思路流程:
1.具体实现步骤:
- 在前端页面点击第三方的图标,进行页面的跳转
- 跳转页面有钉钉或者是QQ登录的二维码,进行登录或注册
- 返回给后端服务器用户的信息生成token,然后传参给前端浏览器
- 浏览器保存token信息,下次扫码时验证token直接登录第三方应用
2.先是获取钉钉开放平台应用的appid,appSecret,还有时间戳
# 构建三个参数的值,构建跳转连接地址
appid = current_app.config.get('DINGDING_APP_ID')
appSecret = current_app.config.get('DINGDING_APP_SECRET')
timestamp = str(int(time.time() * 1000))
# .digest()获取hash对象的值
signature = base64.b64encode(
hmac.new(appSecret.encode('utf-8'), timestamp.encode('utf-8'), digestmod="sha256").digest())
base_url = "https://oapi.dingtalk.com/sns/getuserinfo_bycode?signature="
# 拼接url
url = base_url + urllib.parse.quote(
signature.decode('utf-8')) + "×tamp=" + timestamp + "&accessKey=" + appid
3.获取用户信息
data = json.dumps({'tmp_auth_code': code})
try:
resp = requests.post(url, data, headers={'Content-Type': 'application/json'})
print("resp>>>", resp.json())
user_info = resp.json()
except Exception as e:
# 根据code 获取用户信息失败
return {'code': 500, "message": 'post 获取钉钉用户信息失败'}
if user_info['errcode'] != 0:
# 获取当前登录的而用户信息失败
return {'code': 500, "message": 'code获取钉钉用户信息失败'}
user_dict = user_info['user_info']
return user_dict
返回格式:
{
"errcode":0,
"user_info":{
"nick":"名字",
"unionid":"dingdkjjojoixxxx",
"openid":"dingsdsqwlklklxxxx",
"main_org_auth_high_level":true
},
"errmsg":"ok"
}
4.判断是否绑定本地用户
data = json.dumps({'tmp_auth_code': code})
try:
resp = requests.post(url, data, headers={'Content-Type': 'application/json'})
print("resp>>>", resp.json())
user_info = resp.json()
except Exception as e:
# 根据code 获取用户信息失败
return {'code': 500, "message": 'post 获取钉钉用户信息失败'}
if user_info['errcode'] != 0:
# 获取当前登录的而用户信息失败
return {'code': 500, "message": 'code获取钉钉用户信息失败'}
user_dict = user_info['user_info']
return user_dict