Product
Rust Support Now in Beta
Socket's Rust support is moving to Beta: all users can scan Cargo projects and generate SBOMs, including Cargo.toml-only crates, with Rust-aware supply chain checks.
By Mikola Lysenko, Trevor Norris - Sep 11, 2025
koa-weixin-jssdk
Advanced tools
koa-weixin-jssdk
koa weixin jssdk middleware
Quick Start
import koa from 'koa';
import weixinJSSDK from '../src';
const port = process.env.PORT || 3000;
const app = koa();
app.use(weixinJSSDK({
appId: '<YOUR_APP_ID>', // [required] weixin-jssdk app id
secret: '<YOUR_SECRET>', // weixin-jssdk secret
pathName: '/jssdk', // [optional] eg: http://imyourfather.com/jssdk
onError: (err, ctx, next) => {
console.error(err);
ctx.body = 'error';
},
}));
app.listen(port);
Advanced Usage
Custom store access_token and ticket
By default, it would cache access_token and ticket in runtime memory, but you can store them in somewhere else.
app.use(weixinJSSDK({
appId: '<YOUR_APP_ID>',
secret: '<YOUR_SECRET>',
async onGetToken(url) {
return redis.getAsync('ACCESS_TOKEN'); // this is an example
},
async onSetToken(token, expiresIn) {
return redis.setSync('ACCESS_TOKEN', token, { expiresIn });
},
async onGetTicket(url) {
return redis.getAsync('TICKET');
},
async onSetTicket(ticket, expiresIn) {
return redis.setSync('TICKET', ticket, { expiresIn });
},
// other configs...
}));
Third-party weixin service
Maybe you already have a Third-party weixin service and have a access token, you could use custom fetchTicket or fetchToken function instead of secret.
app.use(weixinJSSDK({
appId: '<YOUR_APP_ID>', // [required]
async fetchToken() {
// await fetch(...)
return { access_token: '<MY_ACCESS_TOKEN>', expires_in: 7200 };
},
// other configs...
}));
Or fetchTicket
app.use(weixinJSSDK({
appId: '<YOUR_APP_ID>', // [required]
async fetchTicket() {
// await fetch(...)
return { ticket: 'TICKET', expires_in: 7200 };
},
// other configs...
}));
Installation
Using npm:
$ npm install koa-weixin-jssdk --save
License
MIT
FAQs
Koa weixin jssdk middleware
We found that koa-weixin-jssdk demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Package last updated on 01 Apr 2019
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Related posts
Product
Announcing Socket Fix 2.0
Socket Fix 2.0 brings targeted CVE remediation, smarter upgrade planning, and broader ecosystem support to help developers get to zero alerts.
By Martin Torp, John-David Dalton, Jeppe Fredsgaard Blaabjerg, Benjamin Barslev, Oskar Haarklou Veileborg - Sep 10, 2025
Security News
Feross on Risky Business Weekly Podcast: npm’s Ongoing Supply Chain Attacks
Socket CEO Feross Aboukhadijeh joins Risky Business Weekly to unpack recent npm phishing attacks, their limited impact, and the risks if attackers get smarter.
By Sarah Gooding - Sep 10, 2025