README.md
[](https://badge.fury.io/js/passport-wechat-public)
[](https://david-dm.org/vcwen/passport-wechat-public)
[](https://travis-ci.org/vcwen/passport-wechat-public)
[](https://coveralls.io/github/vcwen/passport-wechat-public?branch=master)
[](https://codeclimate.com/github/vcwen/passport-wechat-public)
# passport-wechat-public
[Passport](http://passportjs.org/) strategy for authenticating with [Wechat Official Accounts](https://mp.weixin.qq.com/)
[Documents (English)](https://github.com/wenwei1202/passport-wechat-public/blob/master/README.en.md)
Passport的微信公众号OAuth2.0用户验证模块。支持的框架有Express,Strongloop/Loopback,支持Loopback-Component-Passport.
(网页登录可以支持,但是没有测试过,因为没有相应的网站应用,微信也没有给相应的可以测试的测试号。但是功能比较一致,只是改变了authURL,所以加了,正式使用的话慎重测试)
微信企业号, 转至[passport-wechat-enterprise](https://github.com/wenwei1202/passport-wechat-enterprise)
## Install
$ npm install passport-wechat-public
## Usage
#### Configure Strategy
在Passport注册WechatPublicStrategy, Passport.use()的第一个参数是name,可以忽略使用默认的名字’wechat-public'。WechatPublicStrategy的构造函数的参数是options和verify。
options的appId,appSecret和callbackURL是必须的,其他为可选。verify函数是验证或创建用户传给done函数
```
passport.use("wechat",new WechatPublicStrategy({
appId: APP_ID,
appSecret: APP_SECRET,
callbackURL: "http://localhost:3000/auth/wechat/callback",
state: "state",
scope: "snsapi_base",
agent: "wechat",
getToken: function(openid, cb) {...cb(null, accessToken)}
saveToken: function (openid, token, cb) {... /*save to db*/ cb(null)}
},
function(accessToken, refreshToken, profile, done) {
User.findOrCreate({ openId: profile.id }, function (err, user) {
return done(err, user);
});
}
));
```
`getToken` 和 `saveToken` 用于保存从微信服务器获得的用户的access token, 以免重复请求token,token的有效时间为2小时,如果忽略此方法,在production环境下console中会显示'**Please dont save oauth token into memory under production**'
#### Authenticate Requests
用`passport.authenticate()`在对应的route下,注意strategy名字和passport.use()时一致。
For example
```
app.get('/auth/wechat',
passport.authenticate('wechat'));
app.get('/auth/wechat/callback',
passport.authenticate('wechat', { failureRedirect: '/login' }),
function(req, res) {
// Successful authentication, redirect home.
res.redirect('/');
});
```
#### Loopback-Component-Passport
[Loopback-Component-Passport](https://github.com/strongloop/loopback-component-passport) [官方文档](https://docs.strongloop.com/pages/releaseview.action?pageId=3836277)
在`providers.json`加入wechat provider即可,profile的id就是openid
```
{
"wechat": {
"provider": "wechat",
"module": "passport-wechat-public",
"callbackURL": "/auth/wechat/callback",
"successRedirect": "/auth/wechat/account",
"failureRedirect": "/auth/wechat/failure",
"scope": ["snsapi_userinfo"],
"appId": "wxabe757c89bb6d74b",
"appSecret": "9a62bc24a31d5c7c2b1d053515d276f8"
}
}
```
- `providers.json` 不能直接写方法,需要在`configureProvider` 时将`getAccessToken ` 和 `saveAccessToken ` 加入options中
```
function getAccessToken(cb) {...};
function saveAccessToken(accessToken, cb){...};
for (var s in config) {
var c = config[s];
c.session = c.session !== false;
if(s === 'wechat') {
c.getToken = getAccessToken;
c.saveToken = saveAccessToken;
}
passportConfigurator.configureProvider(s, c);
}
```