const db = require("../db/index");
const ip = require('ip');
const AlipaySdk = require('alipay-sdk').default; //支付宝的集成
const crypto = require('crypto'); //解密
我使用的是一键登录,但是支付宝里要分开,但是最终还是发一个登录请求
exports.zfb = async (req, res) => {
try {
const { code, data } = req.body;
// console.log(code,data,'00');
const alipaySdk = new AlipaySdk({
appId: '小程序id',
keyType: 'PKCS1', // 默认值。请与生成的密钥格式保持一致,参考平台配置一节
privateKey: '密钥',
alipayPublicKey: '支付宝公钥',
gateway: 'https://openapi.alipay.com/gateway.do',网关
signType:"RSA2",
postCharset:"UTF-8",
format:"json"
});
const createtime = Math.floor(new Date().getTime() / 1000);
const result = await alipaySdk.exec('alipay.system.oauth.token', {
grantType: 'authorization_code',
code: code
});
//获取到accessToken
// console.log(result,'555');
const { accessToken } = result;
const result2 = await alipaySdk.exec('alipay.user.info.share',{
authToken: accessToken
});//获取用户信息
const { avatar, nickName } = result2;
const obj = JSON.parse(data);
const phone = getUserPhone(obj); //解密获取手机号
// Check if the user exists
const sql = '查询已有表';
const params = obj.response;
const loginip = ip.address();
db.query(sql, params, (err, result) => {
if (err) {
return res.status(400).json(err);
}
if (have) {
//老用户登录
});
} else {
//新用户
} else {
return res.status(500).json({ error: '登录失败',code:0 });
}
});
});
}
});
} catch (error) {
console.log(error);
return res.status(500).json({ error: '登录失败' });
}
};
前端代码
<view class="txt">
<text>请先授权登录</text>
<view >
<checkbox value="cb" :checked="isCheck" @change="isChecked"/>
<text style="color: red;" @click="jump">用户协议及隐私协议</text>
</view>
<text>获取您的信息 请授权小程序</text>
</view>
<button
v-if="!isShow"
type="default"
class="auth-btn"
@click.stop="handleLogin"
>
支付宝授权登陆
</button>
<button
v-if="isShow"
type="default"
class="auth-btn"
open-type="getAuthorize"
scope="phoneNumber"
@getAuthorize="getPhoneNumber"
@error="handleAuthError"
>
支付宝授权手机号
</button>
</view>
//本来想弄成微信一样一键就好,可是支付宝不让好像,就只能分开,给状态让变了
handleLogin() {
if(this.isCheck){
my.getAuthCode({
scopes: 'auth_user',
success:res=>{
this.code = res.authCode //获取code
this.isShow = true
},
fail: err => {
this.$refs.popup.close()
getApp().globalData.getLogin = false
}
})
}else{
uni.showToast({
title: '请先确认勾选用户协议',
icon: 'none'
})
}
},
getPhoneNumber(e){
//获取手机号
my.getPhoneNumber({
success: res => {
let encryptedData = res.response
this.login(encryptedData)
}
})
console.log(e)
},
handleAuthError(e) {
getApp().globalData.getLogin = false
this.$refs.popup.close()
},
decryptPhoneNumber(e) {
const { detail: { encryptedData, iv } } = e
this.login(encryptedData, iv)
},
async login(data) {
try {
const res = await this.$api.login({
code: this.code,
data
})
if (res.code === 1) {
console.log(res)
uni.showToast({
title: '登录成功',
icon: 'none'
})
} else {
uni.showToast({
title: '登录失败',
icon: 'none'
})
}
getApp().globalData.getLogin = false
this.$refs.popup.close()
} catch (e) {
console.log(e)
uni.showToast({
title: '登录失败',
icon: 'none'
})
}
}
}
我是用HBuilder X开发的,虽说可是多端,但是很麻烦,但是最好用人家原生开发,有问题还能问官方,别的编辑器官方不解释,,,,手机号解密在支付宝文档里有,我只是单独出来了
function getUserPhone(encryptedData) {
const screct_key="密钥";在开发设置里,第一次的时候单独保存在记事本里,这玩意看一次废一次
const flag = decrypt(encryptedData,screct_key);
return flag;
}
function decrypt(encryptedData, key) {
let crypted = encryptedData.response // 密文
crypted = Buffer.from(crypted, 'base64').toString('binary');
key = Buffer.from(key, 'base64');
const iv = Buffer.alloc(16, 0)
const decipher = crypto.createDecipheriv('aes-128-cbc', key, iv);
let decoded = decipher.update(crypted, 'binary', 'utf8');
decoded += decipher.final('utf8');
decoded = JSON.parse(decoded)
return decoded.mobile;
}