java后端微信小程序登录与注册&微信登录授权
分析:
微信小程序用户表 的字段来源于微信服务器 , 必须想办法去获取到对应的用户信息
找到微信开放平台: 微信开放平台
以下是微信开放平台给出的登录流程图:
微信给出的字段值:
{"nickName": "Band","gender": 1,"language": "zh_CN","city": "Guangzhou","province": "Guangdong","country": "CN","avatarUrl": "http://wx.qlogo.cn/mmopen/vi_32/1vZvI39NWFQ9XM4LtQpFrQJ1xlgZxx3w7bQxKARol6503Iuswjjn6nIGBiaycAjAtpujxyzYsrztuuICqIM5ibXQ/0"
}
用户表需要增加phone,openId,unionId字段 , 总体如下
package com.tencent.iov.userservice.model;import lombok.AllArgsConstructor;
import lombok.Data;
import lombok.NoArgsConstructor;import javax.persistence.GeneratedValue;
import javax.persistence.GenerationType;
import javax.persistence.Id;
import java.io.Serializable;
import java.sql.Timestamp;/*** 拼车用户信息* @ Author: wangfei* @ Date : 2021/7/15 16:32* @ Version: 1.0* @author HP*/
@Data
@NoArgsConstructor
@AllArgsConstructor
public class CarpoolUser {@Id@GeneratedValue(strategy = GenerationType.IDENTITY)private Long carpoolUserId;private String openId;private String unionId;private String nickName;private String avatarUrl;private String phoneArr;private Integer gender;private String city;private String province;private String country;private String language;private Boolean carOwnerRole;private Boolean passengerRole;private Timestamp registerTime;private Timestamp createTime;private Timestamp updateTime;private Integer status;
}
mysql 建表语句
CREATE TABLE `carpool_user` (`carpool_user_id` bigint(14) NOT NULL AUTO_INCREMENT COMMENT '拼车用户主键ID',`open_id` varchar(64) NOT NULL COMMENT '小程序平台用户标识',`union_id` varchar(64) NOT NULL DEFAULT '' COMMENT '第三方平台用户统一标识',`nick_name` varchar(100) DEFAULT NULL COMMENT '用户在平台上的昵称',`avatar_url` varchar(200) DEFAULT '' COMMENT '用户头像',`phone_arr` varchar(60) DEFAULT NULL COMMENT '联系电话,保留三个',`gender` tinyint(1) DEFAULT '0' COMMENT '用户的性别,1:男性 2:女性 0:未知',`city` varchar(16) DEFAULT '' COMMENT '用户所在城市',`province` varchar(16) DEFAULT '' COMMENT '用户所在省份',`country` varchar(50) DEFAULT '' COMMENT '用户所在国家',`language` varchar(50) DEFAULT '' COMMENT '用户的语言',`car_owner_role` tinyint(1) DEFAULT '0' COMMENT '车主身份,0否 1是',`passenger_role` tinyint(1) DEFAULT '0' COMMENT '乘客身份,0否 1是',`register_time` datetime(3) DEFAULT CURRENT_TIMESTAMP(3) COMMENT '注册时间',`create_time` datetime(3) DEFAULT CURRENT_TIMESTAMP(3) COMMENT '创建时间',`update_time` datetime(3) DEFAULT CURRENT_TIMESTAMP(3) ON UPDATE CURRENT_TIMESTAMP(3) COMMENT '更新时间',`status` tinyint(1) DEFAULT '1' COMMENT '用户的状态 -1. 注销 1. 正常 2.限制',PRIMARY KEY (`carpool_user_id`) USING BTREE,UNIQUE KEY `UQ_OPEN_ID` (`open_id`) USING BTREE,KEY `NQ_PHONE` (`phone_arr`) USING BTREE,KEY `NQ_NICK_NAME` (`nick_name`) USING BTREE
) ENGINE=InnoDB AUTO_INCREMENT=288152851 DEFAULT CHARSET=utf8mb4 ROW_FORMAT=DYNAMIC COMMENT='拼车用户表';
- 微信小程序登录
登录逻辑: 通过code获取openId和session_key, 把openId和session_key缓存在redis中, 因为code只能使用一次, 避免重复获取openId与session_key , 根据openId查询数据库是否有用户存在, 不存在需要返回错误码通知前端 , 进行用户信息授权, 调用绑定接口进行解密,创建用户基础信息,自定义登录态(生成token).
