1. 企业内部应用免登录,后端如何检验用户登录了自家应用?
个人思路:用户进入企业内部应用小程序后,给后端发一个请求,告知后端,后端给小程序发放认证。
var authCode = '';
dd.getAuthCode({
success:function(res){
/*{
authCode: 'hYLK98jkf0m' //string authCode
}*/
console.log("authCode,"+ res.authCode);
// fetch('http://xh9093.vaiwan.com:8082/test/login', )
authCode = res.authCode;
// dd.httpRequest({
// url: 'http://localhost:9093/test/login?code='+authCode,
// method: 'get',
// // data: {
// // code: authCode,
// // },
// // dataType: 'json',
// // contentType: 'application/json',
// success: function(res) {
// dd.alert({content: 'success', r: res});
// },
// fail: function(res) {
// dd.alert({content: 'fail', r: res});
// }
// });
// 获取token
var access_token = '';
dd.httpRequest({
url: 'https://oapi.dingtalk.com/gettoken?appkey=dingwgjdrty4gz3e2fm9&appsecret=vDLz32E1-eic9N2QQd1LU65JYISertYG66UOhfHmYsTTBy-cZ_qgwPrzWYRu2PCM',
success: function(res) {
console.log('access_token', res);
dd.alert({content: res.data.access_token});
access_token = res.data.access_token;
// 获取用户信息
dd.httpRequest({
url: 'https://oapi.dingtalk.com/user/getuserinfo?access_token='+access_token+"&code="+authCode,
success: function(res1) {
console.log('userinfo', res1);
// dd.alert(res1.data.userid);
var userid = res1.data.userid;
// 获取 unionid
dd.httpRequest({
url: 'https://oapi.dingtalk.com/topapi/v2/user/get?access_token='+access_token,
method: 'POST',
data : {
userid: userid,
},
success: function(res1) {
console.log('get unionid', res1);
// dd.alert(res1.data.userid);
var unionid = res1.data.result.unionid;
console.log('unionid', unionid)
}
});
}
});
}
});
},
fail:function(err){
}
});
感觉上,钉钉应该有接口可验证用户是否是企业的人员,以及登录的应用,可是是哪个呢?