当今二维码的流行 以及安全登录要求,二维码登录应用而生 扫码登录好像特别神奇但是仔细分析其实没有那么神秘!
引用百度百科对二维码的解释:
二维条码/二维码(2-dimensional bar code)是用某种特定的几何图形按一定规律在平面(二维方向上)分布的黑白相间的图形记录数据符号信息的;在代码编制上巧妙地利用构成计算机内部逻辑基础的“0”、“1”比特流的概念,使用若干个与二进制相对应的几何形体来表示文字数值信息,通过图象输入设备或光电扫描设备自动识读以实现信息自动处理:它具有条码技术的一些共性:每种码制有其特定的字符集;每个字符占有一定的宽度;具有一定的校验功能等。同时还具有对不同行的信息自动识别功能、及处理图形旋转变化点。
下面对JD二维码登录概要图:
1.我们先打开chrome开发人员工具 观察ajax轮询:
1.1我们看一下服务器端的返回码(只有没有登录和二维码失效的返回码 )【没有失效之前返回201】
1.2二维码失效(返回203)【同时停止ajax轮询】
图片里基本上说了 仅仅是我的理解 有错误还希望指出!谢谢
1 /** 2 * sdk - login2015.js 3 * 4 */ 5 var LoginConstant = { 6 HTTP_SCHEME: "http:", 7 HTTPS_SCHEME: "https:", 8 REMOTE_COUNTRY_CODE: "//misc.360buyimg.com/user/passport/1.0.0/js/login.countrycode-1130.js", 9 LOCAL_COUNTRY_CODE: "user/passport-2015/js/login.countrycode.js" 10 }; 11 12 var Util = { 13 Cookie: { 14 set: function (name, value, expire) { 15 var exp = new Date(); 16 exp.setTime(exp.getTime() + expire * 24 * 60 * 60 * 1000); 17 document.cookie = name + "=" + encodeURIComponent(value, "UTF-8") + ";expires=" + exp.toGMTString() + ";domain=passport.jd.com;path=/"; 18 }, 19 get: function (key) { 20 var cookies = document.cookie ? document.cookie.split('; ') : []; 21 for (var i = 0, l = cookies.length; i < l; i++) { 22 var parts = cookies[i].split('='); 23 var name = parts.shift(); 24 var cookie = parts.join('='); 25 if (key && key === name) { 26 return cookie; 27 } 28 } 29 }, 30 setALCookie: function () { 31 if ($("input[name='chkRememberMe']").prop("checked")) { 32 var Days = 3 * 30; 33 this.set("alpin", $("#loginname").val(), Days); 34 } else { 35 var v = this.get("alpin"); 36 if (v) { 37 this.set("alpin", "", -100); 38 } 39 } 40 } 41 }, 42 Header: { 43 getProtocol: function(){ 44 var parentScheme = ''; 45 try{ 46 parentScheme = parent.location.protocol; 47 }catch(e){ 48 } 49 50 if(!parentScheme){ 51 var referer = document.referrer; 52 if(referer.indexOf(LoginConstant.HTTPS_SCHEME) == 0){ 53 parentScheme = LoginConstant.HTTPS_SCHEME; 54 }else{ 55 parentScheme = LoginConstant.HTTP_SCHEME; 56 } 57 } 58 return parentScheme; 59 } 60 } 61 }; 62 63 64 (function(){ 65 /** 66 * 加密密码 67 * @param pwd 68 */ 69 function getEntryptPwd(pwd){ 70 var pubKey = $('#pubKey').val(); 71 if(!pwd || !pubKey || !SysConfig.encryptInfo){ 72 return pwd; 73 } 74 var encrypt = new JSEncrypt(); 75 encrypt.setPublicKey(pubKey); 76 return encrypt.encrypt(pwd); 77 } 78 79 /** 80 * 初始化国家代码弹层请求 81 * 82 * @param obj 83 */ 84 function initCountryCode(obj) { 85 if (obj.countryTips) { 86 var resURL = LoginConstant.REMOTE_COUNTRY_CODE; 87 if (obj.localRes) { 88 resURL = LoginConstant.LOCAL_COUNTRY_CODE; 89 } 90 seajs.use(resURL, function (CountryCodeLayer) { 91 CountryCodeLayer.init(); 92 }); 93 } 94 } 95 96 //显示验证码 97 function showAuthCode(){ 98 if($("#o-authcode").css("display")!