@tencent-weixin/openclaw-weixin 1.0.1 → 1.0.3

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@tencent-weixin/openclaw-weixin",
-  "version": "1.0.1",
+  "version": "1.0.3",
   "description": "OpenClaw Weixin channel",
   "license": "MIT",
   "author": "Tencent",

package/src/auth/accounts.ts

@@ -6,6 +6,7 @@ import type { OpenClawConfig } from "openclaw/plugin-sdk";
 
 import { getWeixinRuntime } from "../runtime.js";
 import { resolveStateDir } from "../storage/state-dir.js";
+import { resolveFrameworkAllowFromPath } from "./pairing.js";
 import { logger } from "../util/logger.js";
 
 export const DEFAULT_BASE_URL = "https://ilinkai.weixin.qq.com";
@@ -70,6 +71,41 @@ export function registerWeixinAccountId(accountId: string): void {
   fs.writeFileSync(resolveAccountIndexPath(), JSON.stringify(updated, null, 2), "utf-8");
 }
 
+/** Remove accountId from the persistent index. */
+export function unregisterWeixinAccountId(accountId: string): void {
+  const existing = listIndexedWeixinAccountIds();
+  const updated = existing.filter((id) => id !== accountId);
+  if (updated.length !== existing.length) {
+    fs.writeFileSync(resolveAccountIndexPath(), JSON.stringify(updated, null, 2), "utf-8");
+  }
+}
+
+/**
+ * Remove stale accounts that share the same userId as the newly-bound account.
+ * Called after a successful QR login to ensure only the latest account remains
+ * for a given WeChat user, preventing ambiguous contextToken matches.
+ *
+ * @param onClearContextTokens callback to clear context tokens for the removed account
+ */
+export function clearStaleAccountsForUserId(
+  currentAccountId: string,
+  userId: string,
+  onClearContextTokens?: (accountId: string) => void,
+): void {
+  if (!userId) return;
+  const allIds = listIndexedWeixinAccountIds();
+  for (const id of allIds) {
+    if (id === currentAccountId) continue;
+    const data = loadWeixinAccount(id);
+    if (data?.userId?.trim() === userId) {
+      logger.info(`clearStaleAccountsForUserId: removing stale account=${id} (same userId=${userId})`);
+      onClearContextTokens?.(id);
+      clearWeixinAccount(id);
+      unregisterWeixinAccountId(id);
+    }
+  }
+}
+
 // ---------------------------------------------------------------------------
 // Account store (per-account credential files)
 // ---------------------------------------------------------------------------
@@ -175,10 +211,29 @@ export function saveWeixinAccount(
   }
 }
 