实现代码
@Overridepublic BaseResponse<GroupMinLoginResponse> handleGroupMinLogin(GroupMinBindRequest request) throws Exception {String code = request.getCode();AssertUtil.isTrue(OpenTypeEnum.isCarpoolMinProgram(request.getOpenType()), AccountResultEnum.EXCEPTION);OpenTypeEnum openType = OpenTypeEnum.CARPOOL_MIN_PROGRAM;String encryptedUserData = request.getEncryptedUserData();String userIV = request.getUserIV();// code只能使用一次 , 先从缓存获取openId和session_keyOptional<OpenAuthInfo> openAuthInfoOpt = this.getOpenAuthInfoFromCache(code);Optional<AccessTokenResponse> accessTokenOpt =openAuthInfoOpt.map(openAuthInfo -> Optional.ofNullable(openAuthInfo.getAccessTokenInfo())).orElseGet(() -> openLoginHelper.getAccessToken(openType, code));AssertUtil.isTrue(accessTokenOpt.isPresent(), AccountResultEnum.OPEN_AUTH_FAILURE);AccessTokenResponse accessToken = accessTokenOpt.get();String openId = accessToken.getOpenId();// 由于code只能使用一次 , 获取之后保存到redis中this.saveOpenAuthInfoToCache(code, accessToken, null);// 根据openId查询是否存在 carpoolUser用户Optional<QueryCarpoolUserResponse> carpoolUserResponseOpt = userServiceGateway.queryCarpoolUser(openId);// 未绑定用户账号, 返回错误码提示小程序端调起授权页面if (!carpoolUserResponseOpt.isPresent()) {return ResponseUtils.fail(AccountResultEnum.NEED_MINI_PROGRAM_PHONEINFO_USERINFO);}QueryCarpoolUserResponse user = carpoolUserResponseOpt.get();//账号被限制boolean isLimit = UserStatusEnum.isLimit(user.getStatus());AssertUtil.isFalse(isLimit, AccountResultEnum.ACCOUNT_STATUS_INVALID);//账号已注销boolean isDelete = UserStatusEnum.isDelete(user.getStatus());AssertUtil.isFalse(isDelete, AccountResultEnum.ACCOUNT_DELETED);GroupMinLoginResponse response = new GroupMinLoginResponse();// 当用户修改昵称和头像后更新用户信息Optional<OpenUserInfoResponse> openUserInfoOpt = openLoginHelper.decryptMiniProgramUserData(encryptedUserData, userIV, new OpenAuthInfo(accessToken, null));OpenUserInfoResponse openUser = null;if (openUserInfoOpt.isPresent()) {openUser = openUserInfoOpt.get();}AssertUtil.isTrue(Objects.nonNull(openUser), AccountResultEnum.BIND_OPEN_AUTH_FAILURE);BeanUtils.copyProperties(openUser, user);long userCarpoolId = user.getCarpoolUserId();String token = loginResultUtils.generateAndSaveToken(userCarpoolId, UserTypeEnum.USER, null, openId, openType.value, request.getPlatform(), openId);BeanUtils.copyProperties(user, response);response.setIsRegister(false);response.setOpenId(openId);response.setToken(token);// 登录日志this.saveLoginLogInfo(user, openType.value);// 更新用户信息UpdateCarpoolUserRequest updateCarpoolUserRequest = new UpdateCarpoolUserRequest();BeanUtils.copyProperties(user, updateCarpoolUserRequest);userServiceGateway.updateCarpoolUser(updateCarpoolUserRequest);return ResponseUtils.success(response);}
其中有些代码是根据自身情况加的, 微信小程序 api 的请求方式,以及redis的保存的方式啥的就不放出来了 , 自己去看文档
解密工具类
//
// Source code recreated from a .class file by IntelliJ IDEA
// (powered by Fernflower decompiler)
//package com.tencent.iov.parent.utils;import java.nio.ByteBuffer;
import java.nio.charset.Charset;
import java.security.InvalidAlgorithmParameterException;
import java.security.InvalidKeyException;
import java.security.Key;
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
import java.security.Security;
import javax.crypto.BadPaddingException;
import javax.crypto.Cipher;
import javax.crypto.IllegalBlockSizeException;
import javax.crypto.NoSuchPaddingException;
import javax.crypto.spec.GCMParameterSpec;
import javax.crypto.spec.IvParameterSpec;
import javax.crypto.spec.SecretKeySpec;
import org.apache.commons.codec.binary.Base64;
import org.bouncycastle.jce.provider.BouncyCastleProvider;
