Security News
Research
Data Theft Repackaged: A Case Study in Malicious Wrapper Packages on npm
The Socket Research Team breaks down a malicious wrapper package that uses obfuscation to harvest credentials and exfiltrate sensitive data.
@byhealth/points
Advanced tools
防伪积分: 公共模块防伪积分,在多个项目中应用,因此抽出来避免重复工作。
文件大小69kb
tips:
1、涉及微信环境,jssdk授权config时需要授权扫码( jsApiList:['scanQRCode'] );
2、通过方式引入js时将在window对象中全局 ___Points___ 构造方法,使用构造方法时务必在资源文件引入之后使用,如有命名上的冲突请自行处理
3、模块css部分由js动态插入用页面,命名使用到hash,但也不排除有冲突和被复写的可能性
npm i
运行开发环境
npm run dev
打包Uat环境
npm run build:uat
打包发布Uat环境
./deploy.sh
打包生产环境
npm run build
测试demo时确认demo 资源目录位置
将master分支下dist目录内文件发布至cdn 路径下
1、npm或yarn安装
npm install @byhealth/points
yarn add @byhealth/points
参数:options = {...}
参数名 | 必选 | 类型 | 说明 |
---|---|---|---|
async | 否 | Boole | 积分成功是否异步回调(失败使用同步调用回调) |
customPhoneDom | 否 | String | 电话号码输入框 id(自定义入口UI时使用) |
customQrDom | 否 | String | 调用摄像头扫码按钮 id(自定义入口UI时使用) |
customSecuritycodeDom | 否 | String | 防伪输入框 id(自定义入口UI时使用) |
customSubmitDom | 否 | String | 提交按钮 id(自定义入口UI时使用) |
uatApiBase | 否 | String | 用测试环境ApiUrl,不传调用生产积分Api |
hidePointsResult | 否 | Boole | 隐藏积分成功结果 默认true |
primaryColour | 否 | String | 自定义颜色 |
基本用法:
import points from '@byhealth/points';
const Point = new points({
uatApiBase: 'http://wx-test.by-health.com'
});
const {
showSecuritycode
} = Point;
const options = {
mobilePhone: '13888888888'
};
const callback = (data) => {
console.log(data);
console.log('do something!!!');
}
// 显示防伪积分登录框
showSecuritycode(options, callback)
自定义入口UI用法
import points from '@byhealth/points';
const customPoint = new points({
async: false,
securitycodeDom:'securitycodeDom',
phoneDom:'phoneDom',
QrDom:'QrDom',
submitDom:'submitDom',
uatApiBase: 'http://wx-test.by-health.com'
});
const {
customSecuritycode,
} = customPoint;
const options = {
mobilePhone: '13888888888'
};
const callback = (data) => {
console.log(data);
console.log('do something!!!');
}
customSecuritycode(options, callback)
默认ui直接显示防伪积分弹窗
showSecuritycode(options, callback)
自定义入口ui时调用下面方法初始化积分入口
customSecuritycode(options, callback)
调用防伪积分方法参数说明:options = {...}
参数名 | 必选 | 类型 | 说明 |
---|---|---|---|
memberId | 二选一 | int | 消费者手机号码(memberId与mobilePhone二选一) |
mobilePhone | 二选一 | string | 消费者手机号码(memberId与mobilePhone二选一,已登陆传消费者会员id,未登陆或未注册传入消费者手机号码) |
storeId | 否 | string | 非必填:如线下门店的积分传入门店机构ID(不传默认微信虚拟门店1-WAYZ2) |
clerkId | 否 | Int | 非必填:如线下门店的积分传入店员员工ID |
channelType | 否 | Int | 渠道表,详情查看渠道表(默认传4,微信渠道)参数说明见附表) |
comment | 否 | String | 积分备注 |
antifakecode | 否 | String | 防伪码 |
回调:callback: (data: any) => void
注意:回调返回结果即为积分接口返回结果,为了保留积分模块的灵活性这里的回调不只是积分成功才发生,失败情况也会调用回调,请在使用时根据业务需要来进行处理
data值是积分接口返回,示例如下
{
antifakecode: "8869727599529863" //防伪码
channelType: 1 //渠道类型,具体参考渠道类型表
clerkId: 39807044 //店员员工ID
createTime: "2019-02-20T12:13:42.222Z"
integralId: 252957006 //扫码积分记录ID
memberId: 47253249 //消费者会员ID
poiAvailableValue: 386 //用户积分
points: 168 //产品的积分值(不含额外赠送的积分值)
productId: 340 //产品ID
productName: "汤臣倍健叶酸亚铁片"
status: 1 //积分记录状态,0:提交状态 ,1:已成功 -1:已取消
storeId: "1-C0MLA7" //门店机构ID
txnSn: "JF276448510667530240" //积分单据号
updateTime: "2019-02-20T12:13:42.222Z"
}
暴露部分私有方法,方便小型项目使用
**1. initData: () => void 初始化防伪码和条形码数据 **
Points.initData()
2. showLoading: () => void 显示loading
Points.showLoading()
3. hideLoading: () => void 隐藏loading
Points.hideLoading()
4. showMsg: (msg: string, title: string) => any 显示弹窗
@param msg
— 弹窗内容,可以使用HTMLdom
@param title
— 弹窗标题
Points.showMsg('<div>这是弹窗文字</div>', '这是弹窗标题')
5. hideMsg: ƒ () 隐藏弹窗
points.hideMsg()
6. validate
引用包validate-by-health,查询api文档请访问:https://github.com/by-healthFED/validate
7. wechat
引用包share-wechat,查询api文档请访问:https://github.com/by-healthFED/share-wechat
8. nativeApp
引用包@byhealth/native-app-jssdk,查询api文档请访问:https://github.com/by-healthFED/native-app-jssdk
附表一:渠道类型对照表
channelType=value | 说明 |
---|---|
1 | 终端门店(APP) |
2 | 终端门店POS |
3 | PC网站 |
4 | 微信(默认) |
5 | CRM |
6 | 会员店平台 |
7 | 电话 |
8 | 二维码 |
9 | 瓶盖防伪 |
10 | 条形码 |
11 | H5页面 |
12 | 短信 |
13 | PC官网 |
14 | 手机官网 |
15 | 营养管家小程序 |
16 | 公众号联运 |
17 | 营养家小程序 |
18 | 终端自助码 |
FAQs
查看文档 [document](http://wx-test.by-health.com/web/points2020/#/)
We found that @byhealth/points demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 0 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
Research
The Socket Research Team breaks down a malicious wrapper package that uses obfuscation to harvest credentials and exfiltrate sensitive data.
Research
Security News
Attackers used a malicious npm package typosquatting a popular ESLint plugin to steal sensitive data, execute commands, and exploit developer systems.
Security News
The Ultralytics' PyPI Package was compromised four times in one weekend through GitHub Actions cache poisoning and failure to rotate previously compromised API tokens.