-/** Remove account data file. */
+/**
+ * Remove all files associated with an account:
+ *   - accounts/{accountId}.json                  (credentials)
+ *   - accounts/{accountId}.sync.json             (getUpdates sync buf)
+ *   - accounts/{accountId}.context-tokens.json   (context tokens on disk)
+ *   - credentials/openclaw-weixin-{accountId}-allowFrom.json (authorized users)
+ */
 export function clearWeixinAccount(accountId: string): void {
+  const dir = resolveAccountsDir();
+  const accountFiles = [
+    `${accountId}.json`,
+    `${accountId}.sync.json`,
+    `${accountId}.context-tokens.json`,
+  ];
+  for (const file of accountFiles) {
+    try {
+      fs.unlinkSync(path.join(dir, file));
+    } catch {
+      // ignore if not found
+    }
+  }
   try {
-    fs.unlinkSync(resolveAccountPath(accountId));
+    fs.unlinkSync(resolveFrameworkAllowFromPath(accountId));
   } catch {
     // ignore if not found
   }
@@ -198,29 +253,41 @@ function resolveConfigPath(): string {
  * Read `routeTag` from openclaw.json (for callers without an `OpenClawConfig` object).
  * Checks per-account `channels.<id>.accounts[accountId].routeTag` first, then section-level
  * `channels.<id>.routeTag`. Matches `feat_weixin_extension` behavior; channel key is `"openclaw-weixin"`.
+ *
+ * The config is cached after the first read since routeTag does not change at runtime.
  */
-export function loadConfigRouteTag(accountId?: string): string | undefined {
+let cachedRouteTagSection: Record<string, unknown> | null | undefined;
+
+function loadRouteTagSection(): Record<string, unknown> | null {
+  if (cachedRouteTagSection !== undefined) return cachedRouteTagSection;
   try {
     const configPath = resolveConfigPath();
-    if (!fs.existsSync(configPath)) return undefined;
+    if (!fs.existsSync(configPath)) { cachedRouteTagSection = null; return null; }
     const raw = fs.readFileSync(configPath, "utf-8");
     const cfg = JSON.parse(raw) as Record<string, unknown>;
     const channels = cfg.channels as Record<string, unknown> | undefined;
-    const section = channels?.["openclaw-weixin"] as Record<string, unknown> | undefined;
-    if (!section) return undefined;
-    if (accountId) {
-      const accounts = section.accounts as Record<string, Record<string, unknown>> | undefined;
-      const tag = accounts?.[accountId]?.routeTag;
-      if (typeof tag === "number") return String(tag);
-      if (typeof tag === "string" && tag.trim()) return tag.trim();
-    }
-    if (typeof section.routeTag === "number") return String(section.routeTag);
-    return typeof section.routeTag === "string" && section.routeTag.trim()
-      ? section.routeTag.trim()
-      : undefined;
+    const section = (channels?.["openclaw-weixin"] as Record<string, unknown>) ?? null;
+    cachedRouteTagSection = section;
+    return section;
   } catch {
-    return undefined;
+    cachedRouteTagSection = null;
+    return null;
+  }
+}
+
+export function loadConfigRouteTag(accountId?: string): string | undefined {
+  const section = loadRouteTagSection();
+  if (!section) return undefined;
+  if (accountId) {
+    const accounts = section.accounts as Record<string, Record<string, unknown>> | undefined;
+    const tag = accounts?.[accountId]?.routeTag;
+    if (typeof tag === "number") return String(tag);
+    if (typeof tag === "string" && tag.trim()) return tag.trim();
   }
+  if (typeof section.routeTag === "number") return String(section.routeTag);
+  return typeof section.routeTag === "string" && section.routeTag.trim()
+    ? section.routeTag.trim()
+    : undefined;
 }
 
 /**

package/src/auth/login-qr.ts

@@ -269,8 +269,11 @@ export async function waitForWeixinLogin(opts: {
             try {
               const qrterm = await import("qrcode-terminal");
               qrterm.default.generate(qrResponse.qrcode_img_content, { small: true });
+              process.stdout.write(`如果二维码未能成功展示，请用浏览器打开以下链接扫码：\n`);
+              process.stdout.write(`${qrResponse.qrcode_img_content}\n`);
             } catch {
-              process.stdout.write(`QR Code URL: ${qrResponse.qrcode_img_content}\n`);
+              process.stdout.write(`二维码未加载成功，请用浏览器打开以下链接扫码：\n`);
+              process.stdout.write(`${qrResponse.qrcode_img_content}\n`);
             }
           } catch (refreshErr) {
             logger.error(`waitForWeixinLogin: failed to refresh QR code: ${String(refreshErr)}`);
@@ -318,6 +321,8 @@ export async function waitForWeixinLogin(opts: {
         message: `Login failed: ${String(err)}`,
       };
     }
+
+    await new Promise((r) => setTimeout(r, 1000));
   }
 
   logger.warn(

package/src/channel.ts

@@ -1,7 +1,7 @@
 import path from "node:path";
 
