Python Websocket implements scanning QR code to log in---GoEasy

Recently I am working on a scan code login function. For this reason, I also searched online about how to implement WeChat scan login. When this function was completed, I decided to sort out the entire implementation idea for my own convenience and for other programmers with similar needs.
To realize QR code login, we need to solve two problems:
1. How to solve the permission security problem without entering the user name and password? In other words, how to let the server know that the client scanning the QR code is a legitimate user?
2. How does the server respond accordingly on the web page in real time based on the user's selection on the client?

First of all, let’s sort out the implementation ideas of WeChat so that we can understand the direction of thinking to solve this problem. The QR code for WeChat login is actually a form of converting a URL into a QR code. After scanning the code through the WeChat client, it is nothing more than opening the url. The url of the WeChat QR code I captured is https:/ /login.weixin.qq.com/l/YdmTu30I5A==, YdmTu30I5A== in this URL represents the unique ID of this session, this is a bit similar to the session id in the browser, through this ID, WeChat can Directed feedback of confirmation results to the web page. There are two prerequisites for using the WeChat QR code login function: First, the WeChat app needs to be installed on the client. Second, users need to log in to the WeChat app. https://wx.qq.com/

Python Websocket message push

Why do we need these two conditions? That's because when WeChat confirms whether to allow login to the web version, WeChat needs to extract the login information of the current app and send the above session ID to the server, so that the server can confirm two things after receiving the login information and session ID: One is to confirm that the logged-in client user is authenticated; the other is to use the session ID server to know which web page to push the feedback results to.

So for the first point, our key is to ensure that the user is a verified and legal user before scanning (the verification method can be username + password, or a secure key), before choosing whether to log in Just push this result to the server side. If the user does not verify whether it is legal, you can directly tell the user that the QR code cannot be recognized or prompt to log in to the app first, just like WeChat does.

With identity verification, let’s solve the second problem now, how to display the feedback results on the web page in real time? Some friends may say that it is easy for the client to send a request to the background, while on the web page, ajax is used to send it to the server regularly to see if there is feedback. I don't agree with this approach, because the ajax polling method consumes client and server resources! This involves another technology - web real-time push technology. Using push technology can save server-side and client-side resources, and can push and receive any message stably. During the implementation process, I used a third-party push service - GoEasy push. It is very simple to implement. Other functions in our project also use the GoEasy web real-time push service, so here I directly use GoEasy push. Push login feedback results to the server. My implementation steps are very simple. Use the transmitted session ID as the communication channel between the client and the web page. The web page subscribes to the session ID as the value channel. The client sends the verification result and session ID to the server. The server can use this channel. Actively push the results to the web version! If the client also needs to provide corresponding feedback, then the client only needs to subscribe to this channel, and then the server will push the results to the web version and the client at the same time. After receiving the message, it can use the goeasy callback function as needed. Do what you want to do here. Regarding the use of goeasy push, you can refer to this blog: http://www.cnblogs.com/jishaochengduo/articles/5552645.html. In addition, there is also a demo on the GoEasy push official website: GoEasy QR code scan login demo, everyone You can go and see the effect.