develop
/
ql-gw-laravel5
4
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity
Browse Source

WechatAuth

master
林一峰 7 years ago
parent
9531f88389
commit
0ce3dd54cd
7 changed files with 278 additions and 73 deletions
Whitespace
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Split View
Diff Options
Show Stats Download Patch File Download Diff File
  1. 101
      app/Common/WechatAuth.php
  2. 79
      app/Http/Controllers/Api/UserController.php
  3. 66
      app/Http/Controllers/Weixin/UserController.php
  4. 8
      app/Http/Model/User.php
  5. 4
      resources/org/wxJsSdk/jssdk.php
  6. 89
      resources/org/wxJsSdk/wx_sample.php
  7. 4
      routes/web.php

101
app/Common/WechatAuth.php
View File

@ -2,44 +2,77 @@
namespace App\Common;
/**
* OAuth2.0微信授权登录实现
*
* @author FLi
* @文件名:GetWxUserInfo.php
*/
* OAuth2.0微信授权登录实现
*
*/
class WechatAuth
{
//高级功能->开发者模式->获取
private $app_id = 'xxx';
private $app_secret = 'xxxxxxx';
private $app_id;
private $app_secret;
//$registration_id = getenv('registration_id');
public static function send($msg, $param='')
public function __construct($app_id, $app_secret)
{
$this->app_id = $app_id;
$this->app_secret = $app_secret;
}
/**
* 获取微信授权链接
*
* @param string $redirect_uri 回调地址,授权后重定向的回调链接地址,请使用urlEncode对链接进行处理
* @param mixed $state 可以为空,重定向后会带上state参数,开发者可以填写a-zA-Z0-9的参数值,最多128字节
*/
public function get_authorize_url($redirect_uri = '', $state = '')
{
return "https://open.weixin.qq.com/connect/oauth2/authorize?appid=".$this->app_id."&redirect_uri=".urlencode($redirect_uri)."&response_type=code&scope=snsapi_userinfo&state=".$state."#wechat_redirect";
}
/**
* 获取授权token
*
* @param string $code 通过get_authorize_url获取到的code
*/
public function get_access_token($code = '')
{
$token_url = "https://api.weixin.qq.com/sns/oauth2/access_token?appid={$this->app_id}&secret={$this->app_secret}&code={$code}&grant_type=authorization_code";
$token_data = $this->http($token_url);
return json_decode($token_data, true);
}
/**
* 获取授权后的微信用户信息
*
* @param string $access_token
* @param string $open_id
*/
public function get_user_info($access_token = '', $open_id = '')
{
$info_url = "https://api.weixin.qq.com/sns/userinfo?access_token={$access_token}&openid={$open_id}&lang=zh_CN";
$info_data = $this->http($info_url);
return json_decode($info_data, true);
}
// cURL函数简单封装
function http($url, $data = null)
{
$client = new JPushMsg(self::APP_KEY, self::APP_SECRET, null);
$push_payload = $client->push();
$push_payload = $push_payload->setPlatform('all');
if(isset($param['mobile'])){$push_payload = $push_payload->addAlias(md5($param['mobile']));}
$push_payload = $push_payload->addAllAudience();
$push_payload = $push_payload->setNotificationAlert($msg);
try
{
$push_payload->send();
}
catch (JPushMsg\Exceptions\APIConnectionException $e)
{
Log::info($e);
return false;
}
catch (JPushMsg\Exceptions\APIRequestException $e)
{
Log::info($e);
return false;
}
return true;
$curl = curl_init();
curl_setopt($curl, CURLOPT_URL, $url);
curl_setopt($curl, CURLOPT_SSL_VERIFYPEER, FALSE);
curl_setopt($curl, CURLOPT_SSL_VERIFYHOST, FALSE);
if (!empty($data))
{
curl_setopt($curl, CURLOPT_POST, 1);
curl_setopt($curl, CURLOPT_POSTFIELDS, $data);
}
curl_setopt($curl, CURLOPT_RETURNTRANSFER, 1);
$output = curl_exec($curl);
curl_close($curl);
return $output;
}
}