import org.springframework.security.crypto.codec.Utf8;public class AesUtils {private static final String DEFAULT_CIPHER_ALGORITHM = "AES/GCM/NoPadding";private static final String AES_CBC_PKCS5PADDING = "AES/CBC/PKCS5Padding";private static final String KEY_ALGORITHM = "AES";public AesUtils() {}public static byte[] encrypt(byte[] data, byte[] key) throws NoSuchPaddingException, NoSuchAlgorithmException, NoSuchProviderException, InvalidAlgorithmParameterException, InvalidKeyException, BadPaddingException, IllegalBlockSizeException {Cipher cipher = Cipher.getInstance("AES/GCM/NoPadding", "BC");byte[] iv = new byte[key.length];CommonUtils.SECURE_RANDOM.nextBytes(iv);GCMParameterSpec spec = new GCMParameterSpec(128, iv);cipher.init(1, toKey(key), spec);byte[] cipherText = cipher.doFinal(data);ByteBuffer byteBuffer = ByteBuffer.allocate(4 + iv.length + cipherText.length);byteBuffer.putInt(iv.length);byteBuffer.put(iv);byteBuffer.put(cipherText);return byteBuffer.array();}public static byte[] decrypt(byte[] data, byte[] key) throws BadPaddingException, IllegalBlockSizeException, InvalidAlgorithmParameterException, InvalidKeyException, NoSuchPaddingException, NoSuchAlgorithmException, NoSuchProviderException {ByteBuffer byteBuffer = ByteBuffer.wrap(data);int ivLength = byteBuffer.getInt();byte[] iv = new byte[ivLength];byteBuffer.get(iv);byte[] cipherText = new byte[byteBuffer.remaining()];byteBuffer.get(cipherText);Cipher cipher = Cipher.getInstance("AES/GCM/NoPadding", "BC");cipher.init(2, toKey(key), new GCMParameterSpec(128, iv));return cipher.doFinal(cipherText);}public static byte[] decrypt(String encryptedData, String secretKey, String iv, String algorithm) throws BadPaddingException, IllegalBlockSizeException, InvalidAlgorithmParameterException, InvalidKeyException, NoSuchPaddingException, NoSuchAlgorithmException, NoSuchProviderException {byte[] aesKey = Base64.decodeBase64(secretKey);byte[] aesIV = Base64.decodeBase64(iv);byte[] aesCipher = Base64.decodeBase64(encryptedData);Cipher cipher = Cipher.getInstance(algorithm, "BC");cipher.init(2, toKey(aesKey), new IvParameterSpec(aesIV));return cipher.doFinal(aesCipher);}public static String encryptCBC(String plainText, String key, final byte[] IV) throws Exception {byte[] keyByte = key.getBytes("UTF-8");byte[] plainTextByte = plainText.getBytes("UTF-8");byte[] cipherText = encryptCBC(plainTextByte, keyByte, IV);String cipherTextStr = Base64.encodeBase64String(cipherText);return cipherTextStr;}public static String decryptCBC(String cipherText, String key, final byte[] IV) throws Exception {byte[] cipherTextByte = Base64.decodeBase64(cipherText);byte[] keyByte = key.getBytes("UTF-8");byte[] plainTextByte = decryptCBC(cipherTextByte, keyByte, IV);String plainText = Utf8.decode(plainTextByte);return plainText;}public static byte[] encryptCBC(byte[] plainText, byte[] key, final byte[] IV) throws Exception {Cipher cipher = Cipher.getInstance("AES/CBC/PKCS5Padding");Key keySpec = toKey(key);IvParameterSpec ivSpec = new IvParameterSpec(IV);cipher.init(1, keySpec, ivSpec);byte[] cipherText = cipher.doFinal(plainText);return cipherText;}public static byte[] decryptCBC(byte[] cipherText, byte[] key, final byte[] IV) throws Exception {Cipher cipher = Cipher.getInstance("AES/CBC/PKCS5Padding");Key keySpec = toKey(key);IvParameterSpec ivSpec = new IvParameterSpec(IV);cipher.init(2, keySpec, ivSpec);byte[] plainText = cipher.doFinal(cipherText);return plainText;}private static Key toKey(byte[] key) {return new SecretKeySpec(key, "AES");}public static String encrypt(String plainText, String key, String iv) throws Exception {Cipher cipher = Cipher.getInstance("AES/GCM/NoPadding", "BC");GCMParameterSpec spec = new GCMParameterSpec(128, iv.getBytes(Charset.forName("UTF-8")));cipher.init(1, toKey(key.getBytes()), spec);byte[] cipherText = cipher.doFinal(plainText.getBytes());String cipherTextStr = Base64.encodeBase64String(cipherText);return cipherTextStr;}public static String decrypt(String cipherText, String key, String iv) throws Exception {byte[] cipherTextByte = Base64.decodeBase64(cipherText);byte[] keyByte = key.getBytes("UTF-8");Cipher cipher = Cipher.getInstance("AES/GCM/NoPadding", "BC");cipher.init(2, toKey(keyByte), new GCMParameterSpec(128, iv.getBytes(Charset.forName("UTF-8"))));byte[] plainTextByte = cipher.doFinal(cipherTextByte);String plainText = Utf8.decode(plainTextByte);return plainText;}static {Security.addProvider(new BouncyCastleProvider());}
