Node. js WeChat public platform development tutorial, node. js public

Source: Internet
Author: User
Tags sha1 encryption

Node. js public platform development tutorial, node. js public

How can nodejs be used to develop public platforms?

Let's not talk about anything more. First, let's briefly introduce the basic principles of the public platform.

The server is equivalent to a forwarding server. A terminal (such as a mobile phone or tablet) initiates a request to the server and forwards the request to the Custom Service (here is our specific implementation ). After the service is processed, the server forwards the response to the terminal. The communication protocol is HTTP and the data format is XML.
The specific process is shown in:

What we need to do is to respond to HTTP requests. The specific request content is parsed according to the specific XML format. After processing, it must be returned according to the specific XML format.

Platform Registration

To complete the development of the public platform, we need to register a public platform account. The registration procedure is as follows:
Go to the official website of the public platform, https://mp.weixin.qq.com/, and click here to register the website ".

Enter basic information, email activation, type, Information Registration, and public account information as prompted to complete registration.

After registration, we need to set the public account. Log on to the public account, find public account settings, and set the profile picture and other information.

Nodejs Environment Construction

We need to find a server on the Internet so that we can start our nodejs environment. After the environment is started, by setting the access address, we can receive messages sent from the server, we can also send messages to the server.

After nodejs is installed on the internet server, we need to install some modules used by nodejs, such as express, node-xml, and jssha. You can run the npm command to install the SDK.

We use nodejs to send and receive messages to the server and authenticate the signatures with the server.

We have installed the nodejs environment for our students in the editing environment on the right. In the following content, we will implement server signature authentication for our students.

Create an express framework

We have installed the express module in the previous course and created a file named app. js in the environment on the right. Now we will complete the express framework in this file. The following code:

Var express = require ("express"); var path = require ('path'); var app = express (); server = require ('http '). server (app); app. set ('view' ,__ dirname); // sets the view app. set ('view engine ', 'html'); app. engine ('.html ', require ('ejs '). _ express); require ('. /Index') (app); // route configuration file server. listen (80, function () {console. log ('app start, port 80. ');});

Then upload another file named test.html. Write the following content

<! DOCTYPE html> 

We also need to add a file named index. js to implement our routing. Click the Add file button in the editing environment to add the file. Then we write the following code. The GET request is used to verify the validity of the configured url and the post request is used to process the message.

module.exports = function(app){app.get('/',function(req,res){res.render('test',{issuccess:"success"})});app.get('/interface',function(req,res){});app.post('/interface',function(req,res){});}

This completes the express framework we need. Of course, we can also add public folders and middleware we will use. Save the file, click submit and run, and then click access test to try it. Write down the access test address, which will be used in the next section.

Server Configuration

Log on to the public platform, find the basic configuration in developer mode, and modify the server configuration. :

First, enter the URL for receiving and sending data through nodejs on the Internet. You can enter the [access test] address in the previous section, and then add the corresponding route.

The Token must be consistent with the token on our custom server. After entering the information, click Submit. Before submitting, we start app. js (Click Submit to run ]). In this way, we can verify whether the signature is valid based on our route match.

After the configuration is complete, you must enable the configuration.

Website access

After a public platform user submits information, the server sends a GET request to the URL filled in with four parameters:

 Parameter description
Signature Encrypted signature
Timestamp
Nonce Random Number
Echostr random string

The developer verifies the request by verifying signature (The following is a verification method ). If you confirm that the GET request is from the server, the echostr parameter is returned as is, and the access takes effect. Otherwise, the access fails.

Signature combines the token parameter entered by the developer with the timestamp parameter and nonce parameter in the request.

Encryption/verification process:

1. Sort the tokens, timestamp, and nonce in Lexicographic Order;
2. splice the three parameter strings into one string for sha1 encryption;
3. The encrypted string obtained by the developer can be compared with signature to identify the request source.
Sort Parameters

First, we confirm that the request is a get request from the server. Then we can add code in the index. js file. Then, add it to the function of app. get ('/interface', function (req, res.

The following code first obtains the values of each parameter:

var token="weixin";var signature = req.query.signature;var timestamp = req.query.timestamp;var echostr  = req.query.echostr;var nonce   = req.query.nonce;

Here we set the token to make it consistent with the token set on the server.

Sort the tokens, timestamp, and nonce in the list, as shown in the following code:

var oriArray = new Array();oriArray[0] = nonce;oriArray[1] = timestamp;oriArray[2] = token;oriArray.sort();

This completes the sorting.

Parameter Encryption

In the preceding section, we have sorted the parameters. In this section, we need to combine the parameters into a string for SH-1 encryption. Jssha module is used before encryption. We need to reference this module in our files.

var jsSHA = require('jssha');

In the previous lesson, we sorted the parameters and placed them in arrays. We can use the join method to generate a string, as shown in the following code:

var original = oriArray.join('');

The following code encrypts the data:

var jsSHA = require('jssha');var shaObj = new jsSHA(original, 'TEXT');var scyptoString=shaObj.getHash('SHA-1', 'HEX'); 

Then the required signature string scyptoString is generated.

Signature Comparison

We have obtained the desired signature string scyptoString, and then we can compare it with the signature from the server. After comparison, we can receive and send messages.

If (signature = scyptoString) {// Verification Successful} else {// Verification Failed}

The above is all the content of this article, hoping to help you learn

Articles you may be interested in:
  • Use Nodejs to develop public account backend service instances
  • Use NodeJs to develop public account (3) event interaction instances

Related Article

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.