编程语言
首页 > 编程语言> > 小程序新方法wx.getUserProfile授权逻辑

小程序新方法wx.getUserProfile授权逻辑

作者:互联网

首先明确官方的两种方法
1、wx.getUserInfo 获取用户匿名信息,携带用户标识
2、wx.getUserProfile 获取用户个人信息,不携带用户标识

这里做一下两种方法测试

第一种

先简单调用获取一下信息

wx.getUserInfo({
     success(e){
       console.log(e)
     }
})
encryptedData: "d38sRu5qg3qvFObvxO7gWihh28yfs9YQ1uAEjqqE0HkLxdp/zcpMR/NKAgaVqWv37128UIQF8xS28P2zDdM5oGdMfH5lJn43VWqS7rcynexxYT5x1XJSH9hk92dDYKTPIyAZxKLJL9vjgURPjeoW9HMlrFIQs5U30cCud7F4wtgZJ8ZpC1KNCR+psGLIblLJKgYzeh4zN1BTUuSAqGXcziBQK1IZ/9kV+2O/gCUC5SUGmLEfCYYIeVAZ8oDTUYEctmejH1rUBnMzWmoGdyCjzbk4xLE87oVjFmQZ1SjhsMuyvauE/R9fI9C6x8q64+pzzKX1BoLWuEtM5/m241luK1Beg6Lo1x4b6z0FIlXmDHZCuaWANDpCAQccXV1640RWZD5MW+jdQgPT6vnpydQY/vaoWknOd6qk0k+dpYY2ghkmDjsfdoMg+Lfi5D7VEhwpB5+I3vRpL5GZxVdFKRNPRA=="
errMsg: "getUserInfo:ok"
iv: "KKCRPulI95UpkNtMofp3wQ=="
rawData: "{"nickName":"微信用户","gender":0,"language":"","city":"","province":"","country":"","avatarUrl":"https://thirdwx.qlogo.cn/mmopen/vi_32/POgEwh4mIHO4nibH0KlMECNjjGxQUq24ZEaGT4poC6icRiccVGKSyXwibcPq4BWmiaIGuG1icwxaQX6grC9VemZoJ8rg/132"}"
signature: "1b7ab4f8fcbb00b9259fb8f71667d992732f41b6"
userInfo:{
	avatarUrl: "https://thirdwx.qlogo.cn/mmopen/vi_32/POgEwh4mIHO4nibH0KlMECNjjGxQUq24ZEaGT4poC6icRiccVGKSyXwibcPq4BWmiaIGuG1icwxaQX6grC9VemZoJ8rg/132"
	city: ""
	country: ""
	gender: 0
	language: ""
	nickName: "微信用户"
	province: ""
}

发送给后端解密

wx.login({
      success: function (res) {
        var code = res.code
        // 获取用户信息
        wx.getUserInfo({
          lang: "zh_CN",
          success: function (data) {
            var rawData = data.rawData;
            var signature = data.signature;
            var encryptedData = data.encryptedData;
            var iv = data.iv;
            var data = {
              code: code,
              rawData: rawData,
              signature: signature,
              iv: iv,
              encryptedData: encryptedData,
            }
            wx.request({
              url: '自己的域名地址信息/login',
              data: data,
              method: 'POST',
              success: (res) => {

              },
            })
          },
        });
      },
    });

返回值信息
在这里插入图片描述

可以看到有解密出openid、unionid等用户标识信息

第二种

新方法需要按钮触发

<button bindtap="getUserProfile"> 获取头像昵称 </button>
  getUserProfile(e) {
    // 推荐使用wx.getUserProfile获取用户信息,开发者每次通过该接口获取用户个人信息均需用户确认,开发者妥善保管用户快速填写的头像昵称,避免重复弹窗
    wx.getUserProfile({
      desc: '展示用户信息', // 声明获取用户个人信息后的用途,后续会展示在弹窗中,请谨慎填写
      success: (res) => {
        console.log(res)
      }
    })
  },

