Company business development, recently completed the development of a micro channel small program. The scenario is as follows: Under the same wechat open platform, there are apps and wechat applets with the same subject to complete the same business. When entering the APP or wechat applets, the user must obtain the unionID of the user to confirm the current user identity and complete the login. The API of small program “get user information” (getUserInfo) has been updated greatly compared with before, and it is very important to implement user authorization and login gracefully. The following is my realization idea and summary of the relevant process of wechat small program authorization and login in the development, which is shared as follows.

I. Timing of wechat mini program login process

Description:

  1. The applet calls wx.login() to get the temporary login credential code, which is passed back to the developer server
  2. The developer server trades code for the user’s unique openID and session key session_key.
  3. Temporary login credential code can only be used once

Openid is what?

After message interaction between the follower and the public account, the public account can obtain the follower’s OpenID (encrypted wechat signal, and each user’s OpenID of each public account is unique. For different public accounts, the openID of the same user is different. — Developer documents of wechat public platform

  • Common user id, unique to the current public account
  • Different public accounts, the same user, openID is different

You can easily interpret it as

openid = hash(uid + app_id)
Copy the code

What is unionID?

If the developer has multiple mobile applications, website applications, and public accounts (including small programs), the uniqueness of the user can be distinguished by unionID, because as long as it is the same wechat open platform account under the mobile application, website applications and public accounts (including small programs), the user’s UnionID is unique. In other words, the same user, different applications under the same wechat open platform, unionID is the same. UnionID Mechanism description

If a developer needs a unified user account between multiple mobile applications, website applications and public accounts, and needs to go to wechat open platform (open.weixin.qq.com) to bind the public account, the UnionID mechanism can be used to meet the above requirements.

  • One wechat open platform account can have multiple mobile applications, website applications, public accounts and mini programs
  • As long as it is a mobile application, website application and public account (including mini program) under the same wechat open platform account, the user’s UnionID is unique.

The unique identifier of the user on the open platform

You can simply say:

unionid = hash(UID + Open platform ID)Copy the code

To sum up, wechat has a unique openId for different users in different applications, but in order to determine whether the user is the same user, it needs to rely on unionID to distinguish. Generally their own background will have its own user table, each user has a different userID. In other words, the same user’s application of the same subject under the same wechat open platform corresponds to the same userID, unionID and different OpenID. Therefore, when the user logs in, we can only rely on the unionID returned to us by wechat to determine whether it is the same user, and then associate our user table to get the corresponding userID.

Two, how to get unionID wechat small program?

Bound to the developer account of the small program, you can obtain UnionID through the following three ways.

  1. Call the interface wx.getUserInfo to get the UnionID from the decrypted data. Notice This interface requires user authorization. The developer should properly handle the situation when the user refuses authorization.
  2. If the developer account has a public account of the same subject, and the user has followed the public account. The developer can directly obtain the UnionID of the user through wx.login without user re-authorization.
  3. If the developer account has a public account or mobile application of the same subject, and the user has been authorized to log in to the public account or mobile application. The developer can also directly obtain the UnionID of the user through wx.login without user re-authorization.

When a user meets conditions 2 and 3, the developer can directly get the user’s unionID via wx.login, otherwise the user must call interface wx.getUserInfo. The extra care is to properly handle the user’s denial of authorization.

Login best practices

  1. Call wx.login to get the code.
  2. Use wx.getSetting to get the user’s authorization status
    • If the user has been authorized, call API wx.getUserInfo to get the latest information about the user.
    • If the user is not authorized, a button is displayed on the interface to prompt the user to log in. When the user clicks and authorizes the user, the latest information of the user will be obtained.
  3. The obtained user data is passed to the back end along with the code returned by wx.login

Encapsulation ajax ()

In real business scenarios, we hope that the user enters small programs, without login can browse commodity, for small programs have a basic cognitive, don’t directly pop-up asks the user authorization, otherwise it will interfere with the user, lead to the loss of new users, when the user needs to use some advanced features and scene, this time again to ask the user authorization, This will greatly increase the chances of user authorization. Encapsulate the logic of the login with the Ajax flow:

The meaning of encapsulation is no longer concerned with whether the current interface needs to be logged in, whether the user is authorized, all requests are directly called ajax(), and all logins and authorization processes are completed when necessary. The small application entry page increases, when the business expands, you just need to focus on the business implementation.

The resources

  • Small program • Short story (4) — Get user information
  • Get basic user information (UnionID mechanism)
  • UnionID Mechanism description