Initial commit: 浼佷笟寰俊 AI 鏈哄櫒浜哄姪鐞?MVP

Co-authored-by: Cursor <cursoragent@cursor.com>
2026-02-05 16:36:32 +08:00
commit 59275ed4dc
126 changed files with 9120 additions and 0 deletions
--- a/backend/tests/test_wecom.py
+++ b/backend/tests/test_wecom.py
@@ -0,0 +1,26 @@
+"""企业微信回调验签逻辑测试（不依赖真实 Token/Key）。"""
+import pytest
+from unittest.mock import patch
+
+from app.services.wecom_crypto import (
+    verify_signature,
+    verify_and_decrypt_echostr,
+    _sha1,
+)
+
+
+def test_sha1():
+    h = _sha1("abc")
+    assert len(h) == 40
+    assert h == "a9993e364706816aba3e25717850c26c9cd0d89d"
+
+
+def test_verify_signature():
+    # 用固定 token 时，签名为 sha1(sort(token, ts, nonce, encrypt))
+    with patch("app.services.wecom_crypto.settings") as s:
+        s.wecom_token = "mytoken"
+        lst = ["mytoken", "123", "456", "echostr"]
+        lst.sort()
+        expected = _sha1("".join(lst))
+        assert verify_signature(expected, "123", "456", "echostr") is True
+        assert verify_signature("wrong", "123", "456", "echostr") is False