Recently doing a scan code login function, for this I also searched the internet about the implementation of the scan login. When this function was completed, I decided to organize the whole realization, so that I can see it later and also facilitate other programs with similar requirements.
To implement a scan login we need to address two issues:
1. How do I resolve a privilege security issue without entering a username and password? In other words, how to let the server know the QR code of the client is a legitimate user?
2. How can the server respond to the Web page in real time based on the user's choice of client?
first of all, we first understand the implementation of the idea, to facilitate our understanding of the way to solve this problem. The two-dimensional code that is logged in is actually aURLinto the form of a QR code, and after scanning the code through the client, nothing but open theURL,I captured the QR code of theURLto behttps://login.weixin.qq.com/l/YdmTu30I5A== , thisURLin theydmtu30i5a==represents the only one for this sessionID,It's kind of like a browser.Session ID, through thisID,will be able to direct the confirmation results back to the Web page. Using the QR Code login function requires two prerequisites: first, the client needs to installapp. second, users need to log in toapp. https://wx.qq.com/
Python websocket message push
> Why do we have these two conditions? That is because you need to extract the current app session ID sent to the server so that the server received the login information and sessionid sessionid the server knows which page to push the feedback results to.
So for the 1th, our key is to make sure that the user is a verified and legitimate user before scanning (authentication can be either a username + password or a secure key ), it's good to push this result to the server side when choosing whether to log in or not. If the user does not verify the legality, you can just like the way to tell the user the QR code is not recognized or prompt to login to the appfirst.
with authentication, now solve the second problem, how to display the feedback results in real time on the Web page? A friend may say, the client side is very simple to send a request to the backstage, and the Web page withAjaxperiodically send to server side to see if there is feedback. I am not in favor of this approach becauseAjaxPolling method consumes both client and server resources! Here comes another technology-webReal-time push technology, using push technology can save server-side and client resources, can be stably push and receive any message. I'm using third-party push services in the process of implementation .-goeasypush, with it is very easy to implement, other functions in our project are also usedGoeasy WebReal-time push service, so I'm going to use it right here.GoeasyPush to push the login feedback results to the server. My implementation steps are very simple and will transfer theSession IDas client-to-web communicationChannel, web-side subscriptionSession IDas a worthwhileChannel, the client verifies the results andSession IDsent to the server side, the server side can pass thisChanneltake the initiative to push the results to the Web version! If the client also needs to make corresponding feedback, then the client only needs to subscribe to thisChannel,The server will then push the results to both the Web version and the client, and when the message is received, it can beGoeasycallback function to do what you want to do. About theGoeasyThe use of push, we can refer to this blog: http://www.cnblogs.com/jishaochengduo/articles/5552645.html,alsoGoeasyThere is also a push on the official websiteDemo:GoeasyTwo-dimensional codeScan Code LoginDemo,we can see the effect..
hope to be helpful to everyone, if there is a misunderstanding of the place, but also ask everyone to treatise.
Python implementation of QR code QR codes Login