 import type { ChannelPlugin, OpenClawConfig } from "openclaw/plugin-sdk";
-import { normalizeAccountId } from "openclaw/plugin-sdk";
+import { normalizeAccountId, resolvePreferredOpenClawTmpDir } from "openclaw/plugin-sdk";
 
 import {
   registerWeixinAccountId,
@@ -10,11 +10,12 @@ import {
   listWeixinAccountIds,
   resolveWeixinAccount,
   triggerWeixinChannelReload,
+  clearStaleAccountsForUserId,
   DEFAULT_BASE_URL,
 } from "./auth/accounts.js";
 import type { ResolvedWeixinAccount } from "./auth/accounts.js";
 import { assertSessionActive } from "./api/session-guard.js";
-import { getContextToken } from "./messaging/inbound.js";
+import { getContextToken, findAccountIdsByContextToken, restoreContextTokens, clearContextTokensForAccount } from "./messaging/inbound.js";
 import { logger } from "./util/logger.js";
 import {
   DEFAULT_ILINK_BOT_TYPE,
@@ -37,7 +38,7 @@ function isRemoteUrl(mediaUrl: string): boolean {
   return mediaUrl.startsWith("http://") || mediaUrl.startsWith("https://");
 }
 
-const MEDIA_OUTBOUND_TEMP_DIR = "/tmp/openclaw/weixin/media/outbound-temp";
+const MEDIA_OUTBOUND_TEMP_DIR = path.join(resolvePreferredOpenClawTmpDir(), "weixin/media/outbound-temp");
 
 /** Resolve any local path scheme to an absolute filesystem path. */
 function resolveLocalPath(mediaUrl: string): string {
@@ -47,6 +48,58 @@ function resolveLocalPath(mediaUrl: string): string {
   return mediaUrl;
 }
 
