微信小程序登录状态java后台解密
一、登录流程图
二、微信小程序端
doLogin:function(callback = () =>{}){
let that = this;
wx.login({
success:function(loginRes){
if(loginRes){
//获取用户信息
wx.getUserInfo({
withCredentials:true,//非必填 默认为true
success:function(infoRes){
console.log(infoRes,'>>>');
//请求服务端的登录接口
wx.request({
url: api.loginUrl,
data:{
code:loginRes.code,//临时登录凭证
rawData:infoRes.rawData,//用户非敏感信息
signature:infoRes.signature,//签名
encrypteData:infoRes.encryptedData,//用户敏感信息
iv:infoRes.iv//解密算法的向量
},
success:function(res){
console.log('login success');
res = res.data;
if(res.result==0){
that.globalData.userInfo = res.userInfo;
wx.setStorageSync('userInfo',JSON.stringify(res.userInfo));
wx.setStorageSync('loginFlag',res.skey);
console.log("skey="+res.skey);
callback();
}else{
that.showInfo('res.errmsg');
}
},
fail:function(error){
//调用服务端登录接口失败
// that.showInfo('调用接口失败');
console.log(error);
}
});
}
});
}else{- 1
- 2
- 3
- 4
- 5
- 6
- 7
- 8
- 9
- 10
- 11
- 12
- 13
- 14
- 15
- 16
- 17
- 18
- 19
- 20
- 21
- 22
- 23
- 24
- 25
- 26
- 27
- 28
- 29
- 30
- 31
- 32
- 33
- 34
- 35
- 36
- 37
- 38
- 39
- 40
- 41
- 42
}
- 1
- 2
}
});
}
微信小程序端发起登录请求,携带的参数主要有:
code:loginRes.code,//临时登录凭证
rawData:infoRes.rawData,//用户非敏感信息
signature:infoRes.signature,//签名
encrypteData:infoRes.encryptedData,//用户敏感信息
iv:infoRes.iv//解密算法的向量
- 1
- 2
- 3
- 4
- 5
- 6
需要的数据主要有:
result、userInfo和skey
- 1
- 2
result用来判断是否登录成功,userInfo是用户的一些信息,保存在缓存中,不用每次都从后台获取,skey是用户登录态标识,也放在缓存中,如果skey存在就直接登录,维护用户的登录状态,具有时效性
三、Java后台
@ResponseBody
@RequestMapping("/login")
public Map doLogin(Model model,
@RequestParam(value = "code",required = false) String code,
@RequestParam(value = "rawData",required = false) String rawData,
@RequestParam(value = "signature",required = false) String signature,
@RequestParam(value = "encrypteData",required = false) String encrypteData,
@RequestParam(value = "iv",required = false) String iv){
log.info( "Start get SessionKey" );
Map<String,Object> map = new HashMap<String, Object>( );
System.out.println("用户非敏感信息"+rawData);
JSONObject rawDataJson = JSON.parseObject( rawData );
System.out.println("签名"+signature);
JSONObject SessionKeyOpenId = getSessionKeyOrOpenId( code );
System.out.println("post请求获取的SessionAndopenId="+SessionKeyOpenId);
String openid = SessionKeyOpenId.getString("openid" );
String sessionKey = SessionKeyOpenId.getString( "session_key" );
System.out.println("openid="+openid+",session_key="+sessionKey);
User user = userService.findByOpenid( openid );
//uuid生成唯一key
String skey = UUID.randomUUID().toString();
if(user==null){
//入库
String nickName = rawDataJson.getString( "nickName" );
String avatarUrl = rawDataJson.getString( "avatarUrl" );
String gender = rawDataJson.getString( "gender" );
String city = rawDataJson.getString( "city" );
String country = rawDataJson.getString( "country" );
String province = rawDataJson.getString( "province" );
user = new User();
user.setUid( openid );
user.setCreateTime( new Date( ) );
user.setSessionkey( sessionKey );
user.setUbalance( 0 );
user.setSkey( skey );
user.setUaddress( country+" "+province+" "+city );
user.setUavatar( avatarUrl );
user.setUgender( Integer.parseInt( gender ) );
user.setUname( nickName );
user.setUpdateTime( new Date( ) );
userService.insert( user );
}else {
//已存在
log.info( "用户openid已存在,不需要插入" );
}
//根据openid查询skey是否存在
String skey_redis = (String) redisTemplate.opsForValue().get( openid );
if(StringUtils.isNotBlank( skey_redis )){
//存在 删除 skey 重新生成skey 将skey返回
redisTemplate.delete( skey_redis );
}
// 缓存一份新的
JSONObject sessionObj = new JSONObject( );
sessionObj.put( "openId",openid );
sessionObj.put( "sessionKey",sessionKey );
redisTemplate.opsForValue().set( skey,sessionObj.toJSONString() );
redisTemplate.opsForValue().set( openid,skey );
//把新的sessionKey和oppenid返回给小程序
map.put( "skey",skey );
map.put( "result","0" );
