1 /* jshint -W079 */
2 /* jshint -W020 */
3
4 "use strict";
5 var _ = require("lodash");
6 var sha1 = require('sha1');
7 var urlencode = require('urlencode');
8 var wurl = require('wurl');
9 var request = require('request');
10 var express = require('express');
11 var router = express.Router();
12
13 module.exports = function(app, domain) {
14 var app>;
15 var appsecret = "2b6ee0cbeec0114eb539e68ba356329b";
16
17 /* 微信中继接口 */
18 router.get('/wechat/ticket', function (req, res) {
19 var page = req.query.page;
20
21 if (page && page.indexOf('from=singlemessage') > 0 && page.indexOf('&isappinstalled=0') < 0) page = page + "&isappinstalled=0";
22
23 WeChatTicket.findOne({appid: appid}).exec(function (err, ticket) {
24 if (_.isEmpty(ticket)) { refreshTicket(appid, appsecret, page, null, res); return; }
25
26 var difference = parseInt(new Date().getTime() / 1000) - ticket.at;
27
28 // 如果超时
29 if (difference > 7100) refreshTicket(appid, appsecret, page, ticket, res);
30 else {
31 var json = ticket.toJSON();
32 var timestamp = parseInt(new Date().getTime() / 1000);
33 json.at = timestamp;
34 json.signature = wechatSignature(ticket, page, timestamp);
35
36 res.json({ticket: json});
37 }
38 });
39 });
40
41 // 微信 access_token 接口
42 // 3、通过路由获取token,并返回json格式数据;
43 router.get('/wechat/access_token', function (req, res) {
44 getToken(appid, appsecret, function(token, error) {
45 if(error) console.error(error);
46 res.json(token);
47 });
48 });
49 //第二步获取token,在数据库中拿出token,如果时间过期重新获取token,如果不过期,使用此token
50 function getToken(appid, appsecret, cb) {
51 WeChatAccessToken.findOne({appid: appid}, function (err, token) {
52 if(token) {
53 var difference = parseInt(new Date().getTime() / 1000) - token.at;
54 if (difference > 7100) refreshToken(appid, appsecret, function(data, err) { cb(data, err); });
55 else cb(token, null);
56 } else refreshToken(appid, appsecret, function(data, err) { cb(data, err); });
57 });
58 }
59 //第一步刷新token,此步骤是第一步,通过appid和appsecret就可获得accesstoken;此步骤的作用
60 //生成token,此处有个技巧,有token替换,无token,直接生成;
61 function refreshToken(appid, appsecret, cb) {
62 var access_token_api = "https://api.weixin.qq.com/cgi-bin/token?grant_type=client_credential&app;
63 var url = access_token_api.replace('APPID', appid).replace('APPSECRET', appsecret);
64
65 // 参考请求: http://localhost:7000/wechat/ticket?appid=wx8160a61c2d53fb74&appsecret=aa2c953465334823e20090156527a957
66 request.get(url, function (error, response, body) {
67 if(body) {
68 WeChatAccessToken.findOne({appid: appid}, function (err, token) {
69 if (!token) token = new WeChatAccessToken();
70 var data = JSON.parse(body);
71
72 token.appid = appid;
73 token.access_token = data.access_token;
74 token.expires_in = data.expires_in;
75 token.at = parseInt(new Date().getTime() / 1000);
76 token.save(function (err) { cb(token, err); });
77 });
78 } else cb(null, error);
79 });
80 }
81 //获取ticket第一步;此处用到了getToken的方法;传入appid,appsecrect,
82 //首先得到token,拼接获取ticket的url,求情该url得到ticket;将获得的ticket格式化,即body
83 //存储到数据库,此处用到了签名的函数wechatSignature();
84 function refreshTicket(appid, appsecret, page, ticket, res) {
85 getToken(appid, appsecret, function (token, err) {
86 if(err !== null) { res.json({error: err}); return; }
87 if(_.isEmpty(token.access_token)) { res.json({error: err}); return; }
88
89 // 获取 jsapi_ticket
90 var ticket_url = 'https://api.weixin.qq.com/cgi-bin/ticket/getticket?access_token=' + token.access_token + '&type=jsapi';
91
92 request.get(ticket_url, function (error, response, body) {
93 var t = ticket === null ? new WeChatTicket() : ticket;
94 var data = JSON.parse(body);
95
96 if(!data.ticket) { res.json({error: response}); return; }
97
98 var timestamp = parseInt(new Date().getTime() / 1000);
99
100 t.appid = appid;
101 t.ticket = data.ticket;
102 t.noncestr = sha1(new Date());
103 t.expires_in = data.expires_in;
104 t.at = timestamp;
105
106 var signature = wechatSignature(t, page, timestamp);
107
108 t.save(function (err) {
109 var json = t.toJSON();
110 json.at = timestamp;
111 json.signature = signature;
112 res.json({ticket: json, error: err});
113 });
114 });
115 });
116 }
117
118 /* 微信签名实现 */
119 function wechatSignature(t, page, timestamp) {
120 var string = "jsapi_ticket=" + t.ticket + "&noncestr=" + t.noncestr + "×tamp=" + timestamp + "&url=" + page;
121 return sha1(string);
122 }
123
198
199 return router;
200 };