上一篇文章,给大家分享了关于微信授权登陆功能,今天给大家分享一个微信快捷登陆的实际用例。
phpcms接入微信快捷登陆
第一步,在login方法中,判定是否使用微信浏览器访问,如果是,发起授权申请
if ( strpos($_SERVER['HTTP_USER_AGENT'], 'MicroMessenger') !== false ) {
$jump_url = urlencode("http://www.phpcms.com/wechat.php");
$url = "https://open.weixin.qq.com/connect/oauth2/authorize?appid=XXXXXXXXXXXXX&redirect_uri={$jump_url}&response_type=code&scope=snsapi_userinfo&state=login#wechat_redirect";
header('location:'.$url);
}
第二步,新建一个回调文件,该文件的作用是,唤醒微信授权,当用户允许授权后,微信会请求到该地址,同时,微信会返回给我们重要的参数:code=CODE&state=STATE。
回调文件的程序:
if(!empty( $_GET['code']) && !empty( $_GET['state'])){
$code = $_GET['code'];
$state = $_GET['state'];
$username = $_GET['username'];
$url = "http://www.phpcms.com/index.php?m=member&c=index&a=wechat&code=$code&state=$state&username=$username";
header('location:'.$url);//用户同意授权后,跳转到这个地址,这个地址中,会通过code获取access_token
exit;
}
$appid = 'XXXXXXXXXXXXXXXXX';
$jump_url = urlencode("http://www.phpcms.com/wechat.php");
$url = "https://open.weixin.qq.com/connect/qrconnect?appid=$appid&redirect_uri={$jump_url}&response_type=code&scope=snsapi_userinfo&state=login#wechat_redirect";
header('location:'.$url); ?>
第二步:通过code,请求以下链接获取access_token: https://api.weixin.qq.com/sns/oauth2/access_token?appid=APPID&secret=SECRET&code=CODE&grant_type=authorization_code,获取access_token,通过 access_token 获取用户信息
public function wechat() {//该方法参照了 login 方法
$this->_session_start();
//获取用户siteid
$siteid = isset($_REQUEST['siteid']) && trim($_REQUEST['siteid']) ? intval($_REQUEST['siteid']) : 1;
//定义站点id常量
if (!defined('SITEID')) {
define('SITEID', $siteid);
}
//加载用户模块配置
//加载用户模块配置
$member_setting = getcache('member_setting');
if(!$member_setting['allowregister']) {
showmessage(L('deny_register'), '/login.html');
}
/*----------------------微信获取用户信息------------------------*/
//换成自己的接口信息
$code = $_GET['code'];
$state = $_GET['state'];
$username = $_GET['username'];
$appid = 'XXXXXXXXXXXXXXXXX';
$appsecret = 'XXXXXXXXXXXXXXXX';
if (empty($code)) $this->error('授权失败');
$token_url = 'https://api.weixin.qq.com/sns/oauth2/access_token?appid='.$appid.'&secret='.$appsecret.'&code='.$code.'&grant_type=authorization_code';
$token = json_decode(file_get_contents($token_url));
if (isset($token->errcode)) {
showmessage(L('
错误信息:
'.$token->errmsg), HTTP_REFERER);exit;
}
$access_token_url = 'https://api.weixin.qq.com/sns/oauth2/refresh_token?appid='.$appid.'&grant_type=refresh_token&refresh_token='.$token->refresh_token;
//转成对象
$access_token = json_decode(file_get_contents($access_token_url));//获取access_token
if (isset($access_token->errcode)) {
showmessage(L('
错误信息:
'.$access_token->errmsg), HTTP_REFERER);exit;
}
$user_info_url = 'https://api.weixin.qq.com/sns/userinfo?access_token='.$access_token->access_token.'&openid='.$access_token->openid.'&lang=zh_CN';//获取微信信息
//转成对象
$user_info = json_decode(file_get_contents($user_info_url));//通过上面的链接,我们成功获得用户的微信账号信息
if (isset($user_info->errcode)) {
showmessage(L( '
错误信息:
'.$user_info->errmsg), HTTP_REFERER);exit;
}
$openid = $user_info->openid;
if($state=='bangding'){
$memberinfo = $this->db->get_one(array('username'=>$username));//echo $username;print_r($memberinfo);die;
if(empty($memberinfo)){
showmessage('用户名不存在', HTTP_REFERER);//'index.php?m=member&c=index&a=login'
//header("location:/index.php?m=member&c=index&from=mobile");
}//print_r($updatearr);die;
$updatearr['openid'] = $openid;
$this->db->update($updatearr, array('userid'=>$memberinfo['userid']));
header("location:index.php?m=member&c=index&a=login");
}
$memberinfo = $this->db->get_one(array('openid'=>$openid));
if(empty($memberinfo)){//没有绑定,跳转到绑定页面
header("Location:index.php?m=member&c=index&a=bangding");
}
$memberinfo['uid'] = $memberinfo['phpssouid'];
if(pc_base::load_config('system', 'phpsso')) {
$this->_init_phpsso();
if(isset($memberinfo['uid'])) {
