Key words: wechat mini program wechat development mini program login silent authorization user active authorization mobile phone number AppID UnionID OpenID Original ID

background

Recently in the actual business, in order to cooperate with product colleagues to optimize the login process of small program, but also through wechat authorized login + mobile phone number authorization to automatically create a business account in line with the basic user service system. This reduces the link cost for users.

In the communication process, it is necessary to find out how to achieve silent authorization, how to achieve active authorization, how to obtain the mobile phone number, what is the UnionID of the small program and so on derived problem concepts, access methods, use scenarios.

Therefore, after consulting the official documents of micro channel small program and the articles of peers on the network, I have summarized the various IDS related to micro channel small program login, as well as the simple process of authorization and login.

directory

  • UnionID
  • AppID
  • OpenID
  • The original ID
  • Login and Authorization

UnionID

  • What is the UnionID

    • If the developer has multiple mobile applications, website applications and public accounts (including small programs), the uniqueness of the user can be distinguished by UnionID, because as long as the mobile applications, website applications and public accounts (including small programs) under the same wechat open platform account, the user’s UnionID is unique. In other words, the same user, different applications under the same wechat open platform, UnionID is the same.
  • How do I get the UnionID

    • Need to bind developer account applet, otherwise can not get UnionID
    • Call interfacewx.getUserInfoTo get the UnionID from the decrypted data. Notice This interface requires user authorization. The developer should properly handle the situation when the user refuses authorization. (bywx.getUserInfo, the business interface needs to do the corresponding decryption processing, pure small program front end can not handle)
    • If the developer account has a public account of the same subject, and the user has followed the public account. Developers can just go throughwx.login + code2SessionThe user name is obtainedUnionID, without user re-authorization. (code2SessionCall the interface for the server)
    • After the user completes the payment in the mini program (currently does not support the mini game), the developer can directly throughgetPaidUnionIdOf the interface to obtain the userUnionIDUser authorization is not required. Note: this interface is only valid within 5 minutes after the user completes the payment, please handle it properly.
    • When the small program invokes the cloud function, if there is a public account of the same subject under the developer account and the user has paid attention to the public account, the user can pass the cloud functioncloud.getWXContextTo obtainUnionID.
    • When the applet side calls the cloud function, if the developer account has a public account or mobile application of the same subject, and the user has been authorized to log in to the public account or mobile application, the user can also pass the cloud functioncloud.getWXContextTo obtainUnionID.
  • Application Suggestions

    • Through the unique relationship between the UnionID and the development platform, we can associate the relevant requirements of the unique user in the unified user system for the same UnionID.
    • The use of UnionID can accurately help the brand screen, public number matrix at the same time pay attention to multiple public number of loyal fans. Let the brand better understand the connection between the accounts in the matrix of public accounts, and carry out the linkage and communication between multiple public accounts.

AppID

  • What is the AppID

    • AppID is the ID number of the mini program and the mini program ID on the wechat public platform. With it, the wechat client can determine the “identity” of your mini program and use the advanced interface provided by wechat.
  • How do I get an AppID

    • General method: small program background view
      • Computer terminal, wechat public platform (mp.weixin.qq.com/) to log in the small program account
      • Enter the small program background – “development” – “Development Settings” to view

      • Or enter the mini program background – “Settings” – “Basic Settings” – “Account Information”

    • Simple method: view applets information
      • Mobile phone end, in the micro channel small program search the small program name
      • As shown in the figure

    • Mysterious method: know small program name
      • Computer side, in the wechat public number article editing background, select insert small program
      • Support to insert any small program, suitable for batch view small program appID, quick operation (after entering the small program name, click the small program name again)
      • As shown in the figure

    • Whether you are small program developers, ordinary users, or public number operators, the above 3 methods can be used.
  • AppSecret

    • What is AppSecret: a small program unique credential key that is used in conjunction with AppID
    • How to obtain: Refer to the general method of how to obtain the AppID, in the background of the small program view
  • Application Suggestions

    • When implementing the login process of small programs, AppID + AppSecret is used as the input parameter to obtain user information from the Server service of the business side
    • AppSecret needs to be secured to avoid leakage
    • In the API interaction between the Server service of the business side and wechat open platform, AppID + AppSecret is used as the input parameter for communication in most cases, such as push and other business scenarios

OpenID

  • What is the OpenID

    • OpenID is the unique identity of the user in the applet. Every user must have one. The OpenID of the same user in different applets is different.
  • How do I obtain OpenID

    • Call wx.login() to get the temporary code
    • Send the obtained code to the background for OpenID
  • Application Suggestions

    • Use OpenID as a simple unique user id, and you can also use it to associate with the business user system
    • Some need to call OpenID as the input parameter wechat interface needs to be used

The original ID

  • What is a primitive ID

    • The unique number assigned by the wechat applets platform when applying for the program
  • How do I get the original ID