79
app/Http/Controllers/Api/UserController.php
View File

@ -127,12 +127,35 @@ class UserController extends CommonController
return ReturnData::create(ReturnData::SUCCESS);
}
//登录
public function wxLogin(Request $request)
{
$data['user_name'] = $request->input('user_name','');
$data['password'] = $request->input('password','');
$data['openid'] = $request->input('openid','');
if (($data['user_name']=='' && $data['password']=='') || $data['openid']=='')
{
return ReturnData::create(ReturnData::PARAMS_ERROR);
}
$res = User::wxLogin($data);
if ($res === false)
{
return ReturnData::create(ReturnData::PARAMS_ERROR,null,'账号或密码错误');
}
return ReturnData::create(ReturnData::SUCCESS,$res);
}
//注册
public function wxRegister(Request $request)
{
$data['mobile'] = $request->input('mobile','');
$data['user_name'] = $request->input('user_name','');
$data['password'] = $request->input('password','');
$data['parent_id'] = $request->input('parent_id','');
$parent_mobile = $request->input('parent_mobile','');
if (($data['mobile']=='' && $data['user_name']=='') || $data['password']=='')
@ -179,25 +202,59 @@ class UserController extends CommonController
return ReturnData::create(ReturnData::SUCCESS,$res);
}
//登录
public function wxLogin(Request $request)
{
$data['user_name'] = $request->input('user_name','');
$data['password'] = $request->input('password','');
//微信授权注册
public function wxOauthRegister(Request $request)
{
$data['openid'] = $data['user_name'] = $request->input('openid','');
$data['sex'] = $request->input('sex','');
$data['head_img'] = $request->input('head_img','');
$data['nickname'] = $request->input('nickname','');
$data['parent_id'] = $request->input('parent_id','');
$parent_mobile = $request->input('parent_mobile','');
$data['mobile'] = $request->input('mobile','');
if ($data['user_name']=='' || $data['password']=='')
if ($data['openid']=='')
{
return ReturnData::create(ReturnData::PARAMS_ERROR);
}
$res = User::wxLogin($data);
if ($parent_mobile!='')
{
if($user = User::getOneUser(array('mobile'=>$parent_mobile)))
{
$data['parent_id'] = $user->id;
}
else
{
return ReturnData::create(ReturnData::PARAMS_ERROR,null,'推荐人手机号错误');
}
}
if ($res === false)
if (isset($data['mobile']) && !Helper::isValidMobile($data['mobile']))
{
return ReturnData::create(ReturnData::PARAMS_ERROR,null,'账号或密码错误');
return ReturnData::create(ReturnData::MOBILE_FORMAT_FAIL);
}
return ReturnData::create(ReturnData::SUCCESS,$res);
//判断是否已经注册
if (User::getOneUser(array('mobile'=>$data['mobile'])))
{
return ReturnData::create(ReturnData::MOBILE_EXIST);
}
if (User::getOneUser(array('openid'=>$data['openid'])))
{
return ReturnData::create(ReturnData::SUCCESS,User::wxLogin(array('openid'=>$data['openid'])));
}
//添加用户
$res = User::wxRegister($data);
if($res === false)
{
return ReturnData::create(ReturnData::SYSTEM_FAIL);
}
return ReturnData::create(ReturnData::SUCCESS,User::wxLogin(array('openid'=>$data['openid'])));
}
//验证码登录

