Dim e As RequestEventArgs = args(0)
Dim hst As String = e.Host
Dim agent As String = e.request.UserAgent
If agent.contains("MicroMessenger") AndAlso hst.Contains("weixin.") Then
Dim sb As New StringBuilder
sb.AppendLine("<meta name='viewport' c>")
Dim UserName As String
Dim OpenID As String
If e.GetValues.ContainsKey("code") Then '如果是通过授权链接跳转而来,就从链接重提取code来获取openid
Dim ul As String = "https://api.weixin.qq.com/sns/oauth2/access_token?appid={0}&secret={1}&code={2}&grant_type=authorization_code"
ul = CExp(ul,"wxac4b451413cd0fa1","1bc9f80abd0a4ab5a95752d27b60c441",e.GetValues("code"))
Dim hc As new HttpClient(ul)
Dim jo As JObject = JObject.Parse(hc.GetData)
If jo("openid") IsNot Nothing Then '如果获取openid成功(成功的话,还会同时返回一个accesstiken,用于获取用户详情)
OpenID = jo("openid")
Dim dr As DataRow = DataTables("WXUsers").SQLFind("openid ='" & Openid & "'")
If dr IsNot Nothing Then
UserName = dr("nickname")
Else
ul = "https://api.weixin.qq.com/sns/userinfo?access_token={0}&openid={1}&lang=zh_CN "
'根据openid和accesstoken获取用户详情,注意这里这个accesstoken不是普通accesston,只能用于网页授权
hc = New HttpClient(CExp(ul, jo("access_token"), OpenId))
jo = jo.Parse(hc.GetData)
If jo("openid") IsNot Nothing Then
UserName = jo("nickname")
dr = DataTables("WXUsers").AddNew()
Dim nms() As String = {"openid","nickname","sex","city","country","province","headimgurl","groupid","remark","language","tagid_lis","permit"} '""
For Each nm As String In nms
dr(nm) = jo(nm)
Next
dr("permit") = True
dr.Save
Else
e.WriteString(jo.ToString) '在用户浏览器显示错误信息
Return ""
End If
End If
e.AppendCookie("username",UserName) '用户名和openid存储在Cookie中
e.AppendCookie("openid",OpenID)
Else
e.WriteString(jo.ToString) '在用户浏览器显示错误信息
Return ""
End If
Else
UserName = e.Cookies("username") '从cookie获取用户名和openid
OpenID = e.Cookies("openid")
If userName = "" OrElse OpenID = "" Then
Dim ul As String = "https://open.weixin.qq.com/connect/oauth2/authorize?appid=wxac4b451413cd0fa1&redirect_uri=http%3a%2f%2f" & hst & "&response_type=code&scope=snsapi_userinfo&state=123#wechat_redirect"
sb.Append("<meta http-equiv='Refresh' c>") '跳转到授权链接
e.WriteString(sb.ToString)
Return ""
End If
End If
If OpenID > "" And UserName > "" Then
'这里可以做进一步的权限判断
If e.Path = "wefox" AndAlso e.Request.HttpMethod.ToUpper = "GET" Then
If Functions.Execute("VerifySignature",e) Then
e.WriteString(e.GetValues("echostr"))
End If
ElseIf e.Path = "logon.htm" Then
Functions.Execute("default",e)
End If
Else
sb.AppendLine("你无权访问本系统")
e.WriteString(sb.ToString)
Return ""
End If
Else
Static UserTable As DataTable '定义一个变量,用于存储用户随机身份ID,以及最后一次活动时间.
Static ClearTime As Date
If UserTable Is Nothing Then '创建用于记录登录信息的临时表
ClearTime = Date.Now()
Dim dtb As New DataTableBuilder("UserInfos")
dtb.AddDef("UserName", Gettype(String), 200)
dtb.AddDef("UserID",Gettype(String),200)
dtb.AddDef("ActiveTime",Gettype(Date))
UserTable = dtb.Build(True)
End If
If (Date.Now - ClearTime).TotalMinutes >= 30 Then '清除超过30分钟没有操作的登录信息
UserTable.DeleteFor("ActiveTime < #" & Date.Now.AddMinutes(-30) & "#")
ClearTime = Date.Now()
End If
'身份验证
Dim UserName As String
Dim Password As String
Dim UserID As String
Dim wb As New weui
If e.Path = "logon.htm" '验证用户名和密码
If e.PostValues.ContainsKey("username") AndAlso e.PostValues.ContainsKey("password") Then
Dim Verified As Boolean '用于标记用户是否通过了身份验证
UserName = e.PostValues("username")
Password = e.PostValues("password")
Dim sdr As DataRow = DataTables("WXUsers2").SQLFind("身份证号 ='" & UserName & "' and password ='" & password & "'")
If sdr IsNot Nothing Then '实际使用的时候,请改为从数据库读取用户名和密码进行比较
Verified = True
e.AppendCookie("openid",sdr("OpenID"))
End If
If Verified Then
UserID = Rand.NextString(16) '生成随机用户ID
UserName = EncryptText(UserName,"999","999") '将用户名加密.
Dim dr As DataRow = UserTable.Find("UserName = '" & UserName & "'")
If dr IsNot Nothing Then '如果是重复登录,删除以前的登录信息
dr.Delete()
End If
dr = UserTable.AddNew()
dr("UserName") = UserName
dr("UserID") = UserId
dr("ActiveTime") = Date.Now '记录登录时间
wb.AppendCookie("username",UserName) '将用户名和密码写入cookie
wb.AppendCookie("userid",UserID)
wb.InsertHTML("<meta http-equiv='Refresh' c>") '直接跳转到首页
e.WriteString(wb.Build) '生成网页
Return "" '必须的
End If
End If
ElseIf e.Path = "wefox"
If e.Request.HttpMethod.ToUpper = "GET"
If Functions.Execute("VerifySignature",e) Then
e.WriteString(e.GetValues("echostr"))
End If
End If
Else '其它页面从Cookie提取登录信息进行验证
UserName = e.Cookies("username") '从cookie中获取用户名
UserID = e.Cookies("userid") '从cookie中获取 随机ID
Dim dr As DataRow = UserTable.Find("UserName = '" & UserName & "'")
If dr IsNot Nothing AndAlso dr("UserID") = UserID Then '如果通过验证,更新活动时候,继续访问其它页面.
dr("ActiveTime") = Date.Now '更新活动时间
Else '如果验证失败
wb.InsertHTML("<meta http-equiv='Refresh' c>") '那么直接跳转到登录页面
e.WriteString(wb.Build) '生成网页
Return "" '必须的
End If
End If
'开始生成网页
End If
加好友 
发短信
Post By:2018/8/6 9:57:00 [只看该作者]
