public function login()
{
// 接收参数
$data = $_POST;
$appsecret = preg_replace("/\s/", "", ******);
$appid = *******;
$code = $data['code'];
$iv = str_replace(" ", "+", $data['iv']);
$signature = $data['signature'];
$rawData = $data['rawData'];
// 拼接url
$url = "https://api.weixin.qq.com/sns/jscode2session?" . "appid=" . $appid . "&secret=" . $appsecret . "&js_code=" . $code . "&grant_type=" . 'authorization_code';
$res = json_decode($this->httpRequest($url), true);
if (isset($res['session_key']) == '') {
return json(['code' => 0, 'msg' => '', 'data' => $res]);
}
$sessionKey = $res['session_key'];
//取出json里对应的值
$signature2 = sha1($rawData . $sessionKey);
// 验证签名
if ($signature2 !== $signature) {
return json(['code' => 0, 'msg' => '验签失败', 'data' => '']);
}
// 获取解密后的数据
$pc = new WXBizDataCrypt($appid, $sessionKey);
$errCode = $pc->decryptData($data['encryptedData'], $iv, $data);
if ($errCode != 0) {
return json(['code' => 0, 'msg' => $errCode, 'data' => '']);
}
$datas = json_decode($data, true);
$datas['token'] = $this->checkAuth($appid, $appsecret);
$datas['openid'] = $res['openid'];
if ($errCode == 0) {
$users = new User();
$wallet=new UserWallet();
$db = $users->where('openid', $datas['openid'])->count();
if ($db == 0) {
$users->insert([
'openid' => $res['openid'],
'nickname' => $datas['nickName'],
'head_img' => $datas['avatarUrl'],
'gender' => $datas['gender'],
]);
$wallet->insert([
'openid' => $res['openid'],
'type'=>3,
'num' => sysconfig('coures', 'give_course_count')
]);
} else {
$users->where('openid', $datas['openid'])->update(
[
'openid' => $res['openid'],
'nickname' => $datas['nickName'],
'head_img' => $datas['avatarUrl'],
'gender' => $datas['gender']
]
);
}
return json(['code' => 1, 'msg' => 'succeed', 'data' => $datas]);
} else {
return json(['code' => 0, 'msg' => $errCode, 'data' => '']);
}
}
//微信接口调用凭证
public function checkAuth($appid, $appsecret)
{
$url = 'https://api.weixin.qq.com/cgi-bin/token?grant_type=client_credential&appid=' . $appid . '&secret=' . $appsecret;
$result = $this->httpRequest($url);
if ($result) {
$json = json_decode($result, true);
if (!$json || isset($json['errcode'])) {
return false;
}
return $json['access_token'];
}
return false;
}
/**
* @param $url
* @param string $data
* @param string $method
* @return bool|string
*/
function httpRequest($url, $data = '', $method = 'GET')
{
$curl = curl_init();
curl_setopt($curl, CURLOPT_URL, $url);
curl_setopt($curl, CURLOPT_SSL_VERIFYPEER, 0);
curl_setopt($curl, CURLOPT_SSL_VERIFYHOST, 0);
curl_setopt($curl, CURLOPT_USERAGENT, $_SERVER['HTTP_USER_AGENT']);
curl_setopt($curl, CURLOPT_FOLLOWLOCATION, 1);
curl_setopt($curl, CURLOPT_AUTOREFERER, 1);
if ($method == 'POST') {
curl_setopt($curl, CURLOPT_POST, 1);
if ($data != '') {
curl_setopt($curl, CURLOPT_POSTFIELDS, $data);
}
}
curl_setopt($curl, CURLOPT_TIMEOUT, 30);
curl_setopt($curl, CURLOPT_HEADER, 0);
curl_setopt($curl, CURLOPT_RETURNTRANSFER, 1);
$result = curl_exec($curl);
curl_close($curl);
return $result;
}
}