Home > WeChat Applet > Mini Program Development > Explanation of the authorization login process of WeChat applet

Explanation of the authorization login process of WeChat applet

不言
Release: 2018-07-23 11:12:26
Original
13005 people have browsed it

The content of this article is to explain the authorization login process of WeChat applet. It has certain reference value. Friends in need can refer to it.

The company's business is developing and it has recently completed the development of a WeChat applet. The scenario is this: an APP and a WeChat applet with the same subject under the same WeChat open platform complete the same business. When the user enters the app or WeChat applet, the user's unionid must be obtained to confirm the current user identity and complete the login. The calling method of the mini program's "get user information" api (getUserInfo) has been greatly updated compared to before. It is very important to elegantly implement user authorization and login. The following is my implementation of the WeChat mini program authorization login process during development. The ideas and summary are shared below.

1. WeChat applet login process timing sequence

Explanation of the authorization login process of WeChat applet

Instructions:

  1. The applet calls wx .login() obtains the temporary login credential code and returns it to the developer server

  2. The developer server exchanges the code for the user's unique identifier openid and session key session_key.

  3. The temporary login credential code can only be used once

What is openid?

Generate messages between followers and public accounts After interaction, the official account can obtain the follower's OpenID (encrypted WeChat ID, each user's OpenID for each official account is unique. For different official accounts, the same user's openid is different). ——WeChat public platform developer documentation
  • The identification of ordinary users, unique to the current public account

  • Different public accounts, the same user , openid is different

You can simply understand it as

openid = hash(uid + app_id)
Copy after login

What is unionid?

If the developer has multiple mobile applications, website applications, and public accounts (including mini programs), the user can be uniquely distinguished by unionid, because as long as they are mobile applications under the same WeChat open platform account , website applications and public accounts (including mini programs), the user's unionid is unique. In other words, for the same user, the unionid is the same for different applications under the same WeChat open platform. UnionID mechanism description

If a developer needs to unify user accounts among multiple mobile applications, website applications and public accounts, he needs to go to the WeChat open platform (open.weixin.qq.com) to bind the public account Then, the UnionID mechanism can be used to meet the above needs.

  • One WeChat open platform account can have multiple mobile applications, website applications, public accounts and mini programs

  • As long as it is the same WeChat For mobile applications, website applications and public accounts (including mini programs) under open platform accounts, the user's unionid is unique.

The user’s unique identifier on the open platform

You can simply understand it as:

unionid = hash(uid + 开放平台id)
Copy after login

Summary
WeChat has a unique openId for different users in different applications, but if you want to determine whether the users are the same user, you need to rely on unionid to distinguish. Generally, your own backend will have its own user table, and each user has a different userid. That is to say, the same user's applications of the same subject under the same WeChat open platform correspond to the same userid, unionid and different openid. So when a user logs in, we can only rely on the unionid returned to us by WeChat to determine whether it is the same user, and then associate it with our user table to get the corresponding userid.

2. How do WeChat mini programs obtain unionid?

Mini programs bound to a developer account can obtain UnionID through the following three methods.

  1. Call the interface wx.getUserInfo to obtain the UnionID from the decrypted data. Note that this interface requires user authorization. Developers should properly handle the situation after the user refuses authorization.

  2. If there is a public account with the same subject under the developer account, and the user has already followed the public account. Developers can obtain the user's UnionID directly through wx.login without the user's authorization again.

  3. If there is a public account or mobile application of the same subject under the developer account, and the user has been authorized to log in to the public account or mobile application. Developers can also obtain the user's UnionID directly through wx.login without requiring the user to authorize again.


When the user meets conditions 2 and 3, the developer can directly obtain the user's unionid through wx.login, otherwise it must When calling the interface wx.getUserInfo, an additional thing to note is to properly handle the situation where the user refuses authorization.

3. Login best practices

  1. Call wx.login to get the code.

  2. Use wx.getSetting to obtain the user's authorization status

  • If the user has been authorized, directly call API wx.getUserInfo to obtain the user's latest Information;

  • The user is not authorized. A button is displayed in the interface to prompt the user to log in. When the user clicks and authorizes, the user's latest information is obtained.

  • Pass the obtained user data to the backend together with the code returned by wx.login


  • Encapsulating ajax()

    In real business scenarios, we hope that when users enter the mini program, they can browse the products normally without logging in and have a basic understanding of the mini program. You know, do not directly pop up a box to ask users for authorization, otherwise it will interfere with users and lead to the loss of new users. When users need to use some advanced functions and scenarios, ask users for authorization at this time, so that the probability of user authorization will be greatly improved.
    Encapsulate the login logic with ajax
    Process:

    The meaning of encapsulation
    No longer pay attention to whether the current interface requires login. Whether the user has been authorized, all requests directly call ajax(), and complete all login and authorization processes when necessary. The entrance page of the mini program has been increased. When expanding your business, you only need to focus on business realization.

    Related recommendations:

    WeChat Mini Program Development: The Necessity of Enterprises to Develop Mini Programs

    WeChat Mini Program Development Page jump method

    The above is the detailed content of Explanation of the authorization login process of WeChat applet. For more information, please follow other related articles on the PHP Chinese website!

    Related labels:
    source:php.cn
    Statement of this Website
    The content of this article is voluntarily contributed by netizens, and the copyright belongs to the original author. This site does not assume corresponding legal responsibility. If you find any content suspected of plagiarism or infringement, please contact admin@php.cn
    Popular Tutorials
    More>
    Latest Downloads
    More>
    Web Effects
    Website Source Code
    Website Materials
    Front End Template