HaHafeng
66255368b7
Features - User Management (Phase 4.1): - Database: Add user_modules table for fine-grained module permissions - Database: Add 4 user permissions (view/create/edit/delete) to role_permissions - Backend: UserService (780 lines) - CRUD with tenant isolation - Backend: UserController + UserRoutes (648 lines) - 13 API endpoints - Backend: Batch import users from Excel - Frontend: UserListPage (412 lines) - list/filter/search/pagination - Frontend: UserFormPage (341 lines) - create/edit with module config - Frontend: UserDetailPage (393 lines) - details/tenant/module management - Frontend: 3 modal components (592 lines) - import/assign/configure - API: GET/POST/PUT/DELETE /api/admin/users/* endpoints Architecture Upgrade - Module Permission System: - Backend: Add getUserModules() method in auth.service - Backend: Login API returns modules array in user object - Frontend: AuthContext adds hasModule() method - Frontend: Navigation filters modules based on user.modules - Frontend: RouteGuard checks requiredModule instead of requiredVersion - Frontend: Remove deprecated version-based permission system - UX: Only show accessible modules in navigation (clean UI) - UX: Smart redirect after login (avoid 403 for regular users) Fixes: - Fix UTF-8 encoding corruption in ~100 docs files - Fix pageSize type conversion in userService (String to Number) - Fix authUser undefined error in TopNavigation - Fix login redirect logic with role-based access check - Update Git commit guidelines v1.2 with UTF-8 safety rules Database Changes: - CREATE TABLE user_modules (user_id, tenant_id, module_code, is_enabled) - ADD UNIQUE CONSTRAINT (user_id, tenant_id, module_code) - INSERT 4 permissions + role assignments - UPDATE PUBLIC tenant with 8 module subscriptions Technical: - Backend: 5 new files (~2400 lines) - Frontend: 10 new files (~2500 lines) - Docs: 1 development record + 2 status updates + 1 guideline update - Total: ~4900 lines of code Status: User management 100% complete, module permission system operational
181 lines
3.9 KiB
Markdown
181 lines
3.9 KiB
Markdown
# 微信服务号配置错误修复(200002)
|
||
|
||
## ❌ 错误信息
|
||
```
|
||
检查消息推送配置失败: invalid args, 200002
|
||
```
|
||
|
||
## 🔍 问题原因
|
||
EncodingAESKey格式不符合微信服务号要求。
|
||
|
||
## ✅ 解决方案(2选1)
|
||
|
||
### 方案1:使用微信平台随机生成(推荐⭐)
|
||
|
||
**步骤:**
|
||
|
||
1. 在微信公众平台配置页面
|
||
2. **EncodingAESKey字段不要手动输入**
|
||
3. 点击右侧的 **"随机生成"** 按钮
|
||
4. 微信会自动生成43位密钥,例如:
|
||
```
|
||
abcdefghijklmnopqrstuvwxyz0123456789ABCDEFG
|
||
```
|
||
5. **复制这个生成的密钥**
|
||
6. 填写完整配置:
|
||
```
|
||
URL: https://devlocal.xunzhengyixue.com/api/v1/iit/patient-wechat/callback
|
||
Token: IitPatientWechat2026JanToken
|
||
EncodingAESKey: [点击随机生成后复制的密钥]
|
||
消息加解密方式: 安全模式
|
||
```
|
||
7. 点击 **"提交"** 验证
|
||
8. **验证成功后**,复制微信生成的EncodingAESKey到 `.env` 文件:
|
||
```env
|
||
WECHAT_MP_ENCODING_AES_KEY=[微信生成的密钥]
|
||
```
|
||
9. **重启后端服务**(重要!)