66
app/Http/Controllers/Weixin/UserController.php
View File

@ -4,6 +4,7 @@ namespace App\Http\Controllers\Weixin;
use App\Http\Controllers\Weixin\CommonController;
use Illuminate\Http\Request;
use App\Common\ReturnCode;
use App\Common\WechatAuth;
class UserController extends CommonController
{
@ -274,39 +275,58 @@ class UserController extends CommonController
//微信网页授权登录
public function oauth(Request $request)
{
if(isset($_SESSION['weixin_user_info']))
$wechat_auth = new WechatAuth(sysconfig('CMS_WX_APPID'),sysconfig('CMS_WX_APPSECRET'));
// 获取code码,用于和微信服务器申请token。 注:依据OAuth2.0要求,此处授权登录需要用户端操作
if(!isset($_GET['code']))
{
if(isset($_SERVER["HTTP_REFERER"])){header('Location: '.$_SERVER["HTTP_REFERER"]);exit;}
header('Location: '.route('weixin_user'));exit;
$http_type = ((isset($_SERVER['HTTPS']) && $_SERVER['HTTPS'] == 'on') || (isset($_SERVER['HTTP_X_FORWARDED_PROTO']) && $_SERVER['HTTP_X_FORWARDED_PROTO'] == 'https')) ? 'https://' : 'http://';
$callback_url = $http_type . $_SERVER['HTTP_HOST'] . $_SERVER['REQUEST_URI']; //回调地址,当前页面
//-------生成唯一随机串防CSRF攻击
$state = md5(uniqid(rand(), true));
$_SESSION['weixin_oauth']['state'] = $state; //存到SESSION
$authorize_url = $wechat_auth->get_authorize_url($callback_url, $state);
header("Location: $authorize_url");exit;
}
if($_SERVER['REQUEST_METHOD'] == 'POST')
// 依据code码去获取openid和access_token,自己的后台服务器直接向微信服务器申请即可
if (isset($_GET['code']))
{
if($_POST['user_name'] == '')
{
$this->error_jump('账号不能为空');
}
$_SESSION['weixin_oauth']['code'] = $_GET['code'];
if($_POST['password'] == '')
if($_GET['state'] != $_SESSION['weixin_oauth']['state'])
{
$this->error_jump('密码不能为空');
exit("您访问的页面不存在或已被删除!");
}
$postdata = array(
'user_name' => $_POST['user_name'],
'password' => md5($_POST['password'])
);
$url = env('APP_API_URL')."/wx_login";
$res = curl_request($url,$postdata,'POST');
if($res['code'] != ReturnCode::SUCCESS_CODE){$this->error_jump('登录失败');}
$_SESSION['weixin_user_info'] = $res['data'];
header('Location: '.route('weixin_user'));exit;
//得到 access_token 与 openid
$_SESSION['weixin_oauth']['token'] = $wechat_auth->get_access_token($_GET['code']);
}
return view('weixin.user.login');
// 依据申请到的access_token和openid,申请Userinfo信息。
if (isset($_SESSION['weixin_oauth']['token']))
{
$_SESSION['weixin_oauth']['userinfo'] = $wechat_auth->get_user_info($_SESSION['weixin_oauth']['token']['access_token'], $_SESSION['weixin_oauth']['token']['openid']);
}
$postdata = array(
'openid' => $_SESSION['weixin_oauth']['token']['openid'],
'nickname' => $_SESSION['weixin_oauth']['userinfo']['nickname'],
'sex' => $_SESSION['weixin_oauth']['userinfo']['sex'],
'head_img' => $_SESSION['weixin_oauth']['userinfo']['headimgurl'],
'parent_id' => '',
'parent_mobile' => '',
'mobile' => ''
);
$url = env('APP_API_URL')."/wx_oauth_register";
$res = curl_request($url,$postdata,'POST');
dd($postdata);
if($res['code'] != ReturnCode::SUCCESS_CODE){$this->error_jump('系统错误');}
$_SESSION['weixin_user_info'] = $res['data'];
header('Location: '.route('weixin_user'));exit;
}
//登录

