Two days ago when the release version of the applet, the audit was denied, because the user when the content is published, does not do safety testing of content, such as the name of national leaders and the like.
Later on official documents has learned applets provide detection of interfaces, including text and images to detect, and here I only used the text detection
Interface detection using text msgSecCheck
https://developers.weixin.qq.com/miniprogram/dev/api-backend/open-api/sec-check/security.msgSecCheck.html
request interface address https://api.weixin.qq.com/wxa/msg_sec_check?access_token=ACCESS_TOKEN
as a POST request, the request parameters:
- access_token interface calls credentials
- Text content to be detected, the length does not exceed 500KB
let content = params.content;
let access_token = await this.app.redis.get('access_token');
let url = `https://api.weixin.qq.com/wxa/msg_sec_check?access_token=${access_token}`;
let data = {
content: content
}
let checkResult = await proxy(url, {
headers: {
'Content-Type': 'application/json'
},
method: 'POST',
body: JSON.stringify(data)
});
checkResult = JSON.parse(checkResult);
if (checkResult.errcode == 87014) {
// 内容含有违法违规内容
response = this.ResultResponse.createByErrorMsg('内容含有违法违规内容');
}Timed refresh access_token credentials
access_token is the interface to call evidence, obtained through getAccessToken Interface
https://developers.weixin.qq.com/miniprogram/dev/api-backend/open-api/access-token/auth.getAccessToken.html
Interface address request https://api.weixin.qq.com/cgi-bin/token?grant_type=client_credential&appid=APPID&secret=APPSECRETfor a GET request, request parameters are:
- grant_type fill client_credential
- appid applet only evidence that AppID
- applet secret key only evidence that AppSecret
In addition to the interface returns the data access_token there expires_in expiration time, here is the validity 7200s, the child is 2 voucher failure, so we need to get access_token refresh the timer, then save to redis inside
/////////get_access_token.js文件
const Subscription = require('egg').Subscription;
/**
* 获取微信accessToken定时任务 90(5400s)分钟刷新一次
*/
class GetAceessToken extends Subscription {
// 通过 schedule 属性来设置定时任务的执行间隔等配置
static get schedule() {
return {
interval: '5400s', // 1 分钟间隔 隔单位 m 分 、 s 秒、 ms 毫秒
type: 'all', // all 指定所有的 worker 都需要执行 worker 每台机器上只有一个 worker 会执行这个定时任务
immediate: true, //配置了该参数为 true 时,这个定时任务会在应用启动并 ready 后立刻执行一次这个定时任务。
disable: false//配置该参数为 true 时,这个定时任务不会被启动。
};
}
// subscribe 是真正定时任务执行时被运行的函数
async subscribe() {
let ctx = this.ctx;
ctx.logger.info('-----getAccessToken start----');
try {
await ctx.service.userService.getAccessToken();
} catch (error) {
console.log('获取access token失败', error)
}
ctx.logger.info('-----getAccessToken end----');
}
}
module.exports = GetAceessToken;
/////////userService.js文件
/**
* 获取AccessToken,存储到redis里面,用于安全内容检查 每90分钟刷新一次
*/
async getAccessToken() {
let url = `https://api.weixin.qq.com/cgi-bin/token?grant_type=client_credential&appid=${config.key.appid}&secret=${config.key.secret}`;
let result = await proxy(url, {
method: 'GET'
});
result = JSON.parse(result);
console.log('getAccessToken result', result)
await this.app.redis.set('access_token', result.access_token);
await this.app.redis.set('expires_in', result.expires_in);//目前有效期7200s 2小时
}