對於一個從前端轉到后端的開發人員來說,這個玩意兒開始的時候是有點郁悶;不過明白原理之后就簡單了,
獲取jsapi_ticket;必須先獲取access_token;
微信開發文檔說access_token的有效時間是7200秒(兩小時);
但沒有說過期后怎么辦,這里的access_token容易和網頁授權的access_token搞混;
后者有刷新地址,前者沒有,那怎么辦呢,聽好了,過期后重新獲取;
一般做網站開發,必須把access_token和jsapi_ticket存到服務器,並且根據過期時間定期更新,這個后期再說;
現在主要實驗,獲取jsapi_ticket,並生成前端頁面需要注入的數據,從而使前端頁面使用js-sdk的權限;
這里有一個容易忽視的小tips,微信前面要求設置js安全域名時,填入的是域名而不是utl;
nodejs為前端頁面提供jsapi_ticket的代碼實現如下;
從第43行開始;
1 var express = require('express'); 2 var cookieParser = require('cookie-parser'); 3 var bodyParser = require('body-parser'); 4 var OAuth = require('wechat-oauth'); 5 var request = require('request'); 6 var sha1 = require('sha1'); 7 var path = require('path'); 8 var app = express(); 9 app.use(bodyParser.json()); 10 app.use(bodyParser.urlencoded({ extended: false })); 11 app.use(cookieParser()); 12 app.use(express.static('public')); 13 var port = 18080; 14 var appid = 'wx75340481908402a8'; 15 var appsecret = '2b6ee0cbeec0114eb539e68ba356329b'; 16 17 //首先拼接url 18 var url = "https://open.weixin.qq.com/connect/oauth2/authorize?appid=wx75340481908402a8&redirect_uri=http%3a%2f%2fwechatapp1.duapp.com%2fcallback&response_type=code&scope=snsapi_userinfo&state=STATE#wechat_redirect" 19 app.get('/test',function(req,res){ 20 res.redirect(url); 21 }); 22 //四步請求打法; 23 //第一步:獲得code; 24 app.get('/callback',function(req,res){ 25 var code = req.query.code; 26 var url = 'https://api.weixin.qq.com/sns/oauth2/access_token?appid=' + appid + '&secret=' + appsecret + '&code=' + code + '&grant_type=authorization_code'; 27 //第二步:獲得token 28 request.get(url,function(err,response,body) { 29 var json = JSON.parse(body); 30 var refreshUrl = 'https://api.weixin.qq.com/sns/oauth2/refresh_token?appid=' + appid + '&grant_type=refresh_token&refresh_token=' + json.refresh_token; 31 //第三步:獲得refreshtoken和openId; 32 request.get(refreshUrl,function (err,response,refresh) { 33 var json = JSON.parse(refresh); 34 var infoUrl = 'https://api.weixin.qq.com/sns/userinfo?access_token=' + json.access_token + '&openid=' + json.openid + '&lang=zh_CN'; 35 //第四步:通過上一步刷新得來的refresh和openId請求用戶信息; 36 request.get(infoUrl,function(err,response,info) { 37 var info = JSON.parse(info); 38 res.send(info); 39 }); 40 }); 41 }); 42 }); 43 //1、設置api接口,使前端通過ajax可以獲取jsapi-sdk; 44 app.get('/wechat/ticket',function (req, res) { 45 var page = req.query.page; 46 var t = {}; 47 var url = 'https://api.weixin.qq.com/cgi-bin/token?grant_type=client_credential&appid='+appid+'&secret='+appsecret; 48 //2、獲取access_token; 49 request.get(url,function(err, response, body) { 50 var token = JSON.parse(body); 51 var ticketUrl = 'https://api.weixin.qq.com/cgi-bin/ticket/getticket?access_token=' + token.access_token + '&type=jsapi'; 52 //3、獲取ticket並且生成隨機字符串,時間戳,簽名 53 request.get(ticketUrl, function(err, response, ticket) { 54 var data = JSON.parse(ticket); 55 var timestamp = parseInt(new Date().getTime() / 1000); 56 t.ticket = data.ticket; 57 t.noncestr = sha1(new Date()); 58 t.timestamp = timestamp; 59 var string = 'jsapi_ticket=' + t.ticket + '&noncestr=' + t.noncestr + '×tamp=' + timestamp + '&url=' + page; 60 t.signature = sha1(string); 61 res.json(t); 62 }); 63 }); 64 }); 65 66 67 68 app.listen(port);