sign.js
2.46 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
/**
* 签名
* @author: bikai
* @date: 2016/5/6
*/
'use strict';
const _ = require('lodash');
const md5 = require('md5');
const privateKey = {
android: 'fd4ad5fcfa0de589ef238c0e7331b585',
iphone: 'a85bb0674e08986c6b115d5e3a4884fa',
ipad: 'ad9fcda2e679cf9229e37feae2cdcf80',
web: '0ed29744ed318fd28d2c07985d3ba633',
yoho: 'fd4ad5fcsa0de589af23234ks1923ks',
h5: 'fd4ad5fcfa0de589ef238c0e7331b585'
};
/**
* 排序参数
* @param {Object} argument 需要排序的参数对象
* @return {Object} 排序之后的参数对象
*/
const packageSort = argument => {
const newObj = {};
for (const k of Object.keys(argument).sort()) {
newObj[k] = argument[k];
}
return newObj;
};
/**
* 生成签名
* @param {Object} argument 需要签名的数据
* @return {string} 生成的签名字符串
*/
const makeSign = argument => {
const qs = [];
_.forEach(argument, (value, key) => {
qs.push(`${key}=${_.trim(value)}`);
});
return md5(qs.join('&')).toLowerCase();
};
// 生成API签名,调用后端接口的时候有私钥校验
exports.apiSign = (params) => {
const clientType = params.client_type || 'h5';
/* eslint-disable */
let sign = packageSort(Object.assign({
client_type: clientType,
private_key: privateKey[clientType],
app_version: '3.8.2',
os_version: 'yohobuy:h5',
screen_size: '720x1280',
v: '7'
}, params));
/* eslint-enable */
sign = Object.assign(sign, {
client_secret: makeSign(sign) // eslint-disable-line camelcase
});
delete sign.private_key;
return sign;
};
// 检查签名,APP 访问 H5 页面的时候需要检查
exports.checkSign = (params) => {
const // eslint-disable-line camelcase
clientSecret = params.client_secret;
let sortedParams;
// 忽略部分参数
delete params.client_secret;
delete params.q;
delete params.debug_data;
delete params['/api'];
params.private_key = privateKey[params.client_type]; // eslint-disable-line camelcase
sortedParams = packageSort(params);
return clientSecret === makeSign(sortedParams);
};
// 检查签名,APP 访问 H5 页面的时候需要检查, 有可能不同于上边的签名方式
exports.webSign = (params) => {
const webPrivateKey = 'yohobuyapp';
return params.key === md5(md5(webPrivateKey) + params.uid);
};
exports.makeToken = (string) => {
return md5(md5(string + '#@!@#'));
};