前言
微信相關配置請參考 微信公眾平臺 的這篇文章。注意授權回調域名一定要修改正確。
微信網頁授權是通過OAuth2.0機制實現的,所以我們可以使用 https://github.com/china-live/QQConnect 這個開源項目提供的中間件來實現微信第三方登錄的流程。
開發流程
1、新建一個.net core webapi 項目。在NuGet中查找并安裝 AspNetCore.Authentication.WeChat 包。
2、修改 appsettings.json 配置文件,增加以下配置:
"Authentication": {
"WeChat": {
"AppId": "微信AppID",
"AppSecret": "微信AppSecret"
}
},
"Logging": {
"LogLevel": {
"Default": "Debug", //日志級別從低到高,依次為:Debug,Information,Warning,Error,None
"Microsoft.EntityFrameworkCore": "Error",
"System": "Error"
}
}
3、修改 Startup
services.AddSingleton<IHttpContextAccessor, HttpContextAccessor>();
services.AddAuthentication()
.AddWeChat(wechatOptions =>
{
wechatOptions.AppId = Configuration["Authentication:WeChat:AppId"];
wechatOptions.AppSecret = Configuration["Authentication:WeChat:AppSecret"];
wechatOptions.UseCachedStateDataFormat = true;
});
4、新增 AccountController
[Route("api/[controller]")]
[ApiController]
public class AccountController : ControllerBase
{
private const string LoginProviderKey = "LoginProvider";
private const string Provider_WeChat = "WeChat";
private readonly ILogger _logger;
private readonly IHttpContextAccessor _contextAccessor;
public AccountController(ILogger<AccountController> logger,
IHttpContextAccessor contextAccessor)
{
_logger = logger;
_contextAccessor = contextAccessor;
}
/// <summary>
/// 微信登錄
/// </summary>
/// <param name="redirectUrl">授權成功后的跳轉地址</param>
/// <returns></returns>
[HttpGet("LoginByWeChat")]
public IActionResult LoginByWeChat(string redirectUrl)
{
var request = _contextAccessor.HttpContext.Request;
var url = $"{request.Scheme}://{request.Host}{request.PathBase}{request.Path}Callback?provider={Provider_WeChat}&redirectUrl={redirectUrl}";
var properties = new AuthenticationProperties { RedirectUri = url };
properties.Items[LoginProviderKey] = Provider_WeChat;
return Challenge(properties, Provider_WeChat);
}
/// <summary>
/// 微信授權成功后自動回調的地址
/// </summary>
/// <param name="provider"></param>
/// <param name="redirectUrl">授權成功后的跳轉地址</param>
/// <returns></returns>
[HttpGet("LoginByWeChatCallback")]
public async Task<IActionResult> LoginByWeChatCallbackAsync(string provider = null, string redirectUrl = "")
{
var authenticateResult = await _contextAccessor.HttpContext.AuthenticateAsync(provider);
if (!authenticateResult.Succeeded) return Redirect(redirectUrl);
var openIdClaim = authenticateResult.Principal.FindFirst(ClaimTypes.NameIdentifier);
if (openIdClaim == null || openIdClaim.Value.IsNullOrWhiteSpace())
return Redirect(redirectUrl);
//TODO 記錄授權成功后的微信信息
var city = authenticateResult.Principal.FindFirst("urn:wechat:city")?.Value;
var country = authenticateResult.Principal.FindFirst(ClaimTypes.Country)?.Value;
var headimgurl = authenticateResult.Principal.FindFirst(ClaimTypes.Uri)?.Value;
var nickName = authenticateResult.Principal.FindFirst(ClaimTypes.Name)?.Value;
var openId = authenticateResult.Principal.FindFirst(ClaimTypes.NameIdentifier)?.Value;
var privilege = authenticateResult.Principal.FindFirst("urn:wechat:privilege")?.Value;
var province = authenticateResult.Principal.FindFirst("urn:wechat:province")?.Value;
var sexClaim = authenticateResult.Principal.FindFirst(ClaimTypes.Gender);
int sex = 0;
if (sexClaim != null && !sexClaim.Value.IsNullOrWhiteSpace())
sex = int.Parse(sexClaim.Value);
var unionId = authenticateResult.Principal.FindFirst("urn:wechat:unionid")?.Value;
_logger.LogDebug($"WeChat Info=> openId: {openId},nickName: {nickName}");
return Redirect($"{redirectUrl}?openId={openIdClaim.Value}");
}
}
5、將網站發布到外網,請求https://你的授權域名/api/account/LoginByWeChat?redirectUrl=授權成功后要跳轉的頁面即可調起微信授權頁面。
注意
微信授權必須使用https
微信開放平臺和微信公眾平臺都有提供網站用微信登錄的接口,前者適用于任何網站,后者只適用于微信服務號的內嵌網站。
本篇相關源碼地址:https://github.com/ren8179/QrF.OAuth.WeChat/tree/master
