Research
Security News
Quasar RAT Disguised as an npm Package for Detecting Vulnerabilities in Ethereum Smart Contracts
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
@dcloudio/uni-account
Advanced tools
uniAccount
是一个适用于多端的用户身份管理工具。uniAccount
内部对不同平台的 api 进行了拉齐,有助于开发者更方便的调用相关功能。
开发者可以自行选择是从插件市场导入还是从 npm 安装,引入方式略有不同,请看下面示例
// 插件市场导入
const uniAccount = require('uni-account')
// npm安装
const uniAccount = require('@dcloudio/uni-account')
进行初始化操作返回 uniAccount 实例
入参说明
参数名 | 类型 | 默认值 | 必填 | 说明 |
---|---|---|---|---|
appId | String | - | 是 | 小程序 ID |
secret | String | - | - | 小程序密钥 |
timeout | Number | 5000 | 否 | 请求超时时间,单位:毫秒 |
const uniAccountIns = uniAccount.initWeixin({
appId,
secret,
})
入参说明
参数名 | 类型 | 默认值 | 必填 | 说明 |
---|---|---|---|---|
appId | String | - | 是 | 小程序 ID |
privateKey | String | - | 是 | 小程序应用私钥 |
timeout | Number | 5000 | 否 | 请求超时时间,单位:毫秒 |
const uniAccountIns = uniAccount.initAlipay({
appId,
privateKey,
})
uniAccountIns.code2Session
。传入uni.login
返回的code
来获取用户 openid 等信息
入参说明
参数名 | 类型 | 默认值 | 必填 | 说明 |
---|---|---|---|---|
code | String | - | 是 | uni.login 获取的用户 code |
返回值说明
属性 | 类型 | 说明 | 支持平台 |
---|---|---|---|
openid | String | 用户唯一标识 | 支付宝小程序、微信小程序 |
sessionKey | String | 会话密钥 | 微信小程序 |
unionid | String | 用户唯一标识符 | 微信小程序 |
注意
示例代码
const { openid } = await uniAccountIns.code2Session(code)
FAQs
uniAccount from uniCloud
The npm package @dcloudio/uni-account receives a total of 3 weekly downloads. As such, @dcloudio/uni-account popularity was classified as not popular.
We found that @dcloudio/uni-account demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 5 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
Security News
Research
A supply chain attack on Rspack's npm packages injected cryptomining malware, potentially impacting thousands of developers.
Research
Security News
Socket researchers discovered a malware campaign on npm delivering the Skuld infostealer via typosquatted packages, exposing sensitive data.