Spaces:

airsltd
/

ai-edu-api

Sleeping

geqintan commited on Jul 27, 2025

Commit

83a19e7

1 Parent(s): 3399ae9

update

Files changed (1) hide show

app.py CHANGED Viewed

@@ -527,28 +527,33 @@ def greet_json():
 WECHAT_TOKEN="Rzwl2024"
 @app.get("/token")
 async def wechat_token_check(
-    signature: str = Query(...),
-    timestamp: str = Query(...),
-    nonce: str = Query(...),
-    echostr: str = Query(...),
 ):
-    token = WECHAT_TOKEN
-    print (f'signature: {signature}')
-    print (f'timestamp: {timestamp}')
-    print (f'nonce: {nonce}')
-    print (f'echostr: {echostr}')
-    print (f'token: {token}')
-    tmp_list = sorted([token, timestamp, nonce])
     tmp_str = "".join(tmp_list)
     sha1 = hashlib.sha1()
     sha1.update(tmp_str.encode("utf-8"))
     hashcode = sha1.hexdigest()
-    return echostr
     if hashcode == signature:
-        return echostr  # 校验成功，返回 echostr
     else:
-        return {"error": "Invalid signature"}  # 校验失败
 app.include_router(api_router)

 WECHAT_TOKEN="Rzwl2024"
 @app.get("/token")
 async def wechat_token_check(
+    signature: str = Query(..., description="微信加密签名"),
+    timestamp: str = Query(..., description="时间戳"),
+    nonce: str = Query(..., description="随机数"),
+    echostr: str = Query(..., description="验证字符串"),
 ):
+    # 1. 参数排序与拼接
+    tmp_list = sorted([WECHAT_TOKEN, timestamp, nonce])
     tmp_str = "".join(tmp_list)
+    # 2. SHA1加密生成签名
     sha1 = hashlib.sha1()
     sha1.update(tmp_str.encode("utf-8"))
     hashcode = sha1.hexdigest()
+    # 3. 调试日志（可选）
+    print(f"token: {WECHAT_TOKEN}, timestamp: {timestamp}, nonce: {nonce}")
+    print(f"生成签名: {hashcode}, 微信签名: {signature}")
+    # 4. 校验签名并返回结果
     if hashcode == signature:
+        return echostr  # 校验成功，返回echostr
     else:
+        # 校验失败返回401错误[4](@ref)[5](@ref)
+        raise HTTPException(
+            status_code=401,
+            detail="签名验证失败",
+            headers={"WWW-Authenticate": "Bearer"}
+        )
 app.include_router(api_router)