WeChat public account development: URL and Tocken introduction

Source: Internet
Author: User
This article details public account development: Introduction to URL and Tocken I. Introduction to URL and Tocken

1. to become a developer, you must have a public network address (URL). This network address must be accessible to the public platform. there are multiple ways to obtain the network address: you can use other platforms, you can also rent a server by yourself (we suggest you rent a server by yourself, because we need to deploy the application). In short, you need to provide a public URL;

2. Tocken (flag): Tocken can be entered as a string and used for authentication;

3. authentication process: developers need to program, so an application (URL provided) should be deployed on the developer server. some data will be sent when the public URL is accessed, your application needs to encrypt the sent data, and then compare it with the password and signature. if they are the same, echostr is returned to the public platform for verification. if they are correct, congratulations, your public account becomes a developer account;

II. verification flowchart

You have provided the URL (developer server URL) and Tocken to the public platform, which is the public platform authentication process;

I am using the python language. if you are using another language, the logic structure is similar, but the implementation is different;

@ Csrf_exemptdef wx_valid (request): # The url provided to the public platform. when the public platform requests a url, this method is ''' verified by the developer, which is a GET request; GET and POST determine whether to authenticate or send a message (when sending a message, it is POST) ''' if (request. method = 'get'): tocken = 'zainanjing6tocken '# tocken provided to the public platform, which can be kept in the database, file, or hardcoded directly into the code. if tocken: timestamp = request. GET ['timestamp'] nonce = request. GET ['nonce '] signature = request. GET ['signature'] echostr = request. GET ['echostr'] arr = [tocken, timestamp, nonce] arr. sort () data = ''for s in arr: data + = s sha1 = hashlib. sha1 () # or hashlib. md5 () sha1.update (data) _ signature = sha1.hexdigest () # generate a 40-bit (sha1) or 32-bit (md5) hexadecimal string if _ signature = signature: return HttpResponse (echostr) # return echostr return HttpResponse ('error') # return error

The above is the logic process and source code for the developer to verify the URL and Tocken. The following describes the overall operation process;

IV. operation process

1. deploy the application on the developer server and provide the URL and Tocken (this URL requires the public platform to access it)

2. after adding the URL and Tocken to the public platform developer mode, the public platform will automatically request the URL, and the developer server will perform data verification (signature verification). if the verification passes, return echostr to the public platform

3. if you have successfully become a developer account and the public account mode is adjusted to the developer mode, the message sent by the user to the public account is not replied by the public platform, the public platform forwards the message to the developer server and the developer server replies to the message.

Now, the authentication of URL and Tocken is over. if the authentication succeeds, congratulations. your account is already a developer account. The next step is to develop the function of replying to user messages, otherwise, the user will not receive any messages;

The above is the public account development: URL and Tocken introduction details, please pay attention to other articles related to php Chinese network!

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.