8
app/Http/Model/User.php
View File

@ -180,13 +180,17 @@ class User extends BaseModel
if(isset($mobile)){$data['mobile'] = $mobile;}
if(isset($password)){$data['password'] = $password;} //md5加密
if(isset($parent_id)){$data['parent_id'] = $parent_id;}
if(isset($openid)){$data['openid'] = $openid}
if(isset($sex)){$data['sex'] = $sex}
if(isset($head_img)){$data['head_img'] = $head_img}
if(isset($nickname)){$data['nickname'] = $nickname}
if (isset($data) && $id = self::add($data))
{
//生成token
return Token::getToken(Token::TYPE_WEIXIN, $id);
}
return false;
}
@ -195,7 +199,7 @@ class User extends BaseModel
{
extract($param); //参数
$user = self::where(array('mobile'=>$user_name,'password'=>$password))->orWhere(array('user_name'=>$user_name,'password'=>$password))->first();
$user = self::where(array('mobile'=>$user_name,'password'=>$password))->orWhere(array('user_name'=>$user_name,'password'=>$password))->orWhere(array('openid'=>$openid))->first();
if(!$user){return false;}

4
resources/org/wxJsSdk/jssdk.php
View File

@ -110,8 +110,8 @@ class JSSDK
curl_setopt($curl, CURLOPT_TIMEOUT, 500);
// 为保证第三方服务器与微信服务器之间数据传输的安全性,所有微信接口采用https方式调用,必须使用下面2行代码打开ssl安全校验。
// 如果在部署过程中代码在此处验证失败,请到 http://curl.haxx.se/ca/cacert.pem 下载新的证书判别文件。
curl_setopt($curl, CURLOPT_SSL_VERIFYPEER, true);
curl_setopt($curl, CURLOPT_SSL_VERIFYHOST, true);
curl_setopt($curl, CURLOPT_SSL_VERIFYPEER, false);
curl_setopt($curl, CURLOPT_SSL_VERIFYHOST, false);
curl_setopt($curl, CURLOPT_URL, $url);
$res = curl_exec($curl);

