Record the login authorization process of the public account for the first time
The user enters the public account for the first time
Step 1: Direct the user to the authorization page
After entering the h5 page of the official account, the user will send a request to obtain some wechat signatures (appID, Signature, etc.) of the official account of wechat.
The logic of the company now is to determine whether to log in or not by the interface, so when the user browsing the page has a request interface to log in. The back end returns a link, which is the authorized link
https://open.weixin.qq.com/connect/oauth2/authorize?appid=wx2jeljwe34324&redirect_uri=https%3A%2F%2Fmanual.fdaf.com%2F%23%2Fwe ixinloginback%3FreturnUrl%3Dhttps%253A%252F%252Fmanualtes.fdf.com%252F%2523%252Fhome%252Fuser&response_type=code&scope=s nsapi_userinfo&state=snsapi_userinfo&connect_redirect=1#wechat_redirect
Copy the codeThe scope we use uses snsapi_userinfo instead of silently authorized snsapi_base, so user manual authorization is required.
Step 2: Get the access_token with code
When the user clicks on the authorization page, an empty page is redirected using the redirect_URI parameter. The main function of this empty page is to send requests for access_token and refresh_token, openId, etc. But if this is a new user, we’re going to tell him to go to the login page, log in and save his information to the database.
The user has been authorized to log in
When a user has already been authorized, it will not be reauthorized. Because the Access_token is time-sensitive, the access_token is deleted within two hours and refreshed by refresh_token to obtain the access_token again.
Refresh_token is valid for 30 days, after which the user needs to re-authorize