+/**
+ * Resolve the effective accountId for an outbound message when the caller
+ * did not provide one (e.g. cron delivery without explicit accountId).
+ *
+ * Priority:
+ *   1. Multiple accounts → match via contextToken for the `to` recipient
+ *   2. Single account → use it directly
+ *   3. No match → throw a descriptive error
+ */
+function resolveOutboundAccountId(
+  cfg: OpenClawConfig,
+  to: string,
+): string {
+  const allIds = listWeixinAccountIds(cfg);
+
+  if (allIds.length === 0) {
+    throw new Error(
+      `weixin: no accounts registered — run \`openclaw channels login --channel openclaw-weixin\``,
+    );
+  }
+
+  if (allIds.length === 1) {
+    logger.info(`resolveOutboundAccountId: single account, using ${allIds[0]}`);
+    return allIds[0];
+  }
+
+  // Multiple accounts: find which ones have a contextToken for the recipient.
+  const matched = findAccountIdsByContextToken(allIds, to);
+
+  if (matched.length === 1) {
+    logger.info(`resolveOutboundAccountId: matched accountId=${matched[0]} for to=${to}`);
+    return matched[0];
+  }
+
+  if (matched.length > 1) {
+    logger.warn(
+      `resolveOutboundAccountId: ambiguous — ${matched.length} accounts matched for to=${to}: ${matched.join(", ")}`,
+    );
+    throw new Error(
+      `weixin: ambiguous account for to=${to} ` +
+      `(${matched.length} accounts have active sessions with this recipient: ${matched.join(", ")}). ` +
+      `Specify accountId in the delivery config to disambiguate.`,
+    );
+  }
+
+  throw new Error(
+    `weixin: cannot determine which account to use for to=${to} ` +
+    `(${allIds.length} accounts registered, none has an active session with this recipient). ` +
+    `Specify accountId in the delivery config, or ensure the recipient has recently messaged the bot.`,
+  );
+}
+
 async function sendWeixinOutbound(params: {
   cfg: OpenClawConfig;
   to: string;
@@ -63,8 +116,7 @@ async function sendWeixinOutbound(params: {
     throw new Error("weixin not configured: please run `openclaw channels login --channel openclaw-weixin`");
   }
   if (!params.contextToken) {
-    aLog.error(`sendWeixinOutbound: contextToken missing, refusing to send to=${params.to}`);
-    throw new Error("sendWeixinOutbound: contextToken is required");
+    aLog.warn(`sendWeixinOutbound: contextToken missing for to=${params.to}, sending without context`);
   }
   const result = await sendMessageWeixin({ to: params.to, text: params.text, opts: {
     baseUrl: account.baseUrl,
@@ -95,6 +147,13 @@ export const weixinPlugin: ChannelPlugin<ResolvedWeixinAccount> = {
   capabilities: {
     chatTypes: ["direct"],
     media: true,
+    blockStreaming: true,
+  },
+  streaming: {
+    blockStreamingCoalesceDefaults: {
+      minChars: 200,
+      idleMs: 3000,
+    },
   },
   messaging: {
     targetResolver: {
@@ -107,7 +166,7 @@ export const weixinPlugin: ChannelPlugin<ResolvedWeixinAccount> = {
       "To send an image or file to the current user, use the message tool with action='send' and set 'media' to a local file path or a remote URL. You do not need to specify 'to' — the current conversation recipient is used automatically.",
       "When the user asks you to find an image from the web, use a web search or browser tool to find a suitable image URL, then send it using the message tool with 'media' set to that HTTPS image URL — do NOT download the image first.",
       "IMPORTANT: When generating or saving a file to send, always use an absolute path (e.g. /tmp/photo.png), never a relative path like ./photo.png. Relative paths cannot be resolved and the file will not be delivered.",
-      "IMPORTANT: When creating a cron job (scheduled task) for the current Weixin user, you MUST set delivery.to to the user's Weixin ID (the xxx@im.wechat address from the current conversation). Without an explicit 'to', the cron delivery will fail with 'requires target'. Example: delivery: { mode: 'announce', channel: 'openclaw-weixin', to: '<current_user_id@im.wechat>' }.",
+      "IMPORTANT: When creating a cron job (scheduled task) for the current Weixin user, you MUST set delivery.to to the user's Weixin ID (the xxx@im.wechat address from the current conversation) AND set delivery.accountId to the current AccountId. Without an explicit 'to', the cron delivery will fail with 'requires target'. Without an explicit 'accountId', the message may be sent from the wrong bot account. Example: delivery: { mode: 'announce', channel: 'openclaw-weixin', to: '<current_user_id@im.wechat>', accountId: '<current_AccountId>' }.",
     ],
   },
   reload: { configPrefixes: ["channels.openclaw-weixin"] },
@@ -126,17 +185,19 @@ export const weixinPlugin: ChannelPlugin<ResolvedWeixinAccount> = {
     deliveryMode: "direct",
     textChunkLimit: 4000,
     sendText: async (ctx) => {
+      const accountId = ctx.accountId || resolveOutboundAccountId(ctx.cfg, ctx.to);
       const result = await sendWeixinOutbound({
         cfg: ctx.cfg,
         to: ctx.to,
         text: ctx.text,
-        accountId: ctx.accountId,
-        contextToken: getContextToken(ctx.accountId!, ctx.to),
+        accountId,
+        contextToken: getContextToken(accountId!, ctx.to),
       });
       return result;
     },
     sendMedia: async (ctx) => {
-      const account = resolveWeixinAccount(ctx.cfg, ctx.accountId);
+      const accountId = ctx.accountId || resolveOutboundAccountId(ctx.cfg, ctx.to);
+      const account = resolveWeixinAccount(ctx.cfg, accountId);
       const aLog = logger.withAccount(account.accountId);
       assertSessionActive(account.accountId);
       if (!account.configured) {
@@ -173,8 +234,8 @@ export const weixinPlugin: ChannelPlugin<ResolvedWeixinAccount> = {
         cfg: ctx.cfg,
         to: ctx.to,
         text: ctx.text ?? "",
-        accountId: ctx.accountId,
-        contextToken: getContextToken(ctx.accountId!, ctx.to),
+        accountId,
+        contextToken: getContextToken(account.accountId, ctx.to),
       });
       return result;
     },
@@ -231,6 +292,8 @@ export const weixinPlugin: ChannelPlugin<ResolvedWeixinAccount> = {
         await new Promise<void>((resolve) => {
           qrcodeterminal.default.generate(startResult.qrcodeUrl!, { small: true }, (qr: string) => {
             console.log(qr);
+            log(`如果二维码未能成功展示，请用浏览器打开以下链接扫码：`);
+            log(startResult.qrcodeUrl!);
             resolve();
           });
         });
@@ -238,7 +301,8 @@ export const weixinPlugin: ChannelPlugin<ResolvedWeixinAccount> = {
         logger.warn(
           `auth.login: qrcode-terminal unavailable, falling back to URL err=${String(err)}`,
         );
-        log(`二维码链接: ${startResult.qrcodeUrl}`);
+        log(`二维码未加载成功，请用浏览器打开以下链接扫码：`);
+        log(startResult.qrcodeUrl!);
       }
 