89
resources/org/wxJsSdk/wx_sample.php
View File

@ -0,0 +1,89 @@
<?php
/**
* wechat php test
*/
//define your token
define("TOKEN", "weixin");
$wechatObj = new wechatCallbackapiTest();//将11行的class类实例化
$wechatObj->valid();//使用-》访问类中valid方法,用来验证开发模式
//11--23行代码为签名及接口验证。
class wechatCallbackapiTest
{
public function valid()//验证接口的方法
{
$echoStr = $_GET["echostr"];//从微信用户端获取一个随机字符赋予变量echostr
//valid signature , option访问地61行的checkSignature签名验证方法,如果签名一致,输出变量echostr,完整验证配置接口的操作
if($this->checkSignature()){
echo $echoStr;
exit;
}
}
//公有的responseMsg的方法,是我们回复微信的关键。以后的章节修改代码就是修改这个。
public function responseMsg()
{
//get post data, May be due to the different environments
$postStr = $GLOBALS["HTTP_RAW_POST_DATA"];//将用户端放松的数据保存到变量postStr中,由于微信端发送的都是xml,使用postStr无法解析,故使用$GLOBALS["HTTP_RAW_POST_DATA"]获取
//extract post data如果用户端数据不为空,执行30-55否则56-58
if (!empty($postStr)){
$postObj = simplexml_load_string($postStr, 'SimpleXMLElement', LIBXML_NOCDATA);//将postStr变量进行解析并赋予变量postObj。simplexml_load_string()函数是php中一个解析XML的函数,SimpleXMLElement为新对象的类,LIBXML_NOCDATA表示将CDATA设置为文本节点,CDATA标签中的文本XML不进行解析
$fromUsername = $postObj->FromUserName;//将微信用户端的用户名赋予变量FromUserName
$toUsername = $postObj->ToUserName;//将你的微信公众账号ID赋予变量ToUserName
$keyword = trim($postObj->Content);//将用户微信发来的文本内容去掉空格后赋予变量keyword
$time = time();//将系统时间赋予变量time
//构建XML格式的文本赋予变量textTpl,注意XML格式为微信内容固定格式,详见文档
$textTpl = "<xml>
<ToUserName><![CDATA[%s]]></ToUserName>
<FromUserName><![CDATA[%s]]></FromUserName>
<CreateTime>%s</CreateTime>
<MsgType><![CDATA[%s]]></MsgType>
<Content><![CDATA[%s]]></Content>
<FuncFlag>0</FuncFlag>
</xml>";
//39行,%s表示要转换成字符的数据类型,CDATA表示不转义
//40行为微信来源方
//41行为系统时间
//42行为回复微信的信息类型
//43行为回复微信的内容
//44行为是否星标微信
//XML格式文本结束符号
if(!empty( $keyword ))//如果用户端微信发来的文本内容不为空,执行46--51否则52--53
{
$msgType = "text";//回复文本信息类型为text型,变量类型为msgType
$contentStr = "Welcome to wechat world!";//我们进行文本输入的内容,变量名为contentStr,如果你要更改回复信息,就在这儿
$resultStr = sprintf($textTpl, $fromUsername, $toUsername, $time, $msgType, $contentStr);//将XML格式中的变量分别赋值。注意sprintf函数
echo $resultStr;//输出回复信息,即发送微信
}else{
echo "Input something...";//不发送到微信端,只是测试使用
}
}else {
echo "";//回复为空,无意义,调试用
exit;
}
}
//签名验证程序 ,checkSignature被18行调用。官方加密、校验流程:将token,timestamp,nonce这三个参数进行字典序排序,然后将这三个参数字符串拼接成一个字符串惊喜shal加密,开发者获得加密后的字符串可以与signature对比,表示该请求来源于微信。
private function checkSignature()
{
$signature = $_GET["signature"];//从用户端获取签名赋予变量signature
$timestamp = $_GET["timestamp"];//从用户端获取时间戳赋予变量timestamp
$nonce = $_GET["nonce"]; //从用户端获取随机数赋予变量nonce
$token = TOKEN;//将常量token赋予变量token
$tmpArr = array($token, $timestamp, $nonce);//简历数组变量tmpArr
sort($tmpArr, SORT_STRING);//新建排序
$tmpStr = implode( $tmpArr );//字典排序
$tmpStr = sha1( $tmpStr );//shal加密
//tmpStr与signature值相同,返回真,否则返回假
if( $tmpStr == $signature ){
return true;
}else{
return false;
}
}
}
?>

4
routes/web.php
View File

@ -52,7 +52,7 @@ Route::group(['namespace' => 'Home'], function () {
});
//微信路由
//微信路由,无需登录
Route::group(['prefix' => 'weixin', 'namespace' => 'Weixin'], function () {
Route::get('/', 'IndexController@index')->name('weixin');
Route::get('/page404', 'IndexController@page404')->name('weixin_page404'); //404页面
@ -64,6 +64,7 @@ Route::group(['prefix' => 'weixin', 'namespace' => 'Weixin'], function () {
Route::get('/goods/{id}', 'GoodsController@goodsDetail')->name('weixin_goods_detail'); //商品详情页
Route::get('/goodslist', 'GoodsController@goodsList')->name('weixin_goods_list'); //产品分类页
Route::any('/wxoauth', 'UserController@oauth')->name('weixin_wxoauth'); //微信网页授权
Route::any('/login', 'UserController@login')->name('weixin_login');
Route::any('/register', 'UserController@register')->name('weixin_register');
Route::get('/logout', 'UserController@logout')->name('weixin_user_logout'); //退出
@ -130,6 +131,7 @@ Route::group(['prefix' => 'dataapi', 'namespace' => 'Api', 'middleware' => ['web
//用户
Route::post('/wx_register', 'UserController@wxRegister'); //注册
Route::post('/wx_login', 'UserController@wxLogin'); //登录
Route::post('/wx_oauth_register', 'UserController@wxOauthRegister'); //微信授权注册登录
});
//API接口路由,需token验证

Write Preview
Loading…
Cancel
Save