首先,需要说明的是,网页授权要求公众号是服务号,且完成认证才行。
微信开发文档网页授权有四步:
第一步:用户同意授权,获取code
2、 第二步:通过code换取网页授权access_token、openid
3、 第三步:刷新access_token(如果需要)
4、 第四步:拉取用户信息(需scope为 snsapi_userinfo)
snsapi_base: 到第二步就结束了,获取到openid,其他操作在这个基础上(比如记录该用户访问时间次数信息)
snsapi_userinfo: 获取openid和用户资料(昵称、头像、国、省、城市、性别、权限)
这里主要说的是snsapi_userinfo模式
在微信后台配置
登录微信公众平台后,点击左侧菜单:设置→公众号设置
点击第二个功能设置
点击设置业务域名、JS接口安全域名、网页授权域名
配置域名,直接填写你所绑定配置的域名即可
二、授权代码
1、用户授权获取code
$redirect_uri = urlencode ( 'http://你的域名/getUserInfo.php' );
url ="https://open.weixin.qq.com/connect/oauth2/authorize?appid=url="https://open.weixin.qq.com/connect/oauth2/authorize?appid=appid&redirect_uri=$redirect_uri&response_type=code&scope=snsapi_base&state=1#wechat_redirect";
this->redirect(this−>redirect(url,302);
2、接收code 获取用户信息
//获取用户信息
public function getUserInfo(){
code =code=_GET['code'];
if (empty(code))code))this->error('授权失败');
//获取openid和access_token1
url = "https://api.weixin.qq.com/sns/oauth2/access_token?appid=url="https://api.weixin.qq.com/sns/oauth2/access t
oken?appid=this->appId&secret=$this->appSecret&code=$code&grant_type=authorization_code";
$curl = new Curl();
$curl->setOpt(CURLOPT_SSL_VERIFYPEER, false);
$curl->setOpt(CURLOPT_SSL_VERIFYHOST, false);
curl->get(curl−>get(url);
djson =djson=curl->response;
rjson = json_decode(rjson=json d
ecode(djson,true);
openId =openId=rjson['openid'];//得到openid
access_token1 =access t
oken1=rjson['access_token'];
//获取基本的用户信息
userUrl = "https://api.weixin.qq.com/sns/userinfo?access_token=userUrl="https://api.weixin.qq.com/sns/userinfo?access t
oken=access_token1&openid=$openId&lang=zh_CN";
$curl = new Curl();
$curl->setOpt(CURLOPT_SSL_VERIFYPEER, false);
$curl->setOpt(CURLOPT_SSL_VERIFYHOST, false);
curl->get(curl−>get(userUrl);
ujson =ujson=curl->response;
result = json_decode(result=json d
ecode(ujson,true);
//获取公共的access_token
access_token =access t
oken=this->getSessionAccessToken();
//获取用户是否关注了公众号(详细的用户信息)
userInfoUrl = "https://api.weixin.qq.com/cgi-bin/user/info?access_token=userInfoUrl="https://api.weixin.qq.com/cgi−bin/user/info?access t
oken=access_token&openid=$openId&lang=zh_CN";
$curl2 = new Curl();
$curl2->setOpt(CURLOPT_SSL_VERIFYPEER, false);
$curl2->setOpt(CURLOPT_SSL_VERIFYHOST, false);
curl2->get(curl2−>get(userInfoUrl);
uujson =uujson=curl2->response;
uujson = json_decode(uujson=json d
ecode(uujson,true);
result['subscribe'] =result[ ′
subscribe
′
]=uujson['subscribe'];
//判断用户是否关注
if ($result['subscribe'] == 1){
session('ys_monopoly_user',$result);
$this->redirect('login');
}else{
$this->redirect('getQrcode');
}
}
通用access_token的获取和缓存
//获取access_token
public function getSessionAccessToken(){
if (session('wx_access_token') && session('expire_time')>time()){
return session('wx_access_token');
}else{
//获取通用的access_token 不是网页授权的access_token
$access_token_url = "https://api.weixin.qq.com/cgi-bin/token?grant_type=client_credential&appid=$this->appId&secret=$this->appSecret";
$curl1 = new Curl();
$curl1->setOpt(CURLOPT_SSL_VERIFYPEER, false);
$curl1->setOpt(CURLOPT_SSL_VERIFYHOST, false);
curl1->get(curl1−>get(access_token_url);
ajson =ajson=curl1->response;
ajson = json_decode(ajson=json d
ecode(ajson,true);
// dump($ajson);die;
access_token =access t
oken=ajson['access_token'];
session('wx_access_token',$access_token);
session('expire_time',time()+6000);
return $access_token;
}
}
//获取access_token
public function getSessionAccessToken(){
if (session('wx_access_token') && session('expire_time')>time()){
return session('wx_access_token');
}else{
//获取通用的access_token 不是网页授权的access_token
$access_token_url = "https://api.weixin.qq.com/cgi-bin/token?grant_type=client_credential&appid=$this->appId&secret=$this->appSecret";
$curl1 = new Curl();
$curl1->setOpt(CURLOPT_SSL_VERIFYPEER, false);
$curl1->setOpt(CURLOPT_SSL_VERIFYHOST, false);
curl1->get(curl1−>get(access_token_url);
ajson =ajson=curl1->response;
ajson = json_decode(ajson=json d
ecode(ajson,true);
access_token =access t
oken=ajson['access_token'];
//将通用access_token存入缓存
session('wx_access_token',$access_token);
session('expire_time',time()+6000);
return $access_token;
}
}
注:同一个公众号的access_token 需要统一获取缓存,如果在不同模块下都获取access_token,新获取access_token后,之前的access_token 将失效,即使是在有效时间内。
如果你觉得这篇文章对你有点用的话,麻烦请给我们的开源项目点点star:http://github.crmeb.net/u/defu 不胜感激 !