WeChatウィジェットの内容を安全に検証する画像とテキスト

3354 ワード
uniapp 
import Ctpic from '@/common/custom-picture.js'; 
////     http://hhyang.cn/doc4/custom-picture/applet_URLtoPath.html
const _ctpic = new Ctpic();

function wxhelper() {
	let ACCESS_TOKEN = {
		token: '',
		expirationTimeStamp: 0
	};
	this.imgSecCheck = function(imgpath, webobj, callback) {

		let tok = getToken(webobj);
		tok.then(function(token) {
			console.log("token", token)
			if (token == '') {
				callback({
					"errcode": 404
				});
			}

			let basic = _ctpic.applet_appendFile({
				path: imgpath,
				isNet: true, //      
				format:'png'
			});
			basic.then(function(e) {
				let blob = _ctpic.applet_URLtoPath({
					base64: e,
				})
				blob.then(function(file) {
					
					uni.request({
						url: 'https://api.weixin.qq.com/wxa/img_sec_check?access_token=' + token,
						method: 'POST',
						data: {
							media: {
								contentType: 'image/jpeg',
								value: file
							}
						},
						header: {
							'Content-Type': 'application/octet-stream'
						},
						success: (res) => {
							callback(res.data);
						},
						fail: () => {
							callback({
								"errcode": 404
							});
						},


					});
					//callback(res);
				})


			})
		});




	}

	this.msgSecCheck = function(msgs, webobj, callback) {
		let tok = getToken(webobj);
		tok.then(function(token) {
			console.log("token", token)

			if (token == '') {
				callback({
					"errcode": 404
				});
			}

			
			uni.request({
				url: 'https://api.weixin.qq.com/wxa/msg_sec_check?access_token=' + token,
				method: 'POST',
				data: {
					content: msgs
				},
				// header: {
				// 	'Content-Type': 'application/octet-stream'
				// },
				success: (res) => {
					callback(res.data);
				},
				fail: () => {
					callback({
						"errcode": 404
					});
				},


			});
		})


	}

	function getToken(webobj) {
		let _this = this;
		return new Promise((resolve, reject) => {

			const sto_token = uni.getStorageSync('wx_access_token');
			if (sto_token) {
				ACCESS_TOKEN = sto_token;

			}

			if (ACCESS_TOKEN.expirationTimeStamp < (+new Date())) {
				//      ACCESS_TOKEN
				uni.request({
					url: webobj.webapi + '/api/WXImg/GetToken',
					method: 'GET',
					header: {
						'Authorization': webobj.authtoken
					}

				}).then(data => { //data     ,          ,        
					var [error, res] = data;
					if (res.data.IsSuccess) {
						ACCESS_TOKEN.token = res.data.Data.access_token
						ACCESS_TOKEN.expirationTimeStamp = res.data.Data.TimeStamp
						//console.log("newtoken",ACCESS_TOKEN)
						uni.setStorageSync('wx_access_token', ACCESS_TOKEN);
						resolve(ACCESS_TOKEN.token);
					} else {
						reject('');
					}

				})
			} else {
				resolve(ACCESS_TOKEN.token);
			}

		})



	}



}
module.exports = wxhelper;
使い方
custom-picture.jsを引用して、調べます。http://hhyang.cn/doc4/custom-picture/applet_URLtoPath.
    import wxhelper from'@/common/wxhelper.js';
let_wxhelper=new wxhelper()
 _wxhelper.img Sec Check(path,webapi:_this.webapi,authtoken:_this.authttoken),function(e)                                         consolone.log(e)
}
onclick伝送パラメータ
mac+apache+django+wsgi