Mini Program logged in for the first time (obtained authorization for the first time) and obtained code rawData signature to the server after the server obtained the sha1 encryption value of session_key and rawData based on code that was not consistent with signature, but the second time (after obtaining authorization again) the server verified the same value! Cause my Mini Program user authorization to be authorized twice! What"s going on?
Authorization wxml Code
<view class="container">
<view class="authorize">
<text class="aut_title"></text>
<text class="aut_content"></text>
<button open-type="getUserInfo" bindgetuserinfo="onGotUserInfo" class="aut_but" bindtap="authCheck"> </button>
<image src="../../static/images/authorize.png"></image>
</view>
</view>
Authorization js Code
authCheck: function(success) {
wx.showLoading({
title: "",
})
wx.getSetting({ //
success: res => {
wx.hideLoading();
// if (res.authSetting["scope.userInfo"]) {}
}
})
},
onGotUserInfo: function(e) {
let rawData = e.detail.rawData || "";
if (rawData) {
wx.showLoading({
title: "",
})
this.ckLogin(rawData, e.detail.signature);
} else {
wx.showToast({
title: "",
icon: "none"
})
}
},
ckLogin: function(loginrawData, loginSignature) {
setTimeout(() => {
wx.login({ //
success: res => {
if (res.code) {
let loginCode = res.code,
param = {};
param.url = "login/signIn";
param.data = {};
param.data.code = loginCode;
param.data.raw_data = loginrawData;
param.data.signature = loginSignature;
util.requests(param, res => {
wx.setStorage({
key: "token",
data: res.data.data.token,
})
wx.setStorage({
key: "nick_name",
data: res.data.data.nick_name,
})
util.setStorageAll();
wx.navigateBack();
});
} else {
wx.showToast({
title: "",
icon: "none"
})
}
}
});
}, 200)
}
the easywechat package used by the PHP code encapsulates itself
$data["signature"]);
function start()
{
$options = [
"debug" => true,
"mini_program.app_id" => "XXXXXXXXX",
"mini_program.secret" => "XXXXXXXXXXXXXX",
"log" => [
"level" => "debug",
"file" => "/tmp/easywechat.log",
],
// ...
];
$this->mini_program = new Application($options);
// $data = $this->mini_program->mini_program->sns->getSessionKey();
// $data->toArray()
return $this;
}
/**
* session_key open_id union_id
* @param $code
* @return $this|void
*/
public function getSessionKey($code)
{
$data = $this->mini_program->mini_program->sns->getSessionKey($code)->toArray();
if (isset($data["errcode"])) {
list($this->code, $this->msg) = [0, "code"];
return;
}
list($this->session_key, $this->open_id, $this->union_id) = [$data["session_key"], $data["openid"], isset($data["union_id"]) ? $data["union_id"] : ""];
return $this;
}
/**
*
* @param $rawData
* @param $signature
* @return bool
*/
public function verify($rawData, $signature)
{
$session_key = &$this->session_key;
$str = $rawData.$session_key;
$en_code = sha1($str);
if ($en_code === $signature) {
return true;
} else {
return false;
}
}
PHP login method
public function signIn()
{
if ($this->request->isGet()) {
list($this->code, $this->msg) = [0, ""];
return;
}
if ($this->request->isPost()) {
//code
$data = $this->request->post();
$res = $this->validate($data, "app\api\validate\Login.login");
if (true !== $res) {
list($this->code, $this->msg) = [0, $res];
}
//
$weChat = new WeChat();
//
$is_weChat = $weChat->start()->getSessionKey($data["code"])->verify($data["raw_data"], $data["signature"]);
if (true === $is_weChat) {
// token
$data = $weChat->getUserInfo($data["raw_data"]);
$userModel = new WeUsers();
$user_info = $userModel->saveUser($data);
if (empty($user_info)) {
list($this->code, $this->msg) = [0, ""];
return;
} else {
$tokenModel = new Token();
$token = $tokenModel->makeToken($user_info["id"]);
$user_info["token"] = $token;
list($this->code, $this->msg, $this->data) = [1, "", $user_info];
return;
}
} else {
list($this->code, $this->msg) = [0, ""];
}
}
}
under the guidance of the boss of trouble
php7.1 tp5.0