← 返回 Skills 市场
63
总下载
0
收藏
0
当前安装
1
版本数
在 OpenClaw 中安装
/install china-auth-integration
功能描述
Implement Chinese authentication systems including WeChat Login, Alipay Login, phone SMS verification, and real-name verification (实名认证). Teach AI agents how...
使用说明 (SKILL.md)
China Auth Integration - 中国认证集成专家
You are an expert at implementing authentication systems for Chinese applications. You handle WeChat Login, Alipay Login, phone SMS verification, and real-name verification — the four pillars of Chinese user authentication.
Core Philosophy
In China, email/password login is secondary. Users expect WeChat scan-to-login or phone SMS verification. If you don't support these, you lose 80% of potential users.
Auth Method Priority
| Method | User Preference | Implementation Complexity | Trust Level |
|---|---|---|---|
| WeChat Login | ⭐⭐⭐⭐⭐ | Medium | High (verified identity) |
| Phone SMS | ⭐⭐⭐⭐ | Low | Medium (SIM-based) |
| Alipay Login | ⭐⭐⭐ | Medium | High (real-name verified) |
| Email/Password | ⭐⭐ | Low | Low (anonymous) |
Workflow 1: WeChat OAuth2 Login
Web Application (PC)
Step 1: Redirect to WeChat
GET https://open.weixin.qq.com/connect/qrconnect?
appid=APPID&
redirect_uri=REDIRECT_URI&
response_type=code&
scope=snsapi_login&
state=STATE
Step 2: User scans QR code with WeChat
Step 3: WeChat redirects back with code
REDIRECT_URI?code=CODE&state=STATE
Step 4: Exchange code for access_token
GET https://api.weixin.qq.com/sns/oauth2/access_token?
appid=APPID&
secret=SECRET&
code=CODE&
grant_type=authorization_code
Step 5: Get user info
GET https://api.weixin.qq.com/sns/userinfo?
access_token=ACCESS_TOKEN&
openid=OPENID&
lang=zh_CN
Mini Program Login
// Frontend (Mini Program)
wx.login({
success: (res) => {
// res.code → send to your backend
wx.request({
url: 'https://your-api.com/auth/wechat/miniprogram',
method: 'POST',
data: { code: res.code }
})
}
})
// Backend (Node.js)
const axios = require('axios')
async function wechatMiniProgramLogin(code) {
// Step 1: Exchange code for session_key + openid
const { data } = await axios.get(
'https://api.weixin.qq.com/sns/jscode2session',
{
params: {
appid: process.env.WX_APPID,
secret: process.env.WX_SECRET,
js_code: code,
grant_type: 'authorization_code'
}
}
)
// data: { openid, session_key, unionid? }
// Step 2: Find or create user by openid
let user = await User.findOne({ wechatOpenid: data.openid })
if (!user) {
user = await User.create({ wechatOpenid: data.openid })
}
// Step 3: Generate JWT
const token = jwt.sign({ userId: user._id }, JWT_SECRET, { expiresIn: '7d' })
return { token, user }
}
Mobile App Login
// iOS/Android → WeChat SDK → get code → backend exchange
// Same flow as web, but uses SDK instead of QR code
// User taps "微信登录" → WeChat app opens → auto-redirect back with code
Workflow 2: Phone SMS Verification
Provider Comparison
| Provider | Price/条 | Reliability | Speed | Best For |
|---|---|---|---|---|
| 阿里云SMS | ¥0.045 | ⭐⭐⭐⭐⭐ | \x3C3s | Production |
| 腾讯云SMS | ¥0.045 | ⭐⭐⭐⭐⭐ | \x3C3s | Production |
| 华为云SMS | ¥0.04 | ⭐⭐⭐⭐ | \x3C5s | Alternative |
| 容联云 | ¥0.04 | ⭐⭐⭐ | \x3C5s | Budget |
Implementation (Alibaba Cloud SMS)
const Core = require('@alicloud/pop-core')
const client = new Core({
accessKeyId: process.env.ALI_ACCESS_KEY,
accessKeySecret: process.env.ALI_ACCESS_SECRET,
endpoint: 'https://dysmsapi.aliyuncs.com',
apiVersion: '2017-05-25'
})
async function sendSMS(phone, code) {
const result = await client.request('SendSms', {
PhoneNumbers: phone, // +8613800138000
SignName: '你的应用名', // Must be approved
TemplateCode: 'SMS_123456', // Must be approved
TemplateParam: JSON.stringify({ code })
}, { method: 'POST' })
return result.Code === 'OK'
}
// Rate limiting: 1 SMS per minute per phone, 5 per hour
const smsLimiter = {
window: 60, // seconds
maxPerWindow: 1,
maxPerHour: 5,
maxPerDay: 10
}
Verification Flow
// 1. Generate 6-digit code
function generateCode() {
return Math.floor(100000 + Math.random() * 900000).toString()
}
// 2. Store in Redis with TTL
await redis.setex(`sms:${phone}`, 300, code) // 5 min TTL
// 3. Verify
async function verifyCode(phone, inputCode) {
const storedCode = await redis.get(`sms:${phone}`)
if (!storedCode) return { valid: false, reason: 'expired' }
if (storedCode !== inputCode) return { valid: false, reason: 'wrong' }
await redis.del(`sms:${phone}`) // One-time use
return { valid: true }
}
Workflow 3: Real-Name Verification (实名认证)
Two-Factor Verification
Level 1: ID card number + name (基础实名)
→ Check against public security database
→ Cost: ¥0.8-2.0 per check
→ Providers: 阿里云/腾讯云/百度云
Level 2: ID card + face recognition (增强实名)
→ ID check + liveness detection + face comparison
→ Cost: ¥1.5-5.0 per check
→ Required for: financial, healthcare, education apps
Implementation
// Level 1: ID Card Verification (阿里云)
async function verifyIdCard(name, idNumber) {
const client = new Core({ /* ... */ })
const result = await client.request('VerifyIdCard', {
Name: name, // 张三
IdCardNumber: idNumber // 110101199001011234
})
return result.Result === '1' // 1=match, 0=no match
}
// Level 2: Face Recognition (腾讯云)
async function verifyFace(idCardImage, selfieImage) {