="none"){ 99 return; 100 } 101 var loginUrl = "../uc/showAuthCode"; 102 var loginName=$("#loginname").val(); 103 $.ajax({ 104 type: "POST", 105 url: loginUrl + "?r=" + Math.random()+"&version=2015", 106 contentType: "application/x-www-form-urlencoded; charset=utf-8", 107 data: { 108 loginName:loginName 109 }, 110 dataType:"text", 111 success: function (result) { 112 if (result) { 113 var obj = eval(result); 114 if (obj.verifycode) { 115 $("#o-authcode").show(); 116 $("#JD_Verification1").click(); 117 } else { 118 $("#o-authcode").hide(); 119 } 120 } 121 } 122 }); 123 } 124 125 function rememberMeCheck(){ 126 if(!window.SysConfig.rememberMeShowEnable){ 127 return; 128 } 129 var loginName=$("#loginname").val(); 130 if(!loginName){ 131 return; 132 } 133 $.ajax({ 134 type: "POST", 135 url: "../uc/rememberMeCheck?r=" + Math.random()+"&version=2015", 136 contentType: "application/x-www-form-urlencoded; charset=utf-8", 137 data: { 138 loginName:loginName 139 }, 140 dataType:"text", 141 success: function (result) { 142 var data = eval(result); 143 if (data.caluEnable){ 144 return; 145 } 146 if (data.checked) { 147 if($('.msg-error').text() != ""){ 148 $('.msg-error').show(); 149 $('.msg-warn').hide(); 150 }else{ 151 if($('.msg-warn').text() != ""){ 152 153 }else{ 154 $('.msg-warn').html("<b></b>公共场所不建议自动登录,以防账号丢失"); 155 } 156 $('.msg-warn').show(); 157 } 158 $('#autoLogin').prop("checked",true); 159 }else{ 160 $('.msg-warn').hide(); 161 $('#autoLogin').prop("checked",false); 162 } 163 } 164 }); 165 } 166 //登陆操作 167 function loginSubmit(callback) { 168 $('#loginsubmit').text('正在登录...'); 169 if(window.location.href.indexOf("/popupLogin2013")!=-1){ 170 frameLoginSubmit(callback); 171 return; 172 } 173 var loginUrl = "/uc/loginService"; 174 var uuid = $("#uuid").val(); 175 var chkRememberMe = ""; 176 if ($('#autoLogin').attr('checked')) { 177 chkRememberMe = "on"; 178 } 179 180 181 182 $.ajax({ 183 url: loginUrl + "?uuid=" + uuid + "&" + location.search.substring(1) + "&r=" + Math.random()+"&version=2015", 184 type: "POST", 185 dataType: "text", 186 contentType: "application/x-www-form-urlencoded; charset=utf-8", 187 data: { 188 uuid:$('#uuid').val(), 189 eid:$('#eid').val(), 190 fp:$('#sessionId').val(), 191 _t:$('#token').val(), 192 loginType:$('#loginType').val(), 193 loginname:$('#loginname').val(), 194 nloginpwd:getEntryptPwd($('#nloginpwd').val()), 195 chkRememberMe:chkRememberMe, 196 authcode:$('#authcode').val(), 197 pubKey:$('#pubKey').val(), 198 sa_token:$('#sa_token').val(), 199 seqSid:window._jdtdmap_sessionId 200 }, 201 error: function () { 202 showMesInfo("网络超时,请稍后再试","error"); 203 }, 204 success: function (result) { 205 if (result) { 206 var obj = eval(result); 207 if (obj.success) { 208 Util.Cookie.setALCookie(); 209 var isIE = !