将openid存到session

9 years ago · e4653426d2
parent a3d90df5ce
commit e4653426d2
3 changed files with 90 additions and 71 deletions
--- a/app/controllers/wechats_controller.rb
+++ b/app/controllers/wechats_controller.rb
@ -150,11 +150,20 @@ class WechatsController < ActionController::Base
  end


+
+
+  ###  controller method
+  include Controllers
+
+  module Controllers
    def get_open_id
      begin
-      raise "非法操作, code不存在" unless params[:code]
-      openid = get_openid_from_code(params[:code])
-      raise "无法获取到openid" unless openid
+
+        code = params[:code] || session[:wechat_code]
+        openid = get_openid_from_code(code)
+
+
+        raise "无法获取到微信openid" unless openid
        render :json => {status:0, openid: openid}
      rescue Exception=>e
        render :json => {status: -1, msg: e.message}
@ -163,8 +172,10 @@ class WechatsController < ActionController::Base

    def bind
      begin
-       raise "非法操作, code不存在" unless params[:code]
-       openid = get_openid_from_code(params[:code])
+
+        code = params[:code] || session[:wechat_code]
+        openid = get_openid_from_code(code)
+
        raise "无法获取到openid" unless openid
        raise "此微信号已绑定用户, 不能重复绑定" if user_binded?(openid)

@ -172,7 +183,7 @@ class WechatsController < ActionController::Base
        raise "用户名或密码错误,请重新登录" unless user
        #补全用户信息

-       raise "此用户已经绑定了公众号" if user.user_wechat
+        raise "此用户已经绑定过公众号, 请换一个帐户试试" if user.user_wechat

        UserWechat.create!(
            openid: openid,
@ -185,17 +196,25 @@ class WechatsController < ActionController::Base
    end

    def login
-    @code = params[:code] #TODO 安全性
+      session[:wechat_code] = params[:code] if params[:code]
      render 'wechats/login', layout: 'base_wechat'
    end

    private
    def get_openid_from_code(code)
-    url = "https://api.weixin.qq.com/sns/oauth2/access_token?appid=#{Wechat.config.appid}&secret=#{Wechat.config.secret}&code=#{code}&grant_type=authorization_code"
-    logger.debug url
-    body = URI.parse(url).read
-    logger.debug body
-    JSON.parse(body)["openid"]
+      openid = session[:wechat_openid]
+
+      unless openid
+        if code
+          openid = wechat.web_access_token(code)["openid"]
+        end
+      end
+
+      if openid
+        session[:wechat_openid] = openid
+      end
+
+      return openid
    end

    def user_binded?(openid)
@ -233,4 +252,6 @@ class WechatsController < ActionController::Base
          end
      end
    end
+  end
+
 end
--- a/app/views/wechats/create.html.erb
+++ b/app/views/wechats/create.html.erb
--- a/app/views/wechats/login.html.erb
+++ b/app/views/wechats/login.html.erb
@ -12,19 +12,17 @@
        <div class="weui_cell">
          <div class="weui_cell_hd"><label class="weui_label">用户名</label></div>
          <div class="weui_cell_bd weui_cell_primary">
-            <input class="weui_input" autocapitalize="off" type="text" name="username" placeholder="请输入邮箱地址或昵称"/>
+            <input class="weui_input" autocapitalize="off" type="text" name="username" placeholder="请输入邮箱地址/登录名"/>
          </div>
        </div>

        <div class="weui_cell">
          <div class="weui_cell_hd"><label class="weui_label">密码</label></div>
          <div class="weui_cell_bd weui_cell_primary">
-            <input class="weui_input" type="password" name="password" placeholder="请输密码"/>
+            <input class="weui_input" type="password" name="password" placeholder="请输入密码"/>
          </div>
        </div>

-      <input type="hidden" value="<%=@code%>" name="code">
-
        <div class="weui_btn_area">
          <a class="weui_btn weui_btn_primary" id="submitForm">确定</a>
        </div>