const result = await tencentCloudClient.request('CompareFace', {
ImageA: idCardImage, // Base64 ID card photo
ImageB: selfieImage, // Base64 selfie
QualityControl: 1 // Enable quality check
})
return result.Similarity > 80 // >80 = same person
}
When Real-Name is Required
| Scenario | Level Required | Regulation |
|---|---|---|
| Social features (comment/post) | Level 1 | 网络安全法 |
| Financial services | Level 2 | 金融监管 |
| Healthcare | Level 2 | 医疗法规 |
| Education | Level 1 | 教育部规定 |
| E-commerce (seller) | Level 1 | 电商法 |
| Live streaming (host) | Level 2 | 网信办规定 |
| Gaming (anti-addiction) | Level 1 | 版署规定 |
Workflow 4: Unified Multi-Method Auth Interface
// Unified auth endpoint
router.post('/auth/:method', async (req, res) => {
const { method } = req.params
switch (method) {
case 'wechat':
// WeChat OAuth2 flow
return handleWechatLogin(req, res)
case 'phone':
// SMS verification
return handlePhoneLogin(req, res)
case 'alipay':
// Alipay OAuth2 flow
return handleAlipayLogin(req, res)
default:
return res.status(400).json({ error: 'Unsupported method' })
}
})
// Account linking: same user can have multiple auth methods
// User schema:
{
phone: '+8613800138000',
wechatOpenid: 'oXXXX',
wechatUnionid: 'uXXXX', // Cross-app identity
alipayUserId: '2088XXXX',
realNameVerified: false,
realNameLevel: 0 // 0=none, 1=ID, 2=ID+face
}
Safety Rules
- Never store SMS codes in database — use Redis with TTL only
- Rate limit SMS — 1/min, 5/hour, 10/day per phone number
- Encrypt ID numbers — never store in plaintext
- Session security — use httpOnly + secure + sameSite cookies
- WeChat session_key — never expose to frontend, use for data decryption only
- Phone format — always include country code (+86) for international compatibility
- Compliance — PIPL requires separate consent for collecting ID/phone data
- Audit log — log all auth events for security review
Quick Reference
| Auth Method | Prerequisites | Key API | User Data Returned |
|---|---|---|---|
| WeChat Web | MP account + 网页授权 | open.weixin.qq.com/connect/qrconnect | openid, nickname, avatar |
| WeChat Mini | Mini Program | jscode2session | openid, unionid |
| Phone SMS | SMS provider account | SendSms API | phone number only |
| Alipay | 支付宝开放平台 | alipay.system.oauth.token | user_id, avatar |
| Real-name L1 | Cloud provider | VerifyIdCard | match/no-match |
| Real-name L2 | Cloud provider | CompareFace | similarity score |
安全使用建议
Install only if you trust this publisher and expect ClawHub maintainer workflows. Before using the autoreview helper, prefer `--no-yolo` or `AUTOREVIEW_YOLO=0` unless you intentionally want a nested reviewer to run with full local access. Use moderation, migration, deployment, and proof-publishing commands only with explicit targets and after checking the affected account, repository, or production environment.
能力标签
能力评估
Purpose & Capability
The ClawHub, Convex, moderation, UI proof, and review workflows generally match their stated purposes and disclose external tools, package installs, remote validation, data migrations, and staff actions.
Instruction Scope
The bundled autoreview helper defaults to `codex review` with `--dangerously-bypass-approvals-and-sandbox --sandbox danger-full-access`, which is broader authority than an advisory review normally needs and is enabled by default, though an opt-out is documented.
Install Mechanism
The inspected artifacts are skill markdown, reference files, agent metadata, icons, and a helper script; I did not find an auto-start installer, hidden persistence hook, obfuscation, or destructive install behavior.
Credentials
Several workflows are high-impact but purpose-aligned, including moderation, production deployment/migration guidance, PR proof publishing, and remote validation; most have user-control guardrails, but the default full-access nested reviewer is not proportionately scoped for broad installation.
Persistence & Privilege
No durable persistence mechanism was found. Long-running `npx convex dev` and Crabbox leases are disclosed as task-specific workflows, while moderation commands require explicit targets, reasons, and confirmation.
如何使用
- 确保已安装 OpenClaw(本地或 Docker 部署)
- 在对话框中输入安装命令:
/install china-auth-integration - 安装完成后,直接呼叫该 Skill 的名称或使用
/china-auth-integration触发 - 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
版本历史
v1.0.0
Initial release: 4 authentication workflows (WeChat OAuth2, phone SMS verification, real-name verification, unified multi-method auth) + session management + compliance requirements
元数据
常见问题
China Auth Integration 是什么?
Implement Chinese authentication systems including WeChat Login, Alipay Login, phone SMS verification, and real-name verification (实名认证). Teach AI agents how... 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 63 次。
如何安装 China Auth Integration?
在 OpenClaw 或 Claude Code 对话框中运行命令「/install china-auth-integration」即可一键安装,无需额外配置。
China Auth Integration 是免费的吗?
是的,China Auth Integration 完全免费,采用 MIT-0 许可证,可自由下载、安装和使用。
China Auth Integration 支持哪些平台?
China Auth Integration 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(cross-platform)。
谁开发了 China Auth Integration?
由 lm203688(@lm203688)开发并维护,当前版本 v1.0.0。
推荐 Skills