app中要接入apple賬號的第三方登錄,這裏只記錄後端的東西,app中獲取數據的過程是由前端小哥搞定的,後端的驗證步驟一共三步
- 檢查appleId是否在本地註冊了,已經註冊過就自動登錄,否則通過apple提供的接口進行簽名的校驗並在本地第三方表中註冊appleId
- appleId與用戶主表進行關聯綁定
- 進行登錄操作
登錄過程用到了兩張表,一張是user,用戶主表,裏邊存放的是用戶的信息,如mobile、nickname等,我們的用戶信息是通過mobile來進行唯一性判定的,另外一張表是user_apple,裏邊存放的是前端傳過來的蘋果用戶信息,有蘋果的唯一標識、名字、郵箱等信息,
在接入過程中需要對前臺傳遞的apple簽名進行校驗,所以我從網上找了一個擴展包,在做簽名校驗的時候使用,我用的yii,就以yii爲例,擴展包地址https://github.com/GriffinLedingham/php-apple-signin,可以直接composer安裝,命令如下:
composer require wubuwei/php-apple-signin
我這邊不知道是什麼原因,就是下載不了,切換了阿里雲的composer鏡像也不行,所以只好手動安裝啦,把擴展包手動下載完了之後放到vendor文件夾下邊,然後需要引入一下命名空間,不然不能使用,在common下的配置文件main.php中加入如下代碼就可以了
[
'aliases' => [
'@AppleSignIn' => '@vendor/wubuwei/php-apple-signin',
],
]
//"@AppleSignIn"就是命名空間,"@vendor/wubuwei/php-apple-signin"是文件的路徑
下邊是第一個接口的代碼,作用是檢查appleId和對appleId進行本地註冊
use AppleSignIn\ASDecoder;
use common\classes\Service\ParamsValidateService;
/**
* 蘋果賬號登錄
* 蘋果賬號登錄
* @api POST /v1/user/login-by-apple
* @param string access_token token
* @param string openid 用戶標識
* @param string familyName familyName
* @param string giveName giveName
* @param string givenName givenName
* @param string email email
* @return string $message 狀態說明
* @return mixed $data 其他數據
*/
public function actionLoginByApple()
{
$PVS = new ParamsValidateService();
$data=\Yii::$app->request->post();
$valid = $PVS->validate($data, [
[['access_token','openid'], 'required'],
[['access_token','openid','familyName','giveName','givenName','email'], 'string'],
]);
if (!$valid) return $this->returnData(0, '數據參數錯誤', $PVS->getErrorSummary(true));
$ip = Yii::$app->request->getUserIP();
$userApple = UserApple::findOne(['openid'=>$data['openid']]);
if($userApple && $userApple->uid){
$userInfo = User::findOne($userApple->uid);
if(!$userInfo) return $this->returnData(1, '數據錯誤',$userInfo);
$res = User::LoginReuslt($userInfo);
if($res){
User::updateData(array('last_login_time' => time()),$userInfo->id);
return $this->returnData(1, '註冊成功',$res);
}else{
return $this->returnData(0, '操作失敗,請稍後再試!');
}
}
try{
$appleSignInPayload = ASDecoder::getAppleSignInPayload($data['access_token']);
$check = $appleSignInPayload->verifyUser($data['openid']);
if(!$check) throw new \Exception("簽名認證失敗");
$model = new UserApple();
$model->openid = $data['openid'];
$model->createtime = time();
$model->ip = $ip;
$model->family_name = isset($data['familyName'])?$data['familyName']:'';
$model->give_name = isset($data['giveName'])?$data['giveName']:'';
$model->given_name = isset($data['givenName'])?$data['givenName']:'';
$model->email = isset($data['email'])?$data['email']:'';
$model->save();
$errors = $model->getErrors();
if($errors) throw new \Exception(json_encode($errors));
}catch (\Exception $e){
return $this->returnData(0, '登錄失敗', $e->getMessage());
}
return $this->returnData(2, '請綁定用戶',[]);
}
然後是appleId與用戶表進行關聯
/**
* 蘋果賬號關聯用戶
* 蘋果賬號關聯用戶
* @api POST /v1/user/apple-associated-user
* @param string mobile 用戶手機號
* @param string openid 用戶標識
* @return mixed $data 其他數據
*/
public function appleAssociatedUser($data)
{
$time = time();
$userApple = UserApple::findOne(['openid'=>$data['openid']]);
if(!$userApple){
return [
'status'=>0,
'data'=>'請先進行蘋果授權'
];
}
if($userApple->uid) {
return [
'status'=>0,
'data'=>'已經關聯過用戶了'
];
}
$user = User::findOne(['mobile'=>$data['mobile']]);
if(!$user){
$ip = Yii::$app->request->getUserIP();
$user = new User();
$user->mobile = $data['mobile'];
$user->username = $userApple->family_name.$userApple->give_name;
$user->nickname = $userApple->give_name;
$user->status = 1;
$user->last_login_time = $time;
$user->created = $time;
$user->last_login_ip = $ip;
$user->save();
$errors = $user->getErrors();
if($errors){
return [
'status'=>0,
'data'=>json_encode($errors)
];
}
}
$userApple->uid = $user->id;
$userApple->save();
$errors = $userApple->getErrors();
if($errors){
return [
'status'=>0,
'data'=>json_encode($errors)
];
}
return [
'status'=>1,
'data'=>'',
];
}