the code flow goes like this:
- the front end calls
wx.checkSession ()
to determine whether the Sessionkey is invalid. If it fails, callwx.login ()
and pass the login credential code to the backend. - the backend acquires the new Sessionkey, according to the credential and stores it in the database (updating the data in the database);
- the encrypted data obtained from the front end is passed to the back end for decryption.
- the backend fetches the latest Sessionkey, from the database and decrypts it according to the official method. After successful decryption, the data is transmitted to the front end.
but it is very strange that it can be decrypted normally on the first day, and an error code of-41003 will be returned on the second day:
//
$result=openssl_decrypt( $aesCipher, "AES-128-CBC", $aesKey, 1, $aesIV);
$dataObj=json_decode( $result );
if( $dataObj == NULL ) {
return array(
"code"=>-41003,
"msg"=>"aes :".$sessionKey
);
}
debug process
- attempt to refresh Sessionkey, directly without calling
wx.checkSession ()
still fails; - the backend Sessionkey is indeed up-to-date, and the database is updated every time it is refreshed.
- the Sessionkey used for decryption is consistent with the latest data in the database;
Strange points
use the clear cache function in the upper right corner of the Wechat developer tool. After all the clicks are cleared, you can decrypt it correctly. But it won"t work again tomorrow (or after a while).
what is the problem of solving?