Develop/AIclinicalresearch
2
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
36ce1bbcb2216d1d65b7c3c369b2da00b49dea9e
AIclinicalresearch/backend/WECHAT_ENV_CONFIG.md
HaHafeng 36ce1bbcb2 feat(iit): Complete Day 3 - WeChat Work integration and URL verification 
Summary:
- Implement WechatService (314 lines, push notifications)
- Implement WechatCallbackController (501 lines, async reply mode)
- Complete iit_quality_check Worker with WeChat notifications
- Configure WeChat routes (GET + POST /wechat/callback)
- Configure natapp tunnel for local development
- WeChat URL verification test passed

Technical Highlights:
- Async reply mode to avoid 5-second timeout
- Message encryption/decryption using @wecom/crypto
- Signature verification using getSignature
- natapp tunnel: https://iit.nat100.top
- Environment variables configuration completed

Technical Challenges Solved:
- Fix environment variable naming (WECHAT_CORP_SECRET)
- Fix @wecom/crypto import (createRequire for CommonJS)
- Fix decrypt function parameters (2 params, not 4)
- Fix Token character recognition (lowercase l vs digit 1)
- Regenerate EncodingAESKey (43 chars, correct format)
- Configure natapp for internal network penetration

Test Results:
- WeChat developer tool verification: PASSED
- Return status: request success
- HTTP 200, decrypted 23 characters correctly
- Backend logs: URL verification successful

Documentation:
- Add Day3 WeChat integration development record
- Update MVP development task list (Day 2-3 completed)
- Update module status guide (v1.2 -> v1.3)
- Overall completion: 35% -> 50%

Progress:
- Module completion: 35% -> 50%
- Day 3 development: COMPLETED
- Ready for end-to-end testing (REDCap -> WeChat)
2026-01-03 00:13:36 +08:00

