App({ onLaunch: function () { wx.login({ success: function (res) { if (res.code) { var code = res.code; // 發送 res.code 到后台換取 openId, sessionKey, unionId console.log('獲取用戶登錄憑證:' + code); // --------- 發送憑證 ------------------ wx.request({ url: webserveurl, data: { action: "onlogin", code: code }, header: { 'content-type': 'application/json' // 默認值 }, success: function (res) { console.log("wx.request-onlogin-" + JSON.stringify(res)); if (res.data.errcode == 0) { wx.setStorageSync('openid', res.data.data.openid); var userid = res.data.data.userid; if (userid > 0) {//已經有賬號 wx.setStorageSync('userid', userid); } else {//游客 getUserInfo(); } } else { console.log("登錄失敗"); } } }); // ------------------------------------ } else { console.log('獲取用戶登錄態失敗!' + res.errMsg) } } }); }, //全局獲取openid的方法 getOpenId: function () { return wx.getStorageSync('openid'); }, //全局獲取openid的方法 getUserId: function () { return wx.getStorageSync('userid'); } })
private string OnLogin(HttpContext context) { string code = context.Request.Params["code"]; string retString = string.Empty; string formatString = string.Format(@"https://api.weixin.qq.com/sns/jscode2session?appid={0}&secret={1}&js_code={2}&grant_type=authorization_code", appid, appsecret, code); try { retString = weixinbase.RequestGetUrl(formatString); #region 正常返回的JSON數據包 ////正常返回的JSON數據包 //{ // "openid": "OPENID", // "session_key": "SESSIONKEY", //} ////滿足UnionID返回條件時,返回的JSON數據包 //{ // "openid": "OPENID", // "session_key": "SESSIONKEY", // "unionid": "UNIONID" //} ////錯誤時返回JSON數據包(示例為Code無效) //{ // "errcode": 40029, // "errmsg": "invalid code" //} #endregion ResultMsg relust = JsonConvert.DeserializeJsonToObject<ResultMsg>(retString); //開發者應該事先通過 wx.login 登錄流程獲取會話密鑰 session_key 並保存在服務器。為了數據不被篡改,開發者不應該把session_key傳到小程序客戶端等服務器外的環境。 if (relust.errcode == 0) { Model.TUser mod = bll_TUser.GetModelByOpenId(relust.openid) ?? new Model.TUser(); int userid = mod != null ? mod.ID : 0; //保存登錄狀態 context.Cache.Insert("USERModel_" + relust.openid, mod); //保存openid session_key context.Cache.Insert("session_key_" + relust.openid, relust.session_key); return "{\"errcode\": 0, \"errmsg\": \"登錄成功!\", \"data\":{\"userid\": \"" + userid + "\",\"openid\": \"" + relust.openid + "\"}}"; } else { return "{\"errcode\": " + relust.errcode + ", \"errmsg\": \"" + relust.errmsg + "\", \"data\":[]}"; } } catch (Exception ex) { return "{\"errcode\": -2, \"errmsg\": \"" + ex.StackTrace + "\", \"data\":[]}"; } } /// <summary> /// 結果信息 /// </summary> public class ResultMsg { /// <summary> /// 錯誤碼 /// </summary> public int errcode; /// <summary> /// 錯誤信息 /// </summary> public string errmsg; /// <summary> /// 用戶唯一標識 /// </summary> public string openid; /// <summary> /// 會話密鑰 /// </summary> public string session_key; /// <summary> /// 用戶在開放平台的唯一標識符 /// </summary> public string unionid; }
function getUserInfo() { //獲取游客具體敏感信息 wx.getUserInfo({ success: function (res) { console.log("獲取用戶信息成功-" + JSON.stringify(res)) //后續處理--解密游客具體信息 getEncrypUserInfo(res.signature, res.encryptedData, res.iv) }, fail: function (res) { console.log("獲取用戶信息失敗-" + JSON.stringify(res)) } }); }
//解密用戶數據 function getEncrypUserInfo(signature, encryptedData, iv) { wx.request({ url: webserveurl, data: { action: "getencrypuserinfo", "signature": signature, "encryptedData": encryptedData, "iv": iv, "openid": wx.getStorageSync('openid') }, success: function (res) { console.log("getEncrypUserInfo-" + JSON.stringify(res)); } }); }
/// <summary> /// 解密微信wx.getUserInfo返回的 用戶敏感數據 /// </summary> /// <param name="context"></param> /// <returns></returns> private string GetEncrypUserInfo(HttpContext context) { string openid = context.Request.Params["openid"]; string signature = context.Request.Params["signature"]; string encryptedData = context.Request.Params["encryptedData"]; string iv = context.Request.Params["iv"]; string session_key = context.Cache["session_key_" + openid] == null ? "error" : context.Cache["session_key_" + openid].ToString(); string result = AESDecrypt(encryptedData, iv, session_key); result = result.Length > 0 ? result : "{\"errcode\":\"0\",\"errmsg\":\"無效數據\"}"; return result; } /// <summary> /// AES-128-CBC對稱解密 /// </summary> /// <param name="encryptedData"></param> /// <param name="iv"></param> /// <param name="session_key"></param> /// <returns></returns> private string AESDecrypt(string encryptedData, string iv, string session_key) { string result = string.Empty; try { byte[] encryptedDataBytes = Convert.FromBase64String(encryptedData); RijndaelManaged rijndaelCipher = new RijndaelManaged(); rijndaelCipher.Key = Convert.FromBase64String(session_key); rijndaelCipher.IV = Convert.FromBase64String(iv); rijndaelCipher.Mode = CipherMode.CBC; rijndaelCipher.Padding = PaddingMode.PKCS7; ICryptoTransform transform = rijndaelCipher.CreateDecryptor(); byte[] plainText = transform.TransformFinalBlock(encryptedDataBytes, 0, encryptedDataBytes.Length); result = Encoding.UTF8.GetString(plainText); } catch (Exception e) { Log.Error("AESDecrypt-" + e.ToString()); } return result; }