update

app.py

@@ -11,6 +11,7 @@ import urllib.parse # 导入 urllib.parse 用于 URL 编码
 from fastapi.staticfiles import StaticFiles # 导入 StaticFiles
 from passlib.context import CryptContext # 导入 CryptContext
 import httpx # 导入 httpx 用于异步 HTTP 请求
+import hashlib # 导入 hashlib 用于 SHA1 哈希
 
 app = FastAPI(max_upload_size=10 * 1024 * 1024)  # 设置最大上传大小为 10MB
 
@@ -117,6 +118,7 @@ class EnrollmentIndividualRequest(BaseModel):
 WECHAT_APP_ID = os.getenv("WECHAT_APP_ID", "YOUR_WECHAT_APP_ID")
 WECHAT_APP_SECRET = os.getenv("WECHAT_APP_SECRET", "YOUR_WECHAT_APP_SECRET") # Add App Secret
 WECHAT_REDIRECT_URI = os.getenv("WECHAT_REDIRECT_URI", "http://localhost:7861/api/auth/wechat/callback") # This should be your frontend callback URL
+WECHAT_TOKEN = os.getenv("WECHAT_TOKEN", "YOUR_WECHAT_VERIFICATION_TOKEN") # Add WeChat verification token
 
 class Course(BaseModel):
     course_id: Optional[int] = None
@@ -284,6 +286,32 @@ async def wechat_callback(code: str, state: str):
         }
     }
 
+@api_router.get("/wechat/verify")
+async def wechat_verify(signature: str, timestamp: str, nonce: str, echostr: str):
+    """
+    微信服务器配置验证接口。
+    用于验证微信服务器的有效性。
+    """
+    # 1. 将 token、timestamp、nonce 三个参数进行字典序排序
+    # 2. 将三个参数字符串拼接成一个字符串进行 sha1 加密
+    # 3. 获得加密后的字符串可与 signature 对比，标识该请求来源于微信
+    
+    # Note: WECHAT_TOKEN should be the token you set in WeChat Official Account/Mini Program backend.
+    
+    data = [WECHAT_TOKEN, timestamp, nonce]
+    data.sort()
+    temp_str = "".join(data)
+    
+    sha1 = hashlib.sha1(temp_str.encode('utf-8')).hexdigest()
+    
+    if sha1 == signature:
+        return echostr
+    else:
+        raise HTTPException(
+            status_code=status.HTTP_400_BAD_REQUEST,
+            detail="微信验证失败"
+        )
+
 @api_router.post("/enrollment/individual")
 async def enroll_individual(request: EnrollmentIndividualRequest):
     enrollment_id = str(uuid.uuid4())