## 请求概述 ### 请求header 所有请求必须包含以下两个header: * `noSign`: `true` * `source`: `api` 获取登录token后,也可以在header中添加: * `token`: `${token}` ### 登录校验结果 接口返回结果为json格式,如果包含`code`字段,则说明登录校验失败。 * `code`: `0001` - 登录状态已失效 * `code`: `0002` - 在cookie、Get参数、Header中均未检测到token ## 登录接口 ### 2.1 获取token * **API**: `https://www.ab98.cn/api/doInterface?code=doGetToken&from=jt&app=${appname}` * **请求方式**: GET * **请求参数**: * `code`: `doGetToken` (必传) * `from`: `jt` (可选) * `app`: 调用该接口的应用在汇邦数字平台登记的应用英文名 (可选) **成功返回**: ```json { "outputData": { "token": "1a6ea39e84c406283839856640e3aa66", "takeFace": true }, "state": "ok" } ``` **失败返回**: ```json { "outputData": "错误信息", "stateCode": 0, "state": "fail" } ``` ### 2.2 短信登录 #### 2.2.1 发送短信 * **API**: `https://www.ab98.cn/api/doInterface?code=doSendSms` * **请求方式**: POST * **Content-Type**: application/json * **请求BODY**: ```json { "token":"358900e1005c33a1dd059b07042ceec3", //必传 "tel":"137xxxxxxxx", //必传 "nobind":"true", //必传 "for_login":"true", //必传 "from":"jt" //必传 } ``` **成功返回**: ```json { "outputData": { "success": true }, "state": "ok" } ``` **失败返回**: ```json { "outputData": { "success": false, "errMsg": "失败原因" }, "state": "ok" } ``` #### 2.2.2 验证短信验证码 * **API**: `https://www.ab98.cn/api/doInterface?code=doCheckSmsCode` * **请求方式**: POST * **Content-Type**: application/json * **请求BODY**: ```json { "token":"358900e1005c33a1dd059b07042ceec3", "tel":"137xxxxxxxx", "vcode":"123456" } ``` **成功返回**: ```json { "outputData": { "idcard_back": "https://www.ab98.cn/upload/temp/images/202102/xxx.jpeg", "face_img": "https://www.ab98.cn/upload/temp/images/202102/yyy.jpeg", "address": "身份证上的地址", "nation": null, "success": true, "sex": "男", "name": "xxx", "userid": 123, "registered": true, "tel": "137xxxxxxxx", "idnum": "450981xxxxxxxxxxxx", "idcard_front": "https://www.ab98.cn/upload/temp/images/202102/zzz.jpeg" }, "state": "ok" } ``` **失败返回**: ```json { "outputData": { "success": false }, "state": "ok" } ``` ### 2.3 微信扫码登录 * **API**: `https://www.ab98.cn/online/index.html?content=doLogin%60` #### 2.3.1 二维码 假设获取到的token为`358900e1005c33a1dd059b07042ceec3`,则构造的最终链接为: `https://www.ab98.cn/online/index.html?content=doLogin%60358900e1005c33a1dd059b07042ceec3` 使用该链接生成二维码图片供用户使用微信“扫一扫”。 #### 2.3.2 监听websocket * **监听地址**: `wss://www.ab98.cn/login.ws/${token}` * **登录失败**: ```json { "outputData": "登录失败原因", "state": "fail" } ``` * **登录成功**: ```json { "outputData": "登录成功", "state": "ok", "username": "扫码者姓名", "sex": "扫码者性别", "head_img": "扫码者头像", "idnum": "身份证号码", "userid": "人员记录ID", "tel": "手机号码" } ``` ### 2.4 刷脸登录 * **API**: `https://www.ab98.cn/api/doInterface?code=doStrongFaceLogin` * **请求方式**: POST * **Content-Type**: application/json * **请求BODY**: ```json { "token":"358900e1005c33a1dd059b07042ceec3", //必传 "check_code":"1234", //必传 "imgBase64":"/9j/4AAQS…" //必传 } ``` **成功返回**: ```json { "state": "ok", "outputData": "登录成功", "openid": "oGfFD1jBEZ2sq4PhOc8zKKejHA9E", "head_img": "https://www.ab98.cn/… ", "sex": "男", "userid": 1, "token": "dbe11ef64cd6350c5d935d531db765c0", "username": "xxx", "tel": "xxx" } ``` ### 2.5 动态码登录 1. **发起websocket监听**: `wss://www.ab98.cn/login.ws/{监听token}` 其中 `{监听token}` 由客户端自定义,由数字和英文字母组成,保证多用户同时监听时 `{监听token}` 互不相同即可,否则会接收到错误消息。 2. **主动发送消息**: ```json { "type": "mfa", "do": "checkCode", "token": "xxx", "code": "000000" } ``` **服务器响应消息**: 1. **登录失败**: ```json { "state": "fail", "msg": "失败原因" } ``` 2. **动态码校验通过,等待移动端授权登录**: ```json { "state": "ok", "step": "0" } ``` 3. **等待移动端授权超时**: ```json { "state": "ok", "step": "1" } ``` 4. **移动端已授权登录**: ```json { "state": "ok", "step": "2", "openid": "xxx", "head_img": "/xxx", "sex": "男/女", "company": "xxx", "userid": 123, "idnum": "xxx", "username": "xxx", "tel": "xxx" } ``` ### 2.6 退出登录 * **API**: `https://www.ab98.cn/api/doInterface?code=doLogout` * **请求方式**: POST * **Content-Type**: application/json * **请求BODY**: ```json { "token":"358900e1005c33a1dd059b07042ceec3" } ``` **成功返回**: ```json { "state": "ok" } ```