微信小程序開發-解密微信運動數據

微信小程序開發API-微信運動

https://mp.weixin.qq.com/debug/wxadoc/dev/api/we-run.html#wxgetwerundataobject

思路：wx.login獲取的code請求獲取的session_key，wx.getWeRunData獲取的iv,encryptData，將它們一塊兒發送到後臺解密就好了。

安全顧慮，由於只是示例因此直接傳遞session_key了，爲了安全最好按照下圖的方式加密後存儲到redis中再傳遞key。

小程序端代碼

get3rdSession: function () {
    let that = this
    wx.request({
      url: 'https://localhost/login.php',
      data: {
        code: this.data.code
      },
      method: 'GET', // OPTIONS, GET, HEAD, POST, PUT, DELETE, TRACE, CONNECT
      success: function (res) {
        var sessionId = res.data;
        that.setData({ sessionId: sessionId })
        wx.setStorageSync('sessionId', sessionId)
        that.decodeUserInfo()
      }
    })
  },
  decodeUserInfo: function () {
    let that = this
    wx.request({
      url: 'https://localhost/decrypt.php',
      data: {
        encryptedData: that.data.encryptedData,
        iv: that.data.iv,
        session: wx.getStorageSync('sessionId')
      },
      method: 'GET', // OPTIONS, GET, HEAD, POST, PUT, DELETE, TRACE, CONNECT
      // header: {}, // 設置請求的 header
      success: function (res) {
        let todayStep = res.data.stepInfoList.pop()
        that.setData({
          step: todayStep.step
        });
      }
    })
  },
  onLoad: function () {
    let that = this
    wx.login({
      success: function (res) {
        let code = res.code
        that.setData({ code: code })
        wx.getWeRunData({//解密微信運動
          success(res) {
            const wRunEncryptedData = res.encryptedData
            that.setData({ encryptedData: wRunEncryptedData })
            that.setData({ iv: res.iv })
            that.get3rdSession()//解密請求函數
          }
        })
      }
    })
  }

後臺這使用的是官方PHP版本Demo：先處理login的請求，login.php直接返回session_key，而後再一塊兒請求decrypt.php進行解密。

login.php部分代碼

$appid = '你的appid';
$appsecret = '你的appsecret';

$url = 'https://api.weixin.qq.com/sns/jscode2session?appid='.$appid.'&secret='.$appsecret.'&js_code='.$_GET['code'].'&grant_type=authorization_code';

$content = file_get_contents($url);
$content = json_decode($content);
echo $content->session_key;

decrypt.php部分代碼

$pc = new WXBizDataCrypt($appid, $sessionKey);
$errCode = $pc->decryptData($encryptedData, $iv, $data );

if ($errCode == 0) {
    print($data . "\n");
} else {
    print($errCode . "\n");
}