对于一个从前端转到后端的开发人员来说,这个玩意儿开始的时候是有点郁闷;不过明白原理之后就简单了,
获取jsapi_ticket;必须先获取access_token;
微信开发文档说access_token的有效时间是7200秒(两小时);
但没有说过期后怎么办,这里的access_token容易和网页授权的access_token搞混;
后者有刷新地址,前者没有,那怎么办呢,听好了,过期后重新获取;
一般做网站开发,必须把access_token和jsapi_ticket存到服务器,并且根据过期时间定期更新,这个后期再说;
现在主要实验,获取jsapi_ticket,并生成前端页面需要注入的数据,从而使前端页面使用js-sdk的权限;
这里有一个容易忽视的小tips,微信前面要求设置js安全域名时,填入的是域名而不是utl;
nodejs为前端页面提供jsapi_ticket的代码实现如下;
从第43行开始;
1 var express = require(\'express\'); 2 var cookieParser = require(\'cookie-parser\'); 3 var bodyParser = require(\'body-parser\'); 4 var OAuth = require(\'wechat-oauth\'); 5 var request = require(\'request\'); 6 var sha1 = require(\'sha1\'); 7 var path = require(\'path\'); 8 var app = express(); 9 app.use(bodyParser.json()); 10 app.use(bodyParser.urlencoded({ extended: false })); 11 app.use(cookieParser()); 12 app.use(express.static(\'public\')); 13 var port = 18080; 14 var appid = \'wx75340481908402a8\'; 15 var appsecret = \'2b6ee0cbeec0114eb539e68ba356329b\'; 16 17 //首先拼接url 18 var url = "https://open.weixin.qq.com/connect/oauth2/authorize?appid=wx75340481908402a8&redirect_uri=http%3a%2f%2fwechatapp1.duapp.com%2fcallback&response_type=code&scope=snsapi_userinfo&state=STATE#wechat_redirect" 19 app.get(\'/test\',function(req,res){ 20 res.redirect(url); 21 }); 22 //四步请求打法; 23 //第一步:获得code; 24 app.get(\'/callback\',function(req,res){ 25 var code = req.query.code; 26 var url = \'https://api.weixin.qq.com/sns/oauth2/access_token?appid=\' + appid + \'&secret=\' + appsecret + \'&code=\' + code + \'&grant_type=authorization_code\'; 27 //第二步:获得token 28 request.get(url,function(err,response,body) { 29 var json = JSON.parse(body); 30 var refreshUrl = \'https://api.weixin.qq.com/sns/oauth2/refresh_token?appid=\' + appid + \'&grant_type=refresh_token&refresh_token=\' + json.refresh_token; 31 //第三步:获得refreshtoken和openId; 32 request.get(refreshUrl,function (err,response,refresh) { 33 var json = JSON.parse(refresh); 34 var infoUrl = \'https://api.weixin.qq.com/sns/userinfo?access_token=\' + json.access_token + \'&openid=\' + json.openid + \'&lang=zh_CN\'; 35 //第四步:通过上一步刷新得来的refresh和openId请求用户信息; 36 request.get(infoUrl,function(err,response,info) { 37 var info = JSON.parse(info); 38 res.send(info); 39 }); 40 }); 41 }); 42 }); 43 //1、设置api接口,使前端通过ajax可以获取jsapi-sdk; 44 app.get(\'/wechat/ticket\',function (req, res) { 45 var page = req.query.page; 46 var t = {}; 47 var url = \'https://api.weixin.qq.com/cgi-bin/token?grant_type=client_credential&appid=\'+appid+\'&secret=\'+appsecret; 48 //2、获取access_token; 49 request.get(url,function(err, response, body) { 50 var token = JSON.parse(body); 51 var ticketUrl = \'https://api.weixin.qq.com/cgi-bin/ticket/getticket?access_token=\' + token.access_token + \'&type=jsapi\'; 52 //3、获取ticket并且生成随机字符串,时间戳,签名 53 request.get(ticketUrl, function(err, response, ticket) { 54 var data = JSON.parse(ticket); 55 var timestamp = parseInt(new Date().getTime() / 1000); 56 t.ticket = data.ticket; 57 t.noncestr = sha1(new Date()); 58 t.timestamp = timestamp; 59 var string = \'jsapi_ticket=\' + t.ticket + \'&noncestr=\' + t.noncestr + \'×tamp=\' + timestamp + \'&url=\' + page; 60 t.signature = sha1(string); 61 res.json(t); 62 }); 63 }); 64 }); 65 66 67 68 app.listen(port);