JSONObject userInfo = getUserInfo( encrypteData, sessionKey, iv );
System.out.println("根据解密算法获取的userInfo="+userInfo);
userInfo.put( "balance",user.getUbalance() );
map.put( "userInfo",userInfo );
return map;
- 1
- 2
- 3
- 4
- 5
- 6
- 7
- 8
- 9
- 10
- 11
- 12
- 13
- 14
- 15
- 16
- 17
- 18
- 19
- 20
- 21
- 22
- 23
- 24
- 25
- 26
- 27
- 28
- 29
- 30
- 31
- 32
- 33
- 34
- 35
- 36
- 37
- 38
- 39
- 40
- 41
- 42
- 43
- 44
- 45
- 46
- 47
- 48
- 49
- 50
- 51
- 52
- 53
- 54
- 55
- 56
- 57
- 58
- 59
- 60
- 61
- 62
- 63
- 64
- 65
- 66
- 67
- 68
- 69
- 70
- 71
- 72
- 73
- 74
- 75
}
- 1
- 2
- 3
- 4
- 5
- 6
- 7
- 8
- 9
- 10
- 11
获取openid和sessionKey方法
public static JSONObject getSessionKeyOrOpenId(String code){
//微信端登录code
String wxCode = code;
String requestUrl = "https://api.weixin.qq.com/sns/jscode2session";
Map requestUrlParam = new HashMap( );
requestUrlParam.put( "appid","你的小程序appId" );//小程序appId
requestUrlParam.put( "secret","你的小程序appSecret" );
requestUrlParam.put( "js_code",wxCode );//小程序端返回的code
requestUrlParam.put( "grant_type","authorization_code" );//默认参数
//发送post请求读取调用微信接口获取openid用户唯一标识
JSONObject jsonObject = JSON.parseObject( UrlUtil.sendPost( requestUrl,requestUrlParam ));
return jsonObject;
- 1
- 2
- 3
- 4
}
- 1
- 2
- 3
- 4
- 5
- 6
- 7
- 8
- 9
- 10
- 11
解密用户敏感数据获取用户信息
public static JSONObject getUserInfo(String encryptedData,String sessionKey,String iv){
// 被加密的数据
byte[] dataByte = Base64.decode(encryptedData);
// 加密秘钥
byte[] keyByte = Base64.decode(sessionKey);
// 偏移量
byte[] ivByte = Base64.decode(iv);
try {
// 如果密钥不足16位,那么就补足. 这个if 中的内容很重要
int base = 16;
if (keyByte.length % base != 0) {
int groups = keyByte.length / base + (keyByte.length % base != 0 ? 1 : 0);
byte[] temp = new byte[groups * base];
Arrays.fill(temp, (byte) 0);
System.arraycopy(keyByte, 0, temp, 0, keyByte.length);
keyByte = temp;
}
// 初始化
Security.addProvider(new BouncyCastleProvider());
Cipher cipher = Cipher.getInstance("AES/CBC/PKCS7Padding","BC");
SecretKeySpec spec = new SecretKeySpec(keyByte, "AES");
AlgorithmParameters parameters = AlgorithmParameters.getInstance("AES");
parameters.init(new IvParameterSpec(ivByte));
cipher.init( Cipher.DECRYPT_MODE, spec, parameters);// 初始化
byte[] resultByte = cipher.doFinal(dataByte);
if (null != resultByte && resultByte.length > 0) {
String result = new String(resultByte, "UTF-8");
return JSON.parseObject(result);
}
} catch (NoSuchAlgorithmException e) {
log.error(e.getMessage(), e);
} catch (NoSuchPaddingException e) {
log.error(e.getMessage(), e);
} catch (InvalidParameterSpecException e) {
log.error(e.getMessage(), e);
} catch (IllegalBlockSizeException e) {
log.error(e.getMessage(), e);
} catch (BadPaddingException e) {
log.error(e.getMessage(), e);
} catch (UnsupportedEncodingException e) {
log.error(e.getMessage(), e);
} catch (InvalidKeyException e) {
log.error(e.getMessage(), e);
} catch (InvalidAlgorithmParameterException e) {
log.error(e.getMessage(), e);
} catch (NoSuchProviderException e) {
log.error(e.getMessage(), e);
}
return null;
}- 1
- 2
- 3
- 4
- 5
- 6
- 7
- 8
- 9
- 10
- 11
- 12
- 13
- 14
- 15
- 16
- 17
- 18
- 19
- 20
- 21
- 22
- 23
- 24
- 25
- 26
- 27
- 28
- 29
- 30
- 31
- 32
- 33
- 34
- 35
- 36
- 37
- 38
- 39
- 40
- 41
- 42
- 43
- 44
- 45
- 46
- 47
- 48
- 49
- 50
四、流程
1.小程序端发起请求并携带主要参数
2.java后台接到/login请求后,根据code去调用微信接口获取用户唯一标识openid和sessionKey
3.根据openid查询mysql数据库,判断该用户是否存在,如果不存在将用户非敏感信息和其他初始化数据存入到数据库中,如果已存在,不操作
4.根据openid查询redis数据库,判断openid对应的skey是否存在,如果存在则删除原来老的skey以及对应的openid和sessionKey
5.通过uuid生成唯一的skey,用openid做键,skey做值,存入到redis中
6.然后把skey做键,openid和sessionKey的json串做值也重新存入到redis中
7.根据解密算法,参数有encryptedData、sessionKey和iv,获取用户信息userInfo,如果userInfo字段不满足需要,可通过userInfo.put( “balance”,user.getUbalance() );添加所需要的字段和值
8.将微信小程序需要的数据封装到map中,返回给小程序端
map.put( “skey”,skey );
map.put( “result”,”0” );
map.put( “userInfo”,userInfo );
- 1
- 2
- 3