}
- 微信小程序绑定
绑定实现方式
@Overridepublic BaseResponse<GroupMinBindResponse> handleGroupMinBind(GroupMinBindRequest req) throws Exception {String authorizeCode = req.getCode();AssertUtil.isTrue(OpenTypeEnum.isCarpoolMinProgram(req.getOpenType()), AccountResultEnum.EXCEPTION);OpenTypeEnum openType = OpenTypeEnum.CARPOOL_MIN_PROGRAM;String userIV = req.getUserIV();String encryptedUserData = req.getEncryptedUserData();// 获取缓存的互联相关信息Optional<OpenAuthInfo> openAuthInfoOpt = this.getOpenAuthInfoFromCache(authorizeCode);OpenAuthInfo openAuthInfo = null;if (openAuthInfoOpt.isPresent()) {openAuthInfo = openAuthInfoOpt.get();}AssertUtil.isTrue(Objects.nonNull(openAuthInfo), AccountResultEnum.BIND_OPEN_AUTH_FAILURE);AccessTokenResponse accessToken = openAuthInfo.getAccessTokenInfo();String openId = accessToken.getOpenId();// 解密小程序信息Optional<OpenUserInfoResponse> openUserInfoResponse = openLoginHelper.decryptMiniProgramUserData(encryptedUserData, userIV, openAuthInfo);OpenUserInfoResponse openUser = null;if (openUserInfoResponse.isPresent()) {openUser = openUserInfoResponse.get();}AssertUtil.isTrue(Objects.nonNull(openUser), AccountResultEnum.BIND_OPEN_AUTH_FAILURE);// 根据openId查询用户是否存在Optional<QueryCarpoolUserResponse> carpoolUserResponseOpt = userServiceGateway.queryCarpoolUser(openId);GroupMinBindResponse groupMinBindResponse = new GroupMinBindResponse();if (carpoolUserResponseOpt.isPresent()) {// 存在则修改QueryCarpoolUserResponse queryCarpoolUserResponse = carpoolUserResponseOpt.get();//账号被限制boolean isLimit = UserStatusEnum.isLimit(queryCarpoolUserResponse.getStatus());AssertUtil.isFalse(isLimit, AccountResultEnum.ACCOUNT_STATUS_INVALID);//账号已注销boolean isDelete = UserStatusEnum.isDelete(queryCarpoolUserResponse.getStatus());AssertUtil.isFalse(isDelete, AccountResultEnum.ACCOUNT_DELETED);UpdateCarpoolUserRequest updateCarpoolUserRequest = new UpdateCarpoolUserRequest();BeanUtils.copyProperties(queryCarpoolUserResponse, updateCarpoolUserRequest);BeanUtils.copyProperties(openUser, updateCarpoolUserRequest);Boolean aBoolean = userServiceGateway.updateCarpoolUser(updateCarpoolUserRequest);if (aBoolean) {long userCarpoolId = queryCarpoolUserResponse.getCarpoolUserId();String token = loginResultUtils.generateAndSaveToken(userCarpoolId, UserTypeEnum.USER, null, openId,openType.value, req.getPlatform(), openId);BeanUtils.copyProperties(queryCarpoolUserResponse, groupMinBindResponse);groupMinBindResponse.setIsRegister(false);groupMinBindResponse.setToken(token);// 登录日志this.saveLoginLogInfo(queryCarpoolUserResponse, openType.value);return ResponseUtils.success(groupMinBindResponse);}} else {// 不存在创建CreateCarpoolUserRequest createCarpoolUserRequest = new CreateCarpoolUserRequest();BeanUtils.copyProperties(openUser, createCarpoolUserRequest);createCarpoolUserRequest.setStatus(1);createCarpoolUserRequest.setUnionId(Optional.ofNullable(openUser.getUnionId()).orElse(accessToken.getUnionId()));createCarpoolUserRequest.setOpenId(Optional.ofNullable(openUser.getOpenId()).orElse(openId));Optional<CreateCarpoolUserResponse> createCarpoolUserResponseOpt = userServiceGateway.createCarpoolUser(createCarpoolUserRequest);if (createCarpoolUserResponseOpt.isPresent()) {CreateCarpoolUserResponse carpoolUser = createCarpoolUserResponseOpt.get();BeanUtils.copyProperties(carpoolUser, groupMinBindResponse);long userCarpoolId = carpoolUser.getCarpoolUserId();String token = loginResultUtils.generateAndSaveToken(userCarpoolId, UserTypeEnum.USER, null, openId,openType.value, req.getPlatform(), openId);BeanUtils.copyProperties(carpoolUser, groupMinBindResponse);groupMinBindResponse.setIsRegister(false);groupMinBindResponse.setToken(token);// 登录日志this.saveLoginLogInfo(carpoolUser, openType.value);return ResponseUtils.success(groupMinBindResponse);}}return ResponseUtils.fail(AccountResultEnum.BIND_OPEN_AUTH_FAILURE);}
其中可能会有一些解密失败的问题, 可以找前端一起商量, 百度自行解决
