Public Account-get user information (webpage authorization) implementation steps develop official documents according to the public account:
To obtain user information, follow these steps:
1 Step 1: the user agrees to the authorization and obtains the code
2 Step 2: exchange code for webpage authorization access_token
3 Step 3: Refresh access_token (if needed)
4. Step 4: pull user information (the scope must be snsapi_userinfo)
1 Get code
To ensure that the public account has the permission to authorize the scope (scope parameter) (after the service number obtains the advanced interface, it has the snsapi_base and snsapi_userinfo in the scope parameter by default), the supervisor is guided to open the following page:
Https://open.weixin.qq.com/connect/oauth2/authorize? Appid = APPID & redirect_uri = REDIRECT_URI & response_type = code & scope = SCOPE & state = STATE # wechat_redirect
If the message "This link cannot be accessed" is displayed, check whether the parameter is entered incorrectly and whether the permission for the scope parameter is authorized.
Note: Due to the high security level of the authorization operation, the authorization link will undergo regular and strong match verification when initiating the authorization request. if the parameter order of the link is incorrect, the authorization page cannot be accessed normally.
Where:
AppID-unique ID of the public account
REDIRECT_URI-jump url
SCOPE-the value is snsapi_base (the authorization page is not displayed, and you can only get the user's openid) or snsapi_userinfo (the authorization page is displayed. you can get the nickname, gender, and location through openid. In addition, users can obtain information even if they do not pay attention to it)
STATE-developers can customize parameter values for entering a-zA-Z0-9
2. exchange code for webpage authorization access_token
If the user agrees to the authorization, the page will jump to redirect_uri /? Code = CODE & state = STATE.
The state parameter is passed as is.
Implementation code:
$ Code = I ('Get. code'); if (empty ($ code) {// todo non-access exit ('
');} Else {// authorized Operation}
Here we can get the code as the subsequent access_token.
After obtaining the code, request the following link to obtain the access_token:
Https://api.weixin.qq.com/sns/oauth2/access_token? Appid = APPID & secret = SECRET & code = CODE & grant_type = authorization_code
Appid-unique ID of the public account
Secret-key
Code-the code returned above
Grant_type-value: authorization_code
Implementation code:
$url = 'https://api.weixin.qq.com/cgi-bin/token?grant_type=client_credential&appid=' . C('wechat.AppID') . '&secret=' . C('wechat.AppSecret');$str = file_get_contents($url);$str = json_decode($str, true);$access_token = $str['access_token'];
Access_token can be cached to avoid frequent access.
Implementation code. take the TP framework as an example:
$access_token = S('access_token');if (empty($access_token)) { $url = 'https://api.weixin.qq.com/cgi-bin/token?grant_type=client_credential&appid=' . C('wechat.AppID') . '&secret=' . C('wechat.AppSecret'); $str = file_get_contents($url); $str = json_decode($str, true); $access_token = $str['access_token']; S('access_token', $access_token, 3600);}
After obtaining the access_token, the openid (unique user ID) will also be returned. the official document explains: Unique user id. Note that when you do not pay attention to the public ID, when a user accesses a webpage with a public account, a unique OpenID is generated for the user and the public account.
Openid uniquely identifies a user. if the user does not log on for the first time, you can query whether the database has a user bound to this openid after obtaining the openid. then, you do not need to obtain user data again, set the session for the database user_id directly obtained and log on to the database directly.
3. skip the third step. you only need to obtain the access_token in the required time.
4. pull user information (the scope must be snsapi_userinfo)
If the database does not bind a user with this number, it is equivalent to the first time the user accesses and logs on to the database. The fourth step is used to obtain the user information (with the user authorization, the webpage authorization scope is snsapi_userinfo, then, the developer can use access_token and openid to pull user information.) Then, create a user in the background and bind
Trusted user (via openid)
Request method
Http: GET (please use https protocol) https://api.weixin.qq.com/sns/userinfo? Access_token = ACCESS_TOKEN & openid = OPENID & lang = zh_CN
Access_token-the access_token obtained above
Openid-unique public ID
Implementation code:
$access_token = S('access_token');if (empty($access_token)) { $url = 'https://api.weixin.qq.com/cgi-bin/token?grant_type=client_credential&appid=' . C('wechat.AppID') . '&secret=' . C('wechat.AppSecret'); $str = file_get_contents($url); $str = json_decode($str, true); $access_token = $str['access_token']; S('access_token', $access_token, 3600);}
The preceding steps show how to obtain user information by using a public account.