162 lines
4.8 KiB
Markdown
Raw Blame History

This file contains ambiguous Unicode characters
This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.
# 企业微信环境变量配置说明
## 📋 必需的环境变量
`backend/.env` 文件中添加以下配置:
```env
# ==========================================
# 企业微信配置
# ==========================================
# 企业微信基础配置(应用信息)
WECHAT_CORP_ID=ww6ab493470ab4f377
WECHAT_AGENT_ID=1000002
WECHAT_CORP_SECRET=AZIVxMtoLb0rEszXS81e4dBRl-I9kgTjygIS0cFfENU
# 企业微信回调配置(消息加解密)
WECHAT_TOKEN=oX1RBm1YnvMy2SbDLbvAdDd5Gq3oBGq
WECHAT_ENCODING_AES_KEY=zE4tcdBeekCHPUV015jCh9RVUydnCITINqSmCzg9xtO
```
## 📝 配置项说明
### 1. WECHAT_CORP_ID
- **说明**企业微信的企业ID
- **获取方式**:企业微信管理后台 → 我的企业 → 企业信息 → 企业ID
- **当前值**`ww6ab493470ab4f377`
### 2. WECHAT_AGENT_ID
- **说明**应用的AgentID
- **获取方式**:企业微信管理后台 → 应用管理 → IIT Manager Agent → AgentId
- **当前值**`1000002`
- **应用名称**`IIT Manager Agent`
### 3. WECHAT_CORP_SECRET
- **说明**应用的Secret用于获取access_token
- **获取方式**:企业微信管理后台 → 应用管理 → IIT Manager Agent → Secret
- **当前值**`AZIVxMtoLb0rEszXS81e4dBRl-I9kgTjygIS0cFfENU`
- **⚠️ 安全提示**Secret 非常重要,切勿泄露
### 4. WECHAT_TOKEN
- **说明**消息回调的Token用于验证签名
- **获取方式**:企业微信管理后台 → 应用管理 → IIT Manager Agent → 接收消息 → 点击"随机获取"
- **当前值**`oXlRBm1YnvMy2SbDLbvAdDd5Gq3oBGq`
### 5. WECHAT_ENCODING_AES_KEY
- **说明**消息加解密密钥43位字符
- **获取方式**:企业微信管理后台 → 应用管理 → IIT Manager Agent → 接收消息 → 点击"随机获取"
- **当前值**`zE4tcdBeekCHPUV015jCh9RVUydnCITINqSmCzg9xtO`
## 🔧 企业微信回调URL配置
### 本地开发natapp
```
回调URL: https://iit.nat100.top/api/v1/iit/wechat/callback
Token: oXlRBm1YnvMy2SbDLbvAdDd5Gq3oBGq
EncodingAESKey: zE4tcdBeekCHPUV015jCh9RVUydnCITINqSmCzg9xtO
```
### 生产环境SAE
```
回调URL: https://iit.xunzhengyixue.com/api/v1/iit/wechat/callback
Token: oXlRBm1YnvMy2SbDLbvAdDd5Gq3oBGq
EncodingAESKey: zE4tcdBeekCHPUV015jCh9RVUydnCITINqSmCzg9xtO
```
## ⚠️ 重要提示
1. **IP白名单**(生产环境必需)
- SAE NAT网关EIP`182.92.176.14`
- 需要在企业微信后台配置为"企业可信IP"
- 位置:企业微信管理后台 → 应用管理 → IIT Manager Agent → 企业可信IP
2. **natapp隧道**(本地开发)
- 确保natapp隧道正常运行`http://iit.nat100.top`
- 后端服务监听:`http://localhost:3001`
3. **环境变量加载**
- 修改 `.env` 文件后,需要**重启后端服务**
- 验证方法:查看后端启动日志是否显示"✅ 企业微信服务初始化成功"
## 🚀 验证配置
### 步骤1检查后端日志
启动后端服务后,应该看到:
```
✅ 企业微信服务初始化成功
✅ 企业微信回调控制器初始化成功
Registered route: GET /api/v1/iit/wechat/callback
Registered route: POST /api/v1/iit/wechat/callback
```
### 步骤2访问健康检查
```bash
curl https://iit.nat100.top/api/v1/iit/health
```
预期返回:
```json
{
"status": "ok",
"module": "iit-manager",
"version": "1.1.0",
"timestamp": "2026-01-02T14:30:00.000Z"
}
```
### 步骤3保存企业微信回调配置
在企业微信后台点击"保存",如果配置正确:
- ✅ 企业微信会发送GET请求验证URL
- ✅ 后端会解密echostr并返回
- ✅ 显示"保存成功"
## 📞 常见问题
### Q1: 保存回调URL时提示"URL验证失败"
**可能原因**
1. 后端服务未启动或无法访问
2. natapp隧道未运行
3. 环境变量配置错误Token或EncodingAESKey不匹配
**解决方法**
1. 检查后端日志是否有错误
2. 确认natapp状态`http://iit.nat100.top/api/v1/iit/health`
3. 检查 `.env` 文件中的Token和EncodingAESKey
### Q2: 收不到企业微信消息
**可能原因**
1. 回调URL未保存成功
2. 消息类型未勾选(文本消息、支付且退款通知等)
3. 用户未关注应用
**解决方法**
1. 确认回调URL已保存成功
2. 检查"选择需要接收的消息事件类型"是否勾选了对应类型
3. 用户在企业微信中打开应用
### Q3: 发送消息提示"invalid user"
**可能原因**
1. 用户UserID不存在
2. 用户未在应用的可见范围内
**解决方法**
1. 确认UserID正确企业微信后台查看
2. 检查应用的可见范围设置
## 📚 相关文档
- [企业微信API文档](https://developer.work.weixin.qq.com/document/path/90664)
- [企业微信消息加解密说明](https://developer.work.weixin.qq.com/document/path/90968)
- [最小MVP闭环开发计划](../docs/03-业务模块/IIT Manager Agent/04-开发计划/最小MVP闭环开发计划.md)
Reference in New Issue View Git Blame Copy Permalink