shop-back-end/doc/汇邦数字身份平台登录接口文档.md

## 请求概述
### 请求header
所有请求必须包含以下两个header：
*   `noSign`: `true`
*   `source`: `api`
获取登录token后，也可以在header中添加：
*   `token`: `${token}`
### 登录校验结果
接口返回结果为json格式，如果包含`code`字段，则说明登录校验失败。
*   `code`: `0001`  - 登录状态已失效
*   `code`: `0002`  - 在cookie、Get参数、Header中均未检测到token
## 登录接口
### 2.1 获取token
*   **API**: `https://www.ab98.cn/api/doInterface?code=doGetToken&from=jt&app=${appname}`
*   **请求方式**: GET
*   **请求参数**:
    *   `code`: `doGetToken` (必传)
    *   `from`: `jt` (可选)
    *   `app`: 调用该接口的应用在汇邦数字平台登记的应用英文名 (可选)
**成功返回**:
```json
{
    "outputData": {
        "token": "1a6ea39e84c406283839856640e3aa66",
        "takeFace": true
    },
    "state": "ok"
}
```
**失败返回**:
```json
{
    "outputData": "错误信息",
    "stateCode": 0,
    "state": "fail"
}
```
### 2.2 短信登录
#### 2.2.1 发送短信
*   **API**: `https://www.ab98.cn/api/doInterface?code=doSendSms`
*   **请求方式**: POST
*   **Content-Type**: application/json
*   **请求BODY**:
```json
{
    "token":"358900e1005c33a1dd059b07042ceec3", //必传
    "tel":"137xxxxxxxx", //必传
    "nobind":"true",      //必传
    "for_login":"true",    //必传
    "from":"jt"         //必传
}
```
**成功返回**:
```json
{
    "outputData": {
        "success": true
    },
    "state": "ok"
}
```
**失败返回**:
```json
{
    "outputData": {
        "success": false,
        "errMsg": "失败原因"
    },
    "state": "ok"
}
```
#### 2.2.2 验证短信验证码
*   **API**: `https://www.ab98.cn/api/doInterface?code=doCheckSmsCode`
*   **请求方式**: POST
*   **Content-Type**: application/json
*   **请求BODY**:
```json
{
    "token":"358900e1005c33a1dd059b07042ceec3",
    "tel":"137xxxxxxxx",
    "vcode":"123456"
}
```
**成功返回**:
```json
{
    "outputData": {
        "idcard_back": "https://www.ab98.cn/upload/temp/images/202102/xxx.jpeg",
        "face_img": "https://www.ab98.cn/upload/temp/images/202102/yyy.jpeg",
        "address": "身份证上的地址",
        "nation": null,
        "success": true,
        "sex": "男",
        "name": "xxx",
        "userid": 123,
        "registered": true,
        "tel": "137xxxxxxxx",
        "idnum": "450981xxxxxxxxxxxx",
        "idcard_front": "https://www.ab98.cn/upload/temp/images/202102/zzz.jpeg"
    },
    "state": "ok"
}
```
**失败返回**:
```json
{
    "outputData": {
        "success": false
    },
    "state": "ok"
}
```
### 2.3 微信扫码登录
*   **API**: `https://www.ab98.cn/online/index.html?content=doLogin%60`
#### 2.3.1 二维码
假设获取到的token为`358900e1005c33a1dd059b07042ceec3`，则构造的最终链接为：
`https://www.ab98.cn/online/index.html?content=doLogin%60358900e1005c33a1dd059b07042ceec3`
使用该链接生成二维码图片供用户使用微信“扫一扫”。
#### 2.3.2 监听websocket
*   **监听地址**: `wss://www.ab98.cn/login.ws/${token}`
*   **登录失败**: 
```json
{
"outputData": "登录失败原因",
"state": "fail"
}
```
*   **登录成功**:
```json
{
"outputData": "登录成功",
"state": "ok",
"username": "扫码者姓名",
"sex": "扫码者性别",
"head_img": "扫码者头像",
"idnum": "身份证号码",
"userid": "人员记录ID",
"tel": "手机号码"
}
```
### 2.4 刷脸登录
*   **API**: `https://www.ab98.cn/api/doInterface?code=doStrongFaceLogin`
*   **请求方式**: POST
*   **Content-Type**: application/json
*   **请求BODY**:
```json
{
"token":"358900e1005c33a1dd059b07042ceec3", //必传
"check_code":"1234", //必传
"imgBase64":"/9j/4AAQS…" //必传
}
```
**成功返回**:
```json
{
"state": "ok",
"outputData": "登录成功",
"openid": "oGfFD1jBEZ2sq4PhOc8zKKejHA9E",
"head_img": "https://www.ab98.cn/… ",
"sex": "男",
"userid": 1,
"token": "dbe11ef64cd6350c5d935d531db765c0",
"username": "xxx",
"tel": "xxx"
}
```
### 2.5 动态码登录
1.  **发起websocket监听**:
`wss://www.ab98.cn/login.ws/{监听token}`
其中 `{监听token}` 由客户端自定义，由数字和英文字母组成，保证多用户同时监听时 `{监听token}` 互不相同即可，否则会接收到错误消息。
2.  **主动发送消息**:
```json
{
"type": "mfa",
"do": "checkCode",
"token": "xxx",
"code": "000000"
}
```
**服务器响应消息**:
1.  **登录失败**:
```json
{
"state": "fail",
"msg": "失败原因"
}
```
2.  **动态码校验通过，等待移动端授权登录**:
```json
{
"state": "ok",
"step": "0"
}
```
3.  **等待移动端授权超时**:
```json
{
"state": "ok",
"step": "1"
}
```
4.  **移动端已授权登录**:
```json
{
"state": "ok",
"step": "2",
"openid": "xxx",
"head_img": "/xxx",
"sex": "男/女",
"company": "xxx",
"userid": 123,
"idnum": "xxx",
"username": "xxx",
"tel": "xxx"
}
```
### 2.6 退出登录
*   **API**: `https://www.ab98.cn/api/doInterface?code=doLogout`
*   **请求方式**: POST
*   **Content-Type**: application/json
*   **请求BODY**:
```json
{
"token":"358900e1005c33a1dd059b07042ceec3"
}
```
**成功返回**:
```json
{
"state": "ok"
}
```