Mobile third-party Sina Weibo login PHP API implementation Analysis

Provide a api,post way to determine whether the user's ID is in his or her own database, based on the uid/appkey of the Weibo message.

If so, log in directly to return the JSON for the user login API.

If not, the user's Id+token request Weibo user information is Api:http://open.weibo.com/wiki/2/users/show, and a new user is created in the database based on the returned user information JSON data. Log in again to return the JSON for user login.

Use the Weibo PHP SDK to obtain user information based on the token value returned by Weibo.

Weibo authorization to return to post parameters

{

"UID": 1073880650,

"Appkey": 1352222456,

"Scope": null,

"Create_at": 1352267591,

"Expire_in": 157679471,

"token": xxxxx,

"Source_add": "ios"

}

Weibo user Information API returns instance JSON

{

"id": 1404376560,

"Screen_name": "Zaku",

"Name": "Zaku",

"Province": "11",

"City": "5",

"Location": "Chaoyang District, Beijing",

"description": "The Life of 50 years, is like a dream, the birth of the Dead, the heroes of what regrets." ",

"url": "Http://blog.sina.com.cn/zaku",

"Profile_image_url": "HTTP://TP1.SINAIMG.CN/1404376560/50/0/1",

"Domain": "Zaku",

"Gender": "M",

"Followers_count": 1204,

"Friends_count": 447,

"Statuses_count": 2908,

"Favourites_count": 0,

"Created_at": "Fri 28 00:00:00 +0800 2009",

"Following": false,

"Allow_all_act_msg": false,

"Geo_enabled": true,

"Verified": false,

"Status": {

"Created_at": "Tue May 24 18:04:53 +0800 2011",

"id": 11142488790,

"Text": "My camera is here." ",

"Source": "<a href=" http://weibo.com "rel=" nofollow "> Sina Weibo </a>",

"Favorited": false,

"Truncated": false,

"in_reply_to_status_id": "",

"in_reply_to_user_id": "",

"In_reply_to_screen_name": "",

"Geo": null,

"Mid": "5610221544300749636",

"Annotations": [],

"Reposts_count": 5,

"Comments_count": 8

},

"Allow_all_comment": true,

"Avatar_large": "HTTP://TP1.SINAIMG.CN/1404376560/180/0/1",

"Verified_reason": "",

"Follow_me": false,

"Online_status": 0,

"Bi_followers_count": 215

}

Http://open.weibo.com/wiki/API%E6%96%87%E6%A1%A3_V2#OAuth2

Http://open.weibo.com/wiki/API%E6%96%87%E6%A1%A3_V2#.E7.94.A8.E6.88.B7

http://blog.csdn.net/daleiwang/article/details/34081231

http://wiki.mob.com/%e5%ae%9e%e7%8e%b0%e7%ac%ac%e4%b8%89%e6%96%b9%e7%94%a8%e6%88%b7%e7%99%bb%e5%bd%95/

========== Public login Security Instructions =======================

1, login security judgment, prevent malicious guessing user ID login.

Log logs with login without UID

2, other login security judgment, to prevent malicious guessing user password.

After the password has been verified for 10 consecutive times within 1 hours, the lock cannot be logged for 3 hours. Users in 4 hours in a row 20 error login, the account freezes for 24 hours. The URL access log of the login interface is excluded during weekdays to prevent malicious guessing of user password behavior by fixed IP. The product prevents a full list of users from being exploited to guess the user's password.

Mobile third-party Sina Weibo login PHP API implementation Analysis