|
||
|
||
---
|
||
|
||
### 方案2:使用OpenSSL生成(备选)
|
||
|
||
如果方案1不行,使用OpenSSL生成标准Base64密钥:
|
||
|
||
**Windows(PowerShell):**
|
||
```powershell
|
||
# 生成Base64格式的43位密钥
|
||
$bytes = [System.Security.Cryptography.RandomNumberGenerator]::GetBytes(32)
|
||
$base64 = [Convert]::ToBase64String($bytes)
|
||
$key = $base64.Substring(0, 43)
|
||
Write-Host "EncodingAESKey: $key"
|
||
```
|
||
|
||
**或者使用在线工具:**
|
||
1. 访问:https://www.base64encode.org/
|
||
2. 生成32字节随机数据
|
||
3. Base64编码
|
||
4. 截取前43位
|
||
|
||
---
|
||
|
||
## 📋 完整配置流程(推荐)
|
||
|
||
### Step 1: 使用微信平台生成密钥
|
||
|
||
1. 登录微信公众平台
|
||
2. 进入:设置与开发 → 基本配置 → 服务器配置
|
||
3. 点击"修改配置"
|
||
4. 填写以下信息:
|
||
|
||
| 字段 | 值 |
|
||
|-----|-----|
|
||
| URL | `https://devlocal.xunzhengyixue.com/api/v1/iit/patient-wechat/callback` |
|
||
| Token | `IitPatientWechat2026JanToken` |
|
||
| EncodingAESKey | **点击"随机生成"** 然后复制生成的密钥 |
|
||
| 消息加解密方式 | 安全模式(推荐) |
|
||
|
||
### Step 2: 提交验证
|
||
|
||
1. 点击"提交"
|
||
2. 微信会发送GET请求验证
|
||
3. 应该显示"配置成功"
|
||
|
||
### Step 3: 更新.env文件
|
||
|
||
编辑 `backend/.env`,替换EncodingAESKey:
|
||
|
||
```env
|
||
# 原来的(有问题)
|
||
# WECHAT_MP_ENCODING_AES_KEY=7yK9mN4pQ2wX5vL8hG3jR6tU1nB0cF9eM7aZ4xS2dY5
|
||
|
||
# 新的(从微信平台复制的)
|
||
WECHAT_MP_ENCODING_AES_KEY=微信生成的43位密钥
|
||
```
|
||
|
||
### Step 4: 重启后端服务
|
||
|
||
```bash
|
||
# 停止当前服务(Ctrl+C)
|
||
# 重新启动
|
||
cd D:\MyCursor\AIclinicalresearch\backend
|
||
npm run dev
|
||
```
|
||
|
||
### Step 5: 启用配置
|
||
|
||
返回微信公众平台,点击"启用"按钮
|
||
|
||
---
|
||
|
||
## 🧪 验证配置是否正确
|
||
|
||
### 方法1:查看后端日志
|
||
|
||
应该看到类似日志:
|
||
```
|
||
📥 收到微信服务号 URL 验证请求
|
||
✅ URL 验证成功,返回 echostr
|
||
```
|
||
|
||
### 方法2:测试关注事件
|
||
|
||
1. 微信扫码关注公众号
|
||
2. 查看后端日志是否有:
|
||
```
|
||
📥 收到微信服务号回调消息
|
||
🔐 检测到加密消息,开始解密...
|
||
✅ 消息解密成功
|
||
👤 用户关注公众号
|
||
```
|
||
|
||
---
|
||
|
||
## ⚠️ 注意事项
|
||
|
||
1. ✅ **EncodingAESKey必须与微信平台配置完全一致**
|
||
2. ✅ **修改.env后必须重启服务**
|
||
3. ✅ **Token保持不变**:`IitPatientWechat2026JanToken`
|
||
4. ✅ **推荐使用微信平台的"随机生成"功能**
|
||
|
||
---
|
||
|
||
## 💡 为什么会出现这个错误?
|
||
|
||
微信服务号对EncodingAESKey的格式有严格要求:
|
||
- 必须是43位
|
||
- 必须符合Base64字符集(A-Z, a-z, 0-9, +, /)
|
||
- 我之前生成的密钥只包含字母和数字,缺少+和/,不符合标准
|
||
|
||
微信平台的"随机生成"功能会自动生成符合标准的密钥,所以推荐使用。
|
||
|
||
---
|
||
|
||
**立即行动:**
|
||
1. 进入微信公众平台配置页面
|
||
2. 点击"随机生成"EncodingAESKey
|
||
3. 提交配置
|
||
4. 复制密钥到.env
|
||
5. 重启服务
|
||
|
||
**预计用时:3分钟**
|
||
|
||
|
||
|
||
|
||
|
||
|
||
|
||
|
||
|
||
|
||
|
||
|
||
|
||
|
||
|
||
|
||
|
||
|
||
|