微信免扫码登录

在微信 3.9.11 for Windows及以上版本 与 微信 4.0.0 for Mac及以上版本，用户无需扫码，可直接在 Windows / Mac 设备上进行确认登录，对于扫码登录流程及原理这里不做介绍，详情可以参考 微信文档

登录流程

获取用户登录状态

请求

curl 'https://localhost.weixin.qq.com:14013/api/check-login' \
  -H 'Content-Type: application/json' \
  --data-raw '{"apiname":"qrconnectchecklogin","jsdata":{"appid":"wxa04304ceaedaf538","scope":"snsapi_login","redirect_uri":"https://wj.qq.com/api/session/weixin/callback_mobile?app=website&scene_type=respondent&system_redirect_url=https%3A%2F%2Fwj.qq.com%2Fs2%2F22240515%2F0ac5%2F%3Fwj_lang%3Dzhs&system_str=98448b091359fdb325aa083a45621f9a","state":"9ec633939ab2fd6f441a29542a51e8f3"}}'

响应

{"apiname":"qrconnectchecklogin","errcode":0,"jsdata":{"nickname":"陈锴","headimgurl":"https://thirdwx.qlogo.cn/mmopen/vi_32/AQKmfJVKIvhtQBbPyiaiaT58FHg0zSr4E5TxMTaNLhzHU1bmiaTl3VRDMOA1gK2QG4pZ6x3XCNUsXicib4N1qCM7cqQ/132","authorize_uuid":"033nd5fs2nhe300H"}}

如果请求当前电脑未登录微信或者微信被锁定, SDK 会回退到扫码登录，如果当前电脑已登录微信，微信会弹出确认登录窗口

获取请求CODE

curl 'https://localhost.weixin.qq.com:14013/api/authorize' \
  -H 'Content-Type: application/json' \
  --data-raw '{"apiname":"qrconnectfastauthorize","jsdata":{"data":"{\"x\":576,\"y\":391.5}","appid":"wxa04304ceaedaf538","scope":"snsapi_login","redirect_uri":"https://wj.qq.com/api/session/weixin/callback_mobile?app=website&scene_type=respondent&system_redirect_url=https%3A%2F%2Fwj.qq.com%2Fs2%2F22240515%2F0ac5%2F%3Fwj_lang%3Dzhs&system_str=98448b091359fdb325aa083a45621f9a","state":"9ec633939ab2fd6f441a29542a51e8f3","authorize_uuid":"033nd5fs2nhe300H"}}'

响应

{
  "apiname":"qrconnectfastauthorizeconfirm",
  "errcode":0,
  "jsdata":{
    "redirect_url":"https://wj.qq.com/api/session/weixin/callback_mobile?app=website&scene_type=respondent&system_redirect_url=https%3A%2F%2Fwj.qq.com%2Fs2%2F22240515%2F0ac5%2F%3Fwj_lang%3Dzhs&system_str=5c3a4c413941b981195d89f17cbd9e62&code=031uEG0w31Irk53DJ51w3pP97z2uEG0s&state=aaa05281ab3122d0a62454bcd25f49e3"
  }
}

通过CODE获取网站授权 access_token

http请求方式: GET
https://api.weixin.qq.com/sns/oauth2/access_token?appid=APPID&secret=SECRET&code=CODE&grant_type=authorization_code

获取用户个人信息

http请求方式: GET
https://api.weixin.qq.com/sns/userinfo?access_token=ACCESS_TOKEN&openid=OPENID

背后原理

DNS 解析

腾讯通过将该子域名指向 127.0.0.1, 这可以让网页访问本地服务

dig localhost.weixin.qq.com

# ;; ANSWER SECTION:
# localhost.weixin.qq.com. 152    IN      A       127.0.0.1

当我们访问https://localhost.weixin.qq.com:14013/api/check-login 时实际上并没有访问微信服务器，而是访问了本地微信开启的服务

微信本地服务

微信客户端监听14013端口, 通过该端口与网页进行通信 我们通过下方链接也可以访问端口

# 通过 127.0.0.1 访问 浏览器会提示证书不安全，因为微信签发证书的域名是localhost.weixin.qq.com
https://127.0.0.1:14013/api/check-login

总结

整体上来看，免扫码登录的原理就是微信客户端监听一个端口，然后通过该端口与三方网页进行通信。这简化用户登录流程