token = S(&#39;access_token&#39;);
if (empty($access_token)) {
  $url = &#39;https://api.weixin.qq.com/cgi-bin/token?grant_type=client_credential&appid=&#39; . C(&#39;wechat.AppID&#39;) . &#39;&secret=&#39; . C(&#39;wechat.AppSecret&#39;);
  $str = file_get_contents($url);
  $str = json_decode($str, true);
  $access_token = $str[&#39;access_token&#39;];
  S(&#39;access_token&#39;, $access_token, 3600);
}</code>

After obtaining the access_token, openid (the user’s unique identifier) ​​will also be returned. The official WeChat document explains: The user’s unique identifier. Please note that when you are not following the official account, When a user visits the webpage of an official account, an OpenID unique to the user and the official account will also be generated.

openid uniquely identifies the WeChat user. If the user is not logging in for the first time, he can get the openidQueryWhether the database has a user bound to this openid, then there is no need to re-obtain user data, directly obtain the database user_id settingsession, directly log in to access

3 Step 3 Ignore, just re-obtain the access_token when needed

4 Pull user information (need to have scope snsapi_userinfo)

If the database does not have this WeChat ID user binding, it is equivalent to the user When logging in for the first time, go through the fourth step to obtain user information (in the case of user authorization, the web page authorization scope is snsapi_userinfo, then the developer can pull user information through access_token and openid at this time), and then create a user in the background and bind it Define this WeChat user

(via openid)

Request method

http: GET (please use https protocol)

access_token - the access_token obtained above
openid - the unique identifier of the official account

<code class="hljs php">$url="https://api.weixin.qq.com/cgi-bin/user/info?access_token=$access_token&openid=$openid&lang=zh_CN";
   $str = file_get_contents($url);
   $str = json_decode($str, true);
   if (empty($str[&#39;errcode&#39;])) {  
   //创建user并绑定
   openid}else{  
   //错误处理}</code>

The above is the detailed content of Implementation steps for obtaining web page authorization for WeChat public accounts. For more information, please follow other related articles on the PHP Chinese website!