-[1,]; 210 if (isIE) { 211 var link = document.createElement("a"); 212 link.href = obj.success; 213 link.style.display = 'none'; 214 document.body.appendChild(link); 215 link.click(); 216 } else { 217 window.location = obj.success; 218 } 219 return; 220 } 221 222 if (obj.transfer) { 223 window.location = obj.transfer + window.location.search; 224 return; 225 } 226 if (obj.venture) { 227 window.location = "//safe.jd.com/dangerousVerify/index.action?username=" + obj.venture + "&ReturnUrl=" + encodeURI(obj.ventureRet) + "&p=" +obj.p+ "&t=" + new Date().getTime(); 228 return; 229 } 230 if (obj.resetpwd) { 231 window.location = "//safe.jd.com/resetPwd/reset.action?username=" + obj.resetpwd; 232 return; 233 } 234 if (obj.rescue) { 235 window.location = obj.rescue; 236 return; 237 } 238 239 if(obj._t){ 240 $("#token").val(obj._t); 241 } 242 243 if (obj.verifycode || obj.authcode1 || obj.authcode2 || obj.emptyAuthcode) { 244 $("#o-authcode").show(); 245 } 246 $("#JD_Verification1").click(); 247 if (obj.authcode2) { 248 callback(obj.authcode2,"error",["#authcode"]); 249 } 250 if (obj.username) { 251 initCountryCode(obj); 252 callback(obj.username,"error",["#loginname"]); 253 } 254 if (obj.pwd) { 255 initCountryCode(obj); 256 callback(obj.pwd,"error",["#nloginpwd"]); 257 clearPwd(); 258 } 259 if (obj.emptyAuthcode) { 260 callback(obj.emptyAuthcode,"error",["#authcode"]); 261 } 262 } 263 var input=$('.item-error').eq(0).find('input'); 264 var t=input.val(); 265 input.val("").focus().val(t); 266 $("#loginsubmit").html("登 录"); 267 } 268 }); 269 } 270 271 function frameLoginSubmit(callback){ 272 var uuid = $("#uuid").val(); 273 var protocol = Util.Header.getProtocol(); 274 var chkRememberMe = ""; 275 if ($('#autoLogin').attr('checked')) { 276 chkRememberMe = "on"; 277 } 278 279 $.ajax({ 280 type: "POST", 281 dataType: "text", 282 url: "../uc/loginService?nr=1&uuid=" + uuid + "&" + location.search.substring(1) + "&r=" + Math.random() + "&version=2015", 283 contentType: "application/x-www-form-urlencoded; charset=utf-8", 284 data: { 285 uuid:$('#uuid').val(), 286 eid:$('#eid').val(), 287 fp:$('#sessionId').val(), 288 _t:$('#token').val(), 289 loginType:$('#loginType').val(), 290 loginname:$('#loginname').val(), 291 nloginpwd:getEntryptPwd($('#nloginpwd').val()), 292 chkRememberMe:chkRememberMe, 293 authcode:$('#authcode').val(), 294 pubKey:$('#pubKey').val(), 295 sa_token:$('#sa_token').val(), 296 seqSid:window._jdtdmap_sessionId 297 }, 298 error: function () { 299 showMesInfo("网络超时,请稍后再试","error"); 300 }, 301 success: function (result) { 302 if (result) { 303 var obj = eval(result); 304 if (obj.success || obj.transfer) { 305 Util.Cookie.setALCookie(); 306 var relayUrl = protocol + '//passport.jd.com/relay/loginRelay.htm'; 307 try{ 308 docRef = document.referrer; 309 var regExp = /([\w-]+)\.