//查询帐号
$r = $this->db->get_one(array('phpssouid'=>$memberinfo['uid']));
if(!$r) {
//插入会员详细信息,会员不存在 插入会员
$info = array(
'phpssouid'=>$memberinfo['uid'],
'username'=>$memberinfo['username'],
'password'=>$memberinfo['password'],
'encrypt'=>$memberinfo['random'],
'email'=>$memberinfo['email'],
'regip'=>$memberinfo['regip'],
'regdate'=>$memberinfo['regdate'],
'lastip'=>$memberinfo['lastip'],
'lastdate'=>$memberinfo['lastdate'],
'groupid'=>$this->_get_usergroup_bypoint(),//会员默认组
'modelid'=>10,//普通会员
);
//如果是connect用户
if(!empty($_SESSION['connectid'])) {
$userinfo['connectid'] = $_SESSION['connectid'];
}
if(!empty($_SESSION['from'])) {
$userinfo['from'] = $_SESSION['from'];
}
unset($_SESSION['connectid'], $_SESSION['from']);
$this->db->insert($info);
unset($info);
$r = $this->db->get_one(array('phpssouid'=>$memberinfo['uid']));
}
$password = $r['password'];
$synloginstr = $this->client->ps_member_synlogin($r['phpssouid']);
} else {
if($status == -1) {//用户不存在
showmessage(L('user_not_exist'), HTTP_REFERER);//'index.php?m=member&c=index&a=login'
} elseif($status == -2) { //密码错误
showmessage(L('password_error'), HTTP_REFERER);//'index.php?m=member&c=index&a=login'
} else {
showmessage(L('login_failure'), HTTP_REFERER);//'index.php?m=member&c=index&a=login'
}
}
}
$userid = $r['userid'];
$groupid = $r['groupid'];
$username = $r['username'];
$nickname = empty($r['nickname']) ? $username : $r['nickname'];
$updatearr = array('lastip'=>ip(), 'lastdate'=>SYS_TIME);
//vip过期,更新vip和会员组
if($r['overduedate'] < SYS_TIME) {
$updatearr['vip'] = 0;
}
//检查用户积分,更新新用户组,除去邮箱认证、禁止访问、游客组用户、vip用户,如果该用户组不允许自助升级则不进行该操作
if($r['point'] >= 0 && !in_array($r['groupid'], array('1', '7', '8')) && empty($r[vip])) {
$grouplist = getcache('grouplist');
if(!empty($grouplist[$r['groupid']]['allowupgrade'])) {
$check_groupid = $this->_get_usergroup_bypoint($r['point']);
if($check_groupid != $r['groupid']) {
$updatearr['groupid'] = $groupid = $check_groupid;
}
}
}
//如果是connect用户
if(!empty($_SESSION['connectid'])) {
$updatearr['connectid'] = $_SESSION['connectid'];
}
if(!empty($_SESSION['from'])) {
$updatearr['from'] = $_SESSION['from'];
}
unset($_SESSION['connectid'], $_SESSION['from']);
$this->db->update($updatearr, array('userid'=>$userid));
if(!isset($cookietime)) {
$get_cookietime = param::get_cookie('cookietime');
}
$_cookietime = $cookietime ? intval($cookietime) : ($get_cookietime ? $get_cookietime : 0);
$cookietime = $_cookietime ? SYS_TIME + $_cookietime : 0;
$phpcms_auth = sys_auth($userid."t".$password, 'ENCODE', get_auth_key('login'));
param::set_cookie('auth', $phpcms_auth, $cookietime);
param::set_cookie('_userid', $userid, $cookietime);
param::set_cookie('_username', $username, $cookietime);
param::set_cookie('_groupid', $groupid, $cookietime);
param::set_cookie('_nickname', $nickname, $cookietime);
param::set_cookie('cookietime', $_cookietime, $cookietime);
header("location:/index.php?m=member&c=index&from=mobile");
}
function bangding(){
if(isset($_POST['dosubmit'])) {
$username = $_POST['username'];
$jump_url = urlencode("http://steam.phpzheng.com/wechat.php?username={$username}");//注意这个username参数
//再次授权
$url = "https://open.weixin.qq.com/connect/oauth2/authorize?appid=wx4b199c68b1f2dac1&redirect_uri={$jump_url}&response_type=code&scope=snsapi_userinfo&state=bangding#wechat_redirect";
//echo $url;die;
header('location:'.$url);
}
$this->display();
}
注意:修改 /phpcms/modules/member/classes/foreground.class.php 第20行附近
if(ROUTE_M =='member' && ROUTE_C =='index' && in_array(ROUTE_A, array('wechat','banding','login', 'register', 'mini','send_newmail')))
另外,对于新用户首次登陆,我们需要引导用户进行绑定,用户授权后,我们根据用户的 openid,查询该 openid 是否存在于数据库中:
如果存在,我们则取出用户在我们数据库中用户表的信息;
如果不存在,我们则跳转到绑定页面,用户输入用户名进行绑定,绑定提交后,如果用户名存在,则再次自动跳转到登陆页面(登陆页面会再次查询当前 openid 是否存在数据库中,因为刚才完成了绑定,所以现在可以取出绑定的用户名的用户信息)。