In the previous two days, when the applet version was released, the audit was rejected because users did not perform security checks on the content when they published it, such as the name of the national leader.
Later I learned that the official document of the applet provided relevant detection interfaces, including text and image detection. Here I only used text detection.
Use msgsecheck interface to detect text
https://developers.weixin.qq.com/miniprogram/dev/api-backend/open-api/sec-check/security.msgSecCheck.html
The request interface address is https://api.weixin.qq.com/wxa/msg'sec'check? Access'token = access'token
, for POST request, the request parameters are:
- Access? Token interface call credentials
- Content the text content to be detected, with a length of no more than 500KB
let content = params.content;
let access_token = await this.app.redis.get('access_token');
let url = `https://api.weixin.qq.com/wxa/msg_sec_check?access_token=${access_token}`;
let data = {
content: content
}
let checkResult = await proxy(url, {
headers: {
'Content-Type': 'application/json'
},
method: 'POST',
body: JSON.stringify(data)
});
checkResult = JSON.parse(checkResult);
if (checkResult.errcode == 87014) {
// Content contains illegal content
response = this.ResultResponse.createByErrorMsg('Content contains illegal content');
}Refresh the access token certificate regularly
access_token is the interface call certificate, which is obtained through the getAccessToken interface.
https://developers.weixin.qq.com/miniprogram/dev/api-backend/open-api/access-token/auth.getAccessToken.html
The interface request address is https://api.weixin.qq.com/cgi-bin/token? Grant'type = client'credential & appid = apppid & Secret = appsecret, which is GET request. The request parameters are:
- Grant type fill in client credential
- AppID applet unique certificate, that is, AppID
- secret the unique credential key of the applet, that is, AppSecret
The interface returns data in addition to access_token and expires_in expiration time. Here, the validity period is 7200s, which means that the certificate fails in two hours. Therefore, we need to refresh the timer to obtain access_token, and then store it in redis.
/////////Get access token.js file
const Subscription = require('egg').Subscription;
/**
* Get wechat accessToken timing task once every 90 (5400 s) minutes
*/
class GetAceessToken extends Subscription {
// Use the schedule property to set the execution interval and other configurations of scheduled tasks
static get schedule() {
return {
interval: '5400s', // 1 minute interval in m minutes, s seconds, ms milliseconds
type: 'all', // All specifies that all workers need to execute the worker. Only one worker on each machine will execute this scheduled task.
immediate: true, //When the parameter is configured as true, the timing task will execute once after the application is started and ready.
disable: false//When this parameter is configured as true, this scheduled task will not be started.
};
}
// subscribe is a function that is run when a real scheduled task is executed
async subscribe() {
let ctx = this.ctx;
ctx.logger.info('-----getAccessToken start----');
try {
await ctx.service.userService.getAccessToken();
} catch (error) {
console.log('Obtain access token fail', error)
}
ctx.logger.info('-----getAccessToken end----');
}
}
module.exports = GetAceessToken;
/////////userService.js file
/**
* Obtain the AccessToken and store it in redis for security content check to refresh every 90 minutes
*/
async getAccessToken() {
let url = `https://api.weixin.qq.com/cgi-bin/token?grant_type=client_credential&appid=${config.key.appid}&secret=${config.key.secret}`;
let result = await proxy(url, {
method: 'GET'
});
result = JSON.parse(result);
console.log('getAccessToken result', result)
await this.app.redis.set('access_token', result.access_token);
await this.app.redis.set('expires_in', result.expires_in);//Currently valid for 7200s 2 hours
}