(jd\.hk|jd360\.hk|yiyaojd\.com|baitiao\.com)/; 310 var match = docRef.match(regExp); 311 if(match != null && match.length>=3){ 312 var ua = navigator.userAgent; 313 var isIE = (ua.indexOf('MSIE') >= 0 || ua.indexOf("Trident") >= 0); 314 var hkShortDomainEnable = window.popupConfig.hkShortDomainEnable; 315 if(isIE && match[2] == "jd.hk" && hkShortDomainEnable){ 316 relayUrl = protocol + "//" + match[0] + "/relay/loginRelay.htm"; 317 }else{ 318 relayUrl = protocol + "//sso." + match[2] + "/popup/redirect"; 319 } 320 } 321 }catch(e){ 322 } 323 324 if (obj.notnr) { 325 window.location.href=relayUrl; 326 return; 327 } 328 329 try { 330 $.ajax({ 331 type: "GET", 332 url: obj.success, 333 dataType: "jsonp", 334 timeout: 1000, 335 success: function (result) { 336 window.location.href=relayUrl; 337 return; 338 } 339 }); 340 } catch (e) { 341 window.location.href=relayUrl; 342 return; 343 } 344 } 345 if (obj.venture) { 346 var parentRef=""; 347 try{ 348 parentRef = document.referrer; 349 }catch(e){ 350 } 351 window.parent.location = protocol + "//safe.jd.com/dangerousVerify/index.action?username=" + obj.venture + "&ReturnUrl=" + encodeURI(parentRef) + "&p=" +obj.p+ "&t=" + new Date().getTime(); 352 return; 353 } 354 if (obj.resetpwd) { 355 window.parent.location = protocol + "//safe.jd.com/resetPwd/reset.action?username=" + obj.resetpwd; 356 return; 357 } 358 if (obj.rescue) { 359 window.parent.location = obj.rescue; 360 return; 361 } 362 if(obj._t){ 363 $("#token").val(obj._t); 364 } 365 366 if (obj.verifycode || obj.authcode1 || obj.authcode2 || obj.emptyAuthcode) { 367 $("#o-authcode").show(); 368 } 369 $("#JD_Verification1").click(); 370 if (obj.authcode2) { 371 callback(obj.authcode2,"error",["#authcode"]); 372 } 373 if (obj.username) { 374 initCountryCode(obj); 375 callback(obj.username,"error",["#loginname"]); 376 } 377 if (obj.pwd) { 378 initCountryCode(obj); 379 callback(obj.pwd,"error",["#nloginpwd"]); 380 clearPwd(); 381 } 382 if (obj.emptyAuthcode) { 383 callback(obj.emptyAuthcode,"error",["#authcode"]); 384 } 385 } 386 var input=$('.item-error').eq(0).find('input'); 387 var t=input.val(); 388 input.val("").focus().val(t); 389 $("#loginsubmit").html("登 录"); 390 } 391 }); 392 } 393 394 function showMesInfo(msg, type) { 395 $('.form>.msg-wrap').empty(); 396 if (type == 'warn') { 397 var info = '<div class="msg-warn"><b></b>' + msg + '</div>'; 398 $('.form>.msg-wrap').append(info); 399 } 400 if (type == 'error') { 401 var info = '<div class="msg-error"><b></b>' + msg + '</div>'; 402 $('.form>.msg-wrap').append(info); 403 } 404 } 405 406 /** 407 * 清除密码 408 */ 409 function clearPwd(){ 410 $("#nloginpwd").val(""); 411 $('#nloginpwd').siblings('.clear-btn').hide(); 412 } 413 414 function assemblyForm(){ 415 416 } 417 /** 418 * 鼠标离开用户名 419 */ 420 $('#loginname').blur(function(){ 421 rememberMeCheck(); 422 }); 423 window.loginSubmit=loginSubmit; 424 window.assemblyForm=assemblyForm; 425 window.showAuthCode=showAuthCode; 426 })();
当然了从js代码中我们可以看到SSO(单点登录)的身影和搜索ajax你可以找到jsonp的身影 其他就不再多说!不早了赶紧睡觉~~