       const loginTimeoutMs = 480_000;
@@ -263,6 +327,9 @@ export const weixinPlugin: ChannelPlugin<ResolvedWeixinAccount> = {
             userId: waitResult.userId,
           });
           registerWeixinAccountId(normalizedId);
+          if (waitResult.userId) {
+            clearStaleAccountsForUserId(normalizedId, waitResult.userId, clearContextTokensForAccount);
+          }
           void triggerWeixinChannelReload();
           log(`\n✅ 与微信连接成功！`);
         } catch (err) {
@@ -290,6 +357,7 @@ export const weixinPlugin: ChannelPlugin<ResolvedWeixinAccount> = {
       const account = ctx.account;
       const aLog = logger.withAccount(account.accountId);
       aLog.debug(`about to call monitorWeixinProvider`);
+      restoreContextTokens(account.accountId);
       aLog.info(`starting weixin webhook`);
 
       ctx.setStatus?.({
@@ -363,6 +431,9 @@ export const weixinPlugin: ChannelPlugin<ResolvedWeixinAccount> = {
             userId: result.userId,
           });
           registerWeixinAccountId(normalizedId);
+          if (result.userId) {
+            clearStaleAccountsForUserId(normalizedId, result.userId, clearContextTokensForAccount);
+          }
           triggerWeixinChannelReload();
           logger.info(`loginWithQrWait: saved account data for accountId=${normalizedId}`);
         } catch (err) {

package/src/log-upload.ts

@@ -2,6 +2,7 @@ import fs from "node:fs/promises";
 import path from "node:path";
 
 import type { OpenClawConfig } from "openclaw/plugin-sdk";
+import { resolvePreferredOpenClawTmpDir } from "openclaw/plugin-sdk";
 
 
 /** Minimal subset of commander's Command used by registerWeixinCli. */
@@ -42,7 +43,7 @@ function resolveLogFileName(file: string): string {
 }
 
 function mainLogDir(): string {
-  return path.join("/tmp", "openclaw");
+  return resolvePreferredOpenClawTmpDir();
 }
 
 function getConfiguredUploadUrl(config: OpenClawConfig): string | undefined {

package/src/messaging/error-notice.ts

@@ -15,8 +15,7 @@ export async function sendWeixinErrorNotice(params: {
   errLog: (m: string) => void;
 }): Promise<void> {
   if (!params.contextToken) {
-    logger.warn(`sendWeixinErrorNotice: no contextToken for to=${params.to}, cannot notify user`);
-    return;
+    logger.warn(`sendWeixinErrorNotice: no contextToken for to=${params.to}, sending without context`);
   }
   try {
     await sendMessageWeixin({ to: params.to, text: params.message, opts: {

package/src/messaging/inbound.ts

@@ -1,17 +1,20 @@
+import fs from "node:fs";
+import path from "node:path";
+
 import { logger } from "../util/logger.js";
 import { generateId } from "../util/random.js";
 import type { WeixinMessage, MessageItem } from "../api/types.js";
 import { MessageItemType } from "../api/types.js";
+import { resolveStateDir } from "../storage/state-dir.js";
 
