mpauthx
Advanced tools
Comparing version 1.3.0 to 1.3.1
13
index.js
@@ -148,11 +148,5 @@ const constants = require('./core/constants.js'); | ||
console.log(jsonRes); | ||
// get session key | ||
var online_sessionKey = jsonRes.session_key; | ||
var online_openIdOrUnionIdIfAvailable = jsonRes.openid; | ||
// support union id as well, in case the app is configured and bound to support it | ||
if (jsonRes.unionid != null) { | ||
// use unionid instead | ||
// this will also make use insert unionid in db | ||
online_openIdOrUnionIdIfAvailable = jsonRes.unionid; | ||
} | ||
@@ -180,3 +174,4 @@ // 2. It will extract openId from those input offline using appId + sessionKey + encryptedData + iv. | ||
// 3. Check whether two openId matches, if not response with error. Otherwise continue. | ||
if (online_openIdOrUnionIdIfAvailable !== offline_openIdOrUnionIdIfAvailable) { | ||
// we just check open id pair (not union id) as if someone not follow official account, then its union id won't be present | ||
if (jsonRes.openId !== data.openId) { | ||
console.log('OpenID or UnionID not match'); | ||
@@ -183,0 +178,0 @@ // reject with error object |
{ | ||
"name": "mpauthx", | ||
"version": "1.3.0", | ||
"version": "1.3.1", | ||
"description": "Token giver for Users logged in to WeChat Mini-program. Based on top of redis for fast token checking/access, and sqlite3 for flexible user db storage.", | ||
@@ -5,0 +5,0 @@ "main": "index.js", |
@@ -98,2 +98,18 @@ # mpauthx | ||
* `refreshToken(userId)` - request to refresh token for input user id (which represents either openid or unionid) | ||
Return `Promise` object. Success will contain a new generated and assigned access token for such user. | ||
```javascript | ||
{ | ||
status_code: <number>, | ||
status_message: <sring>, | ||
response: <string> // your new access token | ||
} | ||
``` | ||
Otherwise failure will contains `Error` object. | ||
`userId` as input should be known from client side as they should persist such value and always try to use such access token in API request before automatically detected by API if it needs to be re-generated. | ||
* `extractOpenId(token)` - extract openId part of specified token | ||
@@ -100,0 +116,0 @@ |
45644
136
725