I was going to write a public account as a tool for message reminders, so I went to the WeChat public platform and planned to try it with the test account interface. There is no problem with writing the code, and the server has already been deployed. Basically all the problems have been checked, but the configuration still fails. Finally, it was found that it was a problem with the request header.
First, list the problems that need attention, and see if you have done it. If not, solve them first.
- Must use the address starting with https:// or http:// (binding domain name)
- The address must support port 80 and port 443 (find a website on the Internet and scan it)
- Token is either in English or a number, with more than 3 digits, and you can use abcdefg as you like.
The code of the official website example is also a bit problematic. It returns true directly, but actually returns the value of echostr. Then
there is a pit in this area! ! !
Note that the value returned must be the value of echostr, and the returned request header must be the same as that accepted by WeChat official, they received text/html; charset=utf-8 At the beginning, I used django's rest_framework framework, and the returned
Response As a result, although I set the content_type, there is a pit in this area. It should be noted that the default behavior of the Response class is that the numbers passed to it are automatically serialized in JSON format, and the content type defaults to application/json. So even if I set content_type="text/html; charset=utf-8, the returned result is still in JSON format. Paste the error Django code below
from rest_framework.response import Response
from rest_framework.views import APIView
import hashlib
class WeChatSignatureView(APIView):
def get(self, request, *args, **kwargs):
received_signature = request.query_params.get("signature")
received_timestamp = request.query_params.get("timestamp")
received_nonce = request.query_params.get("nonce")
your_token = "your_token" # 替换为你的token
if self.check_signature(received_signature, received_timestamp, received_nonce, your_token):
echostr = request.query_params.get("echostr")
# 关键代码,虽然我指定了content_type但还是序列化了,没卵用
return Response(echostr, content_type="text/html; charset=utf-8")
else:
return Response("Invalid signature", status=403, content_type="text/plain")
def check_signature(self, signature, timestamp, nonce, token):
tmp_arr = [token, timestamp, nonce]
tmp_arr.sort()
tmp_str = ''.join(tmp_arr)
tmp_str = hashlib.sha1(tmp_str.encode()).hexdigest()
return tmp_str == signature
If you want to return HTML content and need to set the correct content type to text/html; charset=utf-8, you should manually create an HttpResponse object instead of using DRF's Response. The following are correct examples:
from django.http import HttpResponse
def get(self, request):
received_signature = request.GET.get("signature")
received_timestamp = request.GET.get("timestamp")
received_nonce = request.GET.get("nonce")
yue_token = 'yueyue'
if self.check_signature(received_signature, received_timestamp, received_nonce, yue_token):
# 返回时用Django的HttpResponse就不会序列化,指定这个content_type就能起到作用
return HttpResponse(request.query_params.get("echostr"), content_type="text/html; charset=utf-8")
else:
return Response("Invalid signature", status=403)
def check_signature(self, signature, timestamp, nonce, token):
tmp_arr = [token, timestamp, nonce]
tmp_arr.sort()
tmp_str = ''.join(tmp_arr)
tmp_str = hashlib.sha1(tmp_str.encode()).hexdigest()
return tmp_str == signature
Finally it's done
