/* jshint -W079 */
/* jshint -W020 */
"use strict";
var _ = require("lodash");
var sha1 = require('sha1');
var urlencode = require('urlencode');
var wurl = require('wurl');
var request = require('request');
var express = require('express');
var router = express.Router();
module.exports = function(app, domain) {
var app>;
var appsecret = "2b6ee0cbeec0114eb539e68ba356329b";
/* 微信中继接口 */
router.get('/wechat/ticket', function (req, res) {
var page = req.query.page;
if (page && page.indexOf('from=singlemessage') > 0 && page.indexOf('&isappinstalled=0') < 0) page = page + "&isappinstalled=0";
WeChatTicket.findOne({appid: appid}).exec(function (err, ticket) {
if (_.isEmpty(ticket)) { refreshTicket(appid, appsecret, page, null, res); return; }
var difference = parseInt(new Date().getTime() / 1000) - ticket.at;
// 如果超时
if (difference > 7100) refreshTicket(appid, appsecret, page, ticket, res);
else {
var json = ticket.toJSON();
var timestamp = parseInt(new Date().getTime() / 1000);
json.at = timestamp;
json.signature = wechatSignature(ticket, page, timestamp);
res.json({ticket: json});
}
});
});
// 微信 access_token 接口
// 3、通过路由获取token,并返回json格式数据;
router.get('/wechat/access_token', function (req, res) {
getToken(appid, appsecret, function(token, error) {
if(error) console.error(error);
res.json(token);
});
});
//第二步获取token,在数据库中拿出token,如果时间过期重新获取token,如果不过期,使用此token
function getToken(appid, appsecret, cb) {
WeChatAccessToken.findOne({appid: appid}, function (err, token) {
if(token) {
var difference = parseInt(new Date().getTime() / 1000) - token.at;
if (difference > 7100) refreshToken(appid, appsecret, function(data, err) { cb(data, err); });
else cb(token, null);
} else refreshToken(appid, appsecret, function(data, err) { cb(data, err); });
});
}
//第一步刷新token,此步骤是第一步,通过appid和appsecret就可获得accesstoken;此步骤的作用
//生成token,此处有个技巧,有token替换,无token,直接生成;
function refreshToken(appid, appsecret, cb) {
var access_token_api = "https://api.weixin.qq.com/cgi-bin/token?grant_type=client_credential&appid=APPID&secret=APPSECRET";
var url = access_token_api.replace('APPID', appid).replace('APPSECRET', appsecret);
// 参考请求: http://localhost:7000/wechat/ticket?appid=wx8160a61c2d53fb74&appsecret=aa2c953465334823e20090156527a957
request.get(url, function (error, response, body) {
if(body) {
WeChatAccessToken.findOne({appid: appid}, function (err, token) {
if (!token) token = new WeChatAccessToken();
var data = JSON.parse(body);
token.appid = appid;
token.access_token = data.access_token;
token.expires_in = data.expires_in;
token.at = parseInt(new Date().getTime() / 1000);
token.save(function (err) { cb(token, err); });
});
} else cb(null, error);
});
}
//获取ticket第一步;此处用到了getToken的方法;传入appid,appsecrect,
//首先得到token,拼接获取ticket的url,求情该url得到ticket;将获得的ticket格式化,即body
//存储到数据库,此处用到了签名的函数wechatSignature();
function refreshTicket(appid, appsecret, page, ticket, res) {
getToken(appid, appsecret, function (token, err) {
if(err !== null) { res.json({error: err}); return; }
if(_.isEmpty(token.access_token)) { res.json({error: err}); return; }
// 获取 jsapi_ticket
var ticket_url = 'https://api.weixin.qq.com/cgi-bin/ticket/getticket?access_token=' + token.access_token + '&type=jsapi';
request.get(ticket_url, function (error, response, body) {
var t = ticket === null ? new WeChatTicket() : ticket;
var data = JSON.parse(body);
if(!data.ticket) { res.json({error: response}); return; }
var timestamp = parseInt(new Date().getTime() / 1000);
t.appid = appid;
t.ticket = data.ticket;
t.noncestr = sha1(new Date());
t.expires_in = data.expires_in;
t.at = timestamp;
var signature = wechatSignature(t, page, timestamp);
t.save(function (err) {
var json = t.toJSON();
json.at = timestamp;
json.signature = signature;
res.json({ticket: json, error: err});
});
});
});
}
/* 微信签名实现 */
function wechatSignature(t, page, timestamp) {
var string = "jsapi_ticket=" + t.ticket + "&noncestr=" + t.noncestr + "×tamp=" + timestamp + "&url=" + page;
return sha1(string);
}
return router;
};