返回值信息

cloudID: "46_4Uvcj7WwXFMUwK2Zg_5lXPxulVsM9gJlByeHrrRoQBc09feCoinNaJ2D0Wg"
encryptedData: "1oechSP27v6/nN9H+YNASAeD1bYSXiHFeEQPOjiw5WrVWJF3SRaCuOdVUgE3bK/3cj4Z+51oSvvuTM9zVp0qRfblfz5cpzvX943M92SgsueXrMzeyVS0ToYNnsTsC9MvHuuQeaUW3TDGBR8BkbUEensmA5NSIn+HoRsdtssrjKgaoHz8XKgcY9DBpsWGNm1rDfVIZ07+SmbJnD49LQjuheIF6kcGHxodlX43mrxHIQ1xvbaIzTt84NZg4JZv/dfc/Q/h/yy6N3HtmNxDE80oEdA7ZOVNZR/RuOqcZfxhSeSLPplMO8EN+GTAjryxER63eFCHc7uvC/qgyXF4onAFz3Poi/JQ833tnbqANqi4mLEAaAVMcK/2w2oy4ziIVUi6rT7Ov6EWf6qlixv9oceWIllEiSxCfH/IoPTo1N3sUxgpGrKF2tS6u4noMQ0EMZn0"
errMsg: "getUserProfile:ok"
iv: "8ncQkIUXWra+c40L6VCD0Q=="
rawData: "{"nickName":"李先生","gender":1,"language":"zh_CN","city":"Tangshan","province":"Hebei","country":"China","avatarUrl":"https://thirdwx.qlogo.cn/mmopen/vi_32/DYAIOgq83er5VdR9OBenNvmek4dFMRS3BKaytCb9RWRlln2ibXTEIQUFF5LoELXNNjeFa4fHFfnx9vicgKGQYXcw/132"}"
signature: "bd051a224302c209685fd54b052e9d3c1070b0ec"
userInfo:{
	avatarUrl: "https://thirdwx.qlogo.cn/mmopen/vi_32/DYAIOgq83er5VdR9OBenNvmek4dFMRS3BKaytCb9RWRlln2ibXTEIQUFF5LoELXNNjeFa4fHFfnx9vicgKGQYXcw/132"
	city: "Tangshan"
	country: "China"
	gender: 1
	language: "zh_CN"
	nickName: "李先生"
	province: "Hebei"
}

可以拿到用户信息,发送给后端解密

 getUserProfile(e) {
    // 推荐使用wx.getUserProfile获取用户信息,开发者每次通过该接口获取用户个人信息均需用户确认,开发者妥善保管用户快速填写的头像昵称,避免重复弹窗
    wx.getUserProfile({
      desc: '展示用户信息', // 声明获取用户个人信息后的用途,后续会展示在弹窗中,请谨慎填写
      success: (data) => {
        console.log(data)
        var rawData = data.rawData;
        var signature = data.signature;
        var encryptedData = data.encryptedData;
        var iv = data.iv;
        wx.login({
          success(res) {
            var code = res.code
            var data = {
              code: code,
              rawData: rawData,
              signature: signature,
              iv: iv,
              encryptedData: encryptedData,
            }
            wx.request({
              url: '自己的域名地址信息/login',
              data: data,
              method: 'POST',
              success: (res) => {

              },
            })
          }
        })
      }
    })
  },

返回值
在这里插入图片描述
可以发现是没有用户标识信息的

通过改变结合之后

getUserProfile(e) {
    // 推荐使用wx.getUserProfile获取用户信息,开发者每次通过该接口获取用户个人信息均需用户确认,开发者妥善保管用户快速填写的头像昵称,避免重复弹窗
    wx.getUserProfile({
      desc: '展示用户信息', // 声明获取用户个人信息后的用途,后续会展示在弹窗中,请谨慎填写
      success: (data) => {
        console.log(data)
        var userinfo = data.userInfo;
        wx.login({
          success(res) {
            var code = res.code
            wx.getUserInfo({
              success(info) {
                var rawData = info.rawData
                var signature = info.signature
                var iv = info.iv
                var encryptedData = info.encryptedData
                var data = {
                  code: code,
                  rawData: rawData,
                  signature: signature,
                  iv: iv,
                  encryptedData: encryptedData,
                  userinfo:userinfo
                }
                wx.request({
                  url: 'https://usd.0315678.cn/Test/login',
                  data: data,
                  method: 'POST',
                  success: (res) => {

                  },
                })
              }
            })

          }
        })
      }
    })
  },

在这里插入图片描述

小结
通过wx.getUserProfile获取用户个人信息,通过按钮触发,之后通过wx.login拿到code传给后端换取sesssion_key,解密通过wx.getUserInfo拿到的iv向量,敏感信息等加密数据进行解密入库

标签:用户,iv,rawData,var,授权,data,getUserProfile,wx
来源: https://blog.csdn.net/weixin_46011182/article/details/118520104