    • See how to get an AppID, the normal way, the easy way
  • Application Suggestions

    • Small program retrieval, cancellation, etc
    • Interaction between wechat development platform and applets (such as App opening applets)

Login and Authorization

  • Instructions for login and authorization

    • In wechat mini program, login and authorization are two completely independent things. Login only obtains the code generated by the user using the small program at this time through wx.login, and obtains the unique identity of the user through auth.code2Session through the code sent by the Server.
    • In authorization mode, wx.getUserInfo is used to obtain the user’s wechat information, and the returned encrypted data, such as VI, can be sent to the Server for decryption and storage or verification of the user’s wechat information.
    • Login has nothing to do with authorization
  • The login

    • Micro-program login: Micro-program can easily obtain the user identification provided by wechat through the login capability provided by wechat official, and quickly establish the user system within the micro-program.
    • Logon process timing

    • instructions
      • Call wx.login() to get the temporary login credential code and pass it back to the developer server.
      • Code2Session interface is called to obtain the user’s unique identification of OpenID and session key session_key.
      • After that, the developer server can generate a custom login state based on the user id, which is used to identify the user identity during the interaction between the front and back ends in the subsequent business logic.
    • Pay attention to
      • Session key session_key is the key for encrypting and signing user data. For the sake of the application’s own data security, the developer server should not send the session key to the applets, nor should it be provided externally.
      • Temporary login credential code can only be used once
  • User Information Authorization

    • Wechat applets user information authorization
      • callwx.getUserInfo
      • The need tobuttonSet up theopen-type="getUserInfo"The properties of the
      • Pass the data used for encryption to the server, such asrawData signature encryptedData iv
    • The server decrypts user authorization data
      • Will small program business side throughwx.getUserInfoObtain encrypted data for decryption
      • Combined with existing business users, create new users or complete wechat account related information for existing users
  • Mobile Phone Number Authorization

    • access
      • To obtain the mobile phone number bound to a wechat user, callwx.loginInterface.
      • Because users need to initiate the active trigger to get the phone number interface, so this function is not called by API, need to usebuttonComponent’s click to trigger.
      • You need tobuttoncomponentopen-typeIs set togetPhoneNumberWhen the user clicks and agrees, the user can passbindgetphonenumberThe event callback retrieves the encrypted data returned by the wechat server and then combines it with the third-party serversession_keyAs well asapp_idDecrypt it to get the phone number.
    • Matters needing attention
      • Currently, the interface is for non-individual developers and has completed the opening of certified applets (excluding overseas entities). Use it with caution. If users report too much or are found to use it in unnecessary situations, wechat has the right to permanently reclaim the interface permission of the mini program.
      • Called in a callbackwx.loginLogin, may refresh the login state. At this point, the server usescodeIn return for thesessionKeyIt’s not for encryptionsessionKey“, causing decryption failure. Developers are advised to do this ahead of timelogin; Or use it first in a callbackcheckSessionPerform login status check to avoidloginRefresh the login state.
  • Application Suggestions

    • Note that login is not necessarily related to authorization
    • After the loginOpenIDYes need to be obtained through the server to call the wechat interface
    • A service can create a service user based on the combination of the authorized user information and the authorized mobile phone number

gossip

  • Silent authorization: Silent authorization is often provided by invoking appletswx.loginIn return forcodeAfter obtaining the userOpenIDAnd other business-related information, so what we often call silent authorization is actually not actively invoking user information authorization.
  • At this point, in view of the micro channel small program login related front-end knowledge content, the basic combing has been completed, but also achieved in business development, as the front-end development of small program login basic knowledge combing and summary.
  • This paper mainly combs the meaning of ID related to wechat small program, and the corresponding use scenarios summarized in my work.
  • At the same time, according to the actual application scenario, it is determined that there is no necessary connection between login and authorization.
  • With business as a reference, it is also sorted out that in practical applications, wechat user information authorization + mobile phone number authorization can be used to create a registration process in line with business user system.
  • With the development of small programs, this paper is bound to have a certain timeliness. For specific real-time content, please refer to the official documents of small programs on wechat public platform.

Data reference

  • UnionID mechanism that developers.weixin.qq.com/miniprogram…
  • How do I get the AppID of a small program? zhuanlan.zhihu.com/p/61511399
  • Zhuanlan.zhihu.com/p/34097989 WeChat UnionID application cases
  • To obtain the OpenID developers.weixin.qq.com/doc/aispeec…
  • Small application login developers.weixin.qq.com/miniprogram…
  • Small program for mobile phone number developers.weixin.qq.com/miniprogram…
  • The server to get open data developers.weixin.qq.com/miniprogram…

Browse creative Commons license agreements



This work adoptsCreative Commons Attribution – Same way share 4.0 International LicenseGrant permission.