 // ---------------------------------------------------------------------------
-// Context token store (in-process cache: accountId+userId → contextToken)
+// Context token store (in-process cache + disk persistence)
 // ---------------------------------------------------------------------------
 
 /**
  * contextToken is issued per-message by the Weixin getupdates API and must
- * be echoed verbatim in every outbound send. It is not persisted: the monitor
- * loop populates this map on each inbound message, and the outbound adapter
- * reads it back when the agent sends a reply.
+ * be echoed verbatim in every outbound send. The in-memory map is the primary
+ * lookup; a disk-backed file per account ensures tokens survive gateway restarts.
  */
 const contextTokenStore = new Map<string, string>();
 
@@ -19,11 +22,84 @@ function contextTokenKey(accountId: string, userId: string): string {
   return `${accountId}:${userId}`;
 }
 
-/** Store a context token for a given account+user pair. */
+// ---------------------------------------------------------------------------
+// Disk persistence helpers
+// ---------------------------------------------------------------------------
+
+function resolveContextTokenFilePath(accountId: string): string {
+  return path.join(
+    resolveStateDir(),
+    "openclaw-weixin",
+    "accounts",
+    `${accountId}.context-tokens.json`,
+  );
+}
+
+/** Persist all context tokens for a given account to disk. */
+function persistContextTokens(accountId: string): void {
+  const prefix = `${accountId}:`;
+  const tokens: Record<string, string> = {};
+  for (const [k, v] of contextTokenStore) {
+    if (k.startsWith(prefix)) {
+      tokens[k.slice(prefix.length)] = v;
+    }
+  }
+  const filePath = resolveContextTokenFilePath(accountId);
+  try {
+    const dir = path.dirname(filePath);
+    fs.mkdirSync(dir, { recursive: true });
+    fs.writeFileSync(filePath, JSON.stringify(tokens, null, 0), "utf-8");
+  } catch (err) {
+    logger.warn(`persistContextTokens: failed to write ${filePath}: ${String(err)}`);
+  }
+}
+
+/**
+ * Restore persisted context tokens for an account into the in-memory map.
+ * Called once during gateway startAccount to survive restarts.
+ */
+export function restoreContextTokens(accountId: string): void {
+  const filePath = resolveContextTokenFilePath(accountId);
+  try {
+    if (!fs.existsSync(filePath)) return;
+    const raw = fs.readFileSync(filePath, "utf-8");
+    const tokens = JSON.parse(raw) as Record<string, string>;
+    let count = 0;
+    for (const [userId, token] of Object.entries(tokens)) {
+      if (typeof token === "string" && token) {
+        contextTokenStore.set(contextTokenKey(accountId, userId), token);
+        count++;
+      }
+    }
+    logger.info(`restoreContextTokens: restored ${count} tokens for account=${accountId}`);
+  } catch (err) {
+    logger.warn(`restoreContextTokens: failed to read ${filePath}: ${String(err)}`);
+  }
+}
+
+/** Remove all context tokens for a given account (memory + disk). */
+export function clearContextTokensForAccount(accountId: string): void {
+  const prefix = `${accountId}:`;
+  for (const k of [...contextTokenStore.keys()]) {
+    if (k.startsWith(prefix)) {
+      contextTokenStore.delete(k);
+    }
+  }
+  const filePath = resolveContextTokenFilePath(accountId);
+  try {
+    if (fs.existsSync(filePath)) fs.unlinkSync(filePath);
+  } catch (err) {
+    logger.warn(`clearContextTokensForAccount: failed to remove ${filePath}: ${String(err)}`);
+  }
+  logger.info(`clearContextTokensForAccount: cleared tokens for account=${accountId}`);
+}
+
+/** Store a context token for a given account+user pair (memory + disk). */
 export function setContextToken(accountId: string, userId: string, token: string): void {
   const k = contextTokenKey(accountId, userId);
   logger.debug(`setContextToken: key=${k}`);
   contextTokenStore.set(k, token);
+  persistContextTokens(accountId);
 }
 
