小程序新方法wx.getUserProfile授权逻辑
作者:互联网
首先明确官方的两种方法
1、wx.getUserInfo 获取用户匿名信息,携带用户标识
2、wx.getUserProfile 获取用户个人信息,不携带用户标识
这里做一下两种方法测试
第一种
先简单调用获取一下信息
wx.getUserInfo({
success(e){
console.log(e)
}
})
encryptedData: "d38sRu5qg3qvFObvxO7gWihh28yfs9YQ1uAEjqqE0HkLxdp/zcpMR/NKAgaVqWv37128UIQF8xS28P2zDdM5oGdMfH5lJn43VWqS7rcynexxYT5x1XJSH9hk92dDYKTPIyAZxKLJL9vjgURPjeoW9HMlrFIQs5U30cCud7F4wtgZJ8ZpC1KNCR+psGLIblLJKgYzeh4zN1BTUuSAqGXcziBQK1IZ/9kV+2O/gCUC5SUGmLEfCYYIeVAZ8oDTUYEctmejH1rUBnMzWmoGdyCjzbk4xLE87oVjFmQZ1SjhsMuyvauE/R9fI9C6x8q64+pzzKX1BoLWuEtM5/m241luK1Beg6Lo1x4b6z0FIlXmDHZCuaWANDpCAQccXV1640RWZD5MW+jdQgPT6vnpydQY/vaoWknOd6qk0k+dpYY2ghkmDjsfdoMg+Lfi5D7VEhwpB5+I3vRpL5GZxVdFKRNPRA=="
errMsg: "getUserInfo:ok"
iv: "KKCRPulI95UpkNtMofp3wQ=="
rawData: "{"nickName":"微信用户","gender":0,"language":"","city":"","province":"","country":"","avatarUrl":"https://thirdwx.qlogo.cn/mmopen/vi_32/POgEwh4mIHO4nibH0KlMECNjjGxQUq24ZEaGT4poC6icRiccVGKSyXwibcPq4BWmiaIGuG1icwxaQX6grC9VemZoJ8rg/132"}"
signature: "1b7ab4f8fcbb00b9259fb8f71667d992732f41b6"
userInfo:{
avatarUrl: "https://thirdwx.qlogo.cn/mmopen/vi_32/POgEwh4mIHO4nibH0KlMECNjjGxQUq24ZEaGT4poC6icRiccVGKSyXwibcPq4BWmiaIGuG1icwxaQX6grC9VemZoJ8rg/132"
city: ""
country: ""
gender: 0
language: ""
nickName: "微信用户"
province: ""
}
发送给后端解密
wx.login({
success: function (res) {
var code = res.code
// 获取用户信息
wx.getUserInfo({
lang: "zh_CN",
success: function (data) {
var rawData = data.rawData;
var signature = data.signature;
var encryptedData = data.encryptedData;
var iv = data.iv;
var data = {
code: code,
rawData: rawData,
signature: signature,
iv: iv,
encryptedData: encryptedData,
}
wx.request({
url: '自己的域名地址信息/login',
data: data,
method: 'POST',
success: (res) => {
},
})
},
});
},
});
返回值信息
可以看到有解密出openid、unionid等用户标识信息
第二种
新方法需要按钮触发
<button bindtap="getUserProfile"> 获取头像昵称 </button>
getUserProfile(e) {
// 推荐使用wx.getUserProfile获取用户信息,开发者每次通过该接口获取用户个人信息均需用户确认,开发者妥善保管用户快速填写的头像昵称,避免重复弹窗
wx.getUserProfile({
desc: '展示用户信息', // 声明获取用户个人信息后的用途,后续会展示在弹窗中,请谨慎填写
success: (res) => {
console.log(res)
}
})
},
返回值信息
cloudID: "46_4Uvcj7WwXFMUwK2Zg_5lXPxulVsM9gJlByeHrrRoQBc09feCoinNaJ2D0Wg"
encryptedData: "1oechSP27v6/nN9H+YNASAeD1bYSXiHFeEQPOjiw5WrVWJF3SRaCuOdVUgE3bK/3cj4Z+51oSvvuTM9zVp0qRfblfz5cpzvX943M92SgsueXrMzeyVS0ToYNnsTsC9MvHuuQeaUW3TDGBR8BkbUEensmA5NSIn+HoRsdtssrjKgaoHz8XKgcY9DBpsWGNm1rDfVIZ07+SmbJnD49LQjuheIF6kcGHxodlX43mrxHIQ1xvbaIzTt84NZg4JZv/dfc/Q/h/yy6N3HtmNxDE80oEdA7ZOVNZR/RuOqcZfxhSeSLPplMO8EN+GTAjryxER63eFCHc7uvC/qgyXF4onAFz3Poi/JQ833tnbqANqi4mLEAaAVMcK/2w2oy4ziIVUi6rT7Ov6EWf6qlixv9oceWIllEiSxCfH/IoPTo1N3sUxgpGrKF2tS6u4noMQ0EMZn0"