 /** Retrieve the cached context token for a given account+user pair. */
@@ -36,6 +112,21 @@ export function getContextToken(accountId: string, userId: string): string | und
   return val;
 }
 
+/**
+ * Find all accountIds that have an active contextToken for the given userId.
+ * Used to infer the sending bot account from the recipient address when
+ * accountId is not explicitly provided (e.g. cron delivery).
+ *
+ * Returns all matching accountIds (not just the first) so the caller can
+ * detect ambiguity when multiple accounts have sessions with the same user.
+ */
+export function findAccountIdsByContextToken(
+  accountIds: string[],
+  userId: string,
+): string[] {
+  return accountIds.filter((id) => contextTokenStore.has(contextTokenKey(id, userId)));
+}
+
 // ---------------------------------------------------------------------------
 // Message ID generation
 // ---------------------------------------------------------------------------

package/src/messaging/process-message.ts

@@ -381,11 +381,7 @@ export async function processOneMessage(
         deps.errLog(`weixin reply ${info.kind}: ${String(err)}`);
         const errMsg = err instanceof Error ? err.message : String(err);
         let notice: string;
-        if (errMsg.includes("contextToken is required")) {
-          // No contextToken means we cannot send a notice either; just log.
-          logger.warn(`onError: contextToken missing, cannot send error notice to=${ctx.To}`);
-          return;
-        } else if (errMsg.includes("remote media download failed") || errMsg.includes("fetch")) {
+        if (errMsg.includes("remote media download failed") || errMsg.includes("fetch")) {
           notice = `⚠️ 媒体文件下载失败，请检查链接是否可访问。`;
         } else if (
           errMsg.includes("getUploadUrl") ||
@@ -416,7 +412,7 @@ export async function processOneMessage(
           ctx: finalized,
           cfg: deps.config,
           dispatcher,
-          replyOptions,
+          replyOptions: { ...replyOptions, disableBlockStreaming: false },
         }),
     });
     logger.debug(`dispatchReplyFromConfig: done agentId=${route.agentId ?? "(none)"}`);

package/src/messaging/send.ts

@@ -77,7 +77,6 @@ function buildSendMessageReq(params: {
 
 /**
  * Send a plain text message downstream.
- * contextToken is required for all reply sends; missing it breaks conversation association.
  */
 export async function sendMessageWeixin(params: {
   to: string;
@@ -86,8 +85,7 @@ export async function sendMessageWeixin(params: {
 }): Promise<{ messageId: string }> {
   const { to, text, opts } = params;
   if (!opts.contextToken) {
-    logger.error(`sendMessageWeixin: contextToken missing, refusing to send to=${to}`);
-    throw new Error("sendMessageWeixin: contextToken is required");
+    logger.warn(`sendMessageWeixin: contextToken missing for to=${to}, sending without context`);
   }
   const clientId = generateClientId();
   const req = buildSendMessageReq({
@@ -158,7 +156,7 @@ async function sendMediaItems(params: {
     }
   }
 
-  logger.debug(`${label}: success to=${to} clientId=${lastClientId}`);
+  logger.info(`${label}: success to=${to} clientId=${lastClientId}`);
   return { messageId: lastClientId };
 }
 