errMsg: "getUserProfile:ok"
iv: "8ncQkIUXWra+c40L6VCD0Q=="
rawData: "{"nickName":"李先生","gender":1,"language":"zh_CN","city":"Tangshan","province":"Hebei","country":"China","avatarUrl":"https://thirdwx.qlogo.cn/mmopen/vi_32/DYAIOgq83er5VdR9OBenNvmek4dFMRS3BKaytCb9RWRlln2ibXTEIQUFF5LoELXNNjeFa4fHFfnx9vicgKGQYXcw/132"}"
signature: "bd051a224302c209685fd54b052e9d3c1070b0ec"
userInfo:{
avatarUrl: "https://thirdwx.qlogo.cn/mmopen/vi_32/DYAIOgq83er5VdR9OBenNvmek4dFMRS3BKaytCb9RWRlln2ibXTEIQUFF5LoELXNNjeFa4fHFfnx9vicgKGQYXcw/132"
city: "Tangshan"
country: "China"
gender: 1
language: "zh_CN"
nickName: "李先生"
province: "Hebei"
}
可以拿到用户信息,发送给后端解密
getUserProfile(e) {
// 推荐使用wx.getUserProfile获取用户信息,开发者每次通过该接口获取用户个人信息均需用户确认,开发者妥善保管用户快速填写的头像昵称,避免重复弹窗
wx.getUserProfile({
desc: '展示用户信息', // 声明获取用户个人信息后的用途,后续会展示在弹窗中,请谨慎填写
success: (data) => {
console.log(data)
var rawData = data.rawData;
var signature = data.signature;
var encryptedData = data.encryptedData;
var iv = data.iv;
wx.login({
success(res) {
var code = res.code
var data = {
code: code,
rawData: rawData,
signature: signature,
iv: iv,
encryptedData: encryptedData,
}
wx.request({
url: '自己的域名地址信息/login',
data: data,
method: 'POST',
success: (res) => {
},
})
}
})
}
})
},
返回值
可以发现是没有用户标识信息的
通过改变结合之后
getUserProfile(e) {
// 推荐使用wx.getUserProfile获取用户信息,开发者每次通过该接口获取用户个人信息均需用户确认,开发者妥善保管用户快速填写的头像昵称,避免重复弹窗
wx.getUserProfile({
desc: '展示用户信息', // 声明获取用户个人信息后的用途,后续会展示在弹窗中,请谨慎填写
success: (data) => {
console.log(data)
var userinfo = data.userInfo;
wx.login({
success(res) {
var code = res.code
wx.getUserInfo({
success(info) {
var rawData = info.rawData
var signature = info.signature
var iv = info.iv
var encryptedData = info.encryptedData
var data = {
code: code,
rawData: rawData,
signature: signature,
iv: iv,
encryptedData: encryptedData,
userinfo:userinfo
}
wx.request({
url: 'https://usd.0315678.cn/Test/login',
data: data,
method: 'POST',
success: (res) => {
},
})
}
})
}
})
}
})
},
小结
通过wx.getUserProfile获取用户个人信息,通过按钮触发,之后通过wx.login拿到code传给后端换取sesssion_key,解密通过wx.getUserInfo拿到的iv向量,敏感信息等加密数据进行解密入库
标签:用户,iv,rawData,var,授权,data,getUserProfile,wx 来源: https://blog.csdn.net/weixin_46011182/article/details/118520104