@@ -179,10 +177,9 @@ export async function sendImageMessageWeixin(params: {
 }): Promise<{ messageId: string }> {
   const { to, text, uploaded, opts } = params;
   if (!opts.contextToken) {
-    logger.error(`sendImageMessageWeixin: contextToken missing, refusing to send to=${to}`);
-    throw new Error("sendImageMessageWeixin: contextToken is required");
+    logger.warn(`sendImageMessageWeixin: contextToken missing for to=${to}, sending without context`);
   }
-  logger.debug(
+  logger.info(
     `sendImageMessageWeixin: to=${to} filekey=${uploaded.filekey} fileSize=${uploaded.fileSize} aeskey=present`,
   );
 
@@ -214,8 +211,7 @@ export async function sendVideoMessageWeixin(params: {
 }): Promise<{ messageId: string }> {
   const { to, text, uploaded, opts } = params;
   if (!opts.contextToken) {
-    logger.error(`sendVideoMessageWeixin: contextToken missing, refusing to send to=${to}`);
-    throw new Error("sendVideoMessageWeixin: contextToken is required");
+    logger.warn(`sendVideoMessageWeixin: contextToken missing for to=${to}, sending without context`);
   }
 
   const videoItem: MessageItem = {
@@ -247,8 +243,7 @@ export async function sendFileMessageWeixin(params: {
 }): Promise<{ messageId: string }> {
   const { to, text, fileName, uploaded, opts } = params;
   if (!opts.contextToken) {
-    logger.error(`sendFileMessageWeixin: contextToken missing, refusing to send to=${to}`);
-    throw new Error("sendFileMessageWeixin: contextToken is required");
+    logger.warn(`sendFileMessageWeixin: contextToken missing for to=${to}, sending without context`);
   }
   const fileItem: MessageItem = {
     type: MessageItemType.FILE,

package/src/util/logger.ts

@@ -2,13 +2,15 @@ import fs from "node:fs";
 import os from "node:os";
 import path from "node:path";
 
+import { resolvePreferredOpenClawTmpDir } from "openclaw/plugin-sdk";
+
 /**
  * Plugin logger — writes JSON lines to the main openclaw log file:
- *   /tmp/openclaw/openclaw-YYYY-MM-DD.log
+ *   <tmpDir>/openclaw-YYYY-MM-DD.log
  * Same file and format used by all other channels.
  */
 
-const MAIN_LOG_DIR = path.join("/tmp", "openclaw");
+const MAIN_LOG_DIR = resolvePreferredOpenClawTmpDir();
 const SUBSYSTEM = "gateway/channels/openclaw-weixin";
 const RUNTIME = "node";
 const RUNTIME_VERSION = process.versions.node;

package/src/util/redact.ts

@@ -21,14 +21,22 @@ export function redactToken(token: string | undefined, prefixLen = DEFAULT_TOKEN
   return `${token.slice(0, prefixLen)}…(len=${token.length})`;
 }
 
+/** Field names whose values should be masked in logged JSON bodies. */
+const SENSITIVE_FIELDS = /\b(context_token|bot_token|token|authorization|Authorization)\b/;
+
 /**
  * Truncate a JSON body string to `maxLen` chars for safe logging.
- * Appends original length so the reader knows how much was dropped.
+ * Redacts known sensitive fields before truncating.
  */
 export function redactBody(body: string | undefined, maxLen = DEFAULT_BODY_MAX_LEN): string {
   if (!body) return "(empty)";
-  if (body.length <= maxLen) return body;
-  return `${body.slice(0, maxLen)}…(truncated, totalLen=${body.length})`;
+  // Mask values of known sensitive JSON keys: "key":"value" → "key":"<redacted>"
+  const redacted = body.replace(
+    /"(context_token|bot_token|token|authorization|Authorization)"\s*:\s*"[^"]*"/g,
+    '"$1":"<redacted>"',
+  );
+  if (redacted.length <= maxLen) return redacted;
+  return `${redacted.slice(0, maxLen)}…(truncated, totalLen=${redacted.length})`;
 }
 
 /**