novalon/novalon-manage-system
6
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
6392c085601b0e55259e1432e087bd4adae7d823
novalon-manage-system/test-signature.js
T
张翔 6392c08560 feat(api/web): 实现API请求签名验证功能并优化测试环境配置 
refactor(db): 重构查询条件类到query目录下

test: 添加登录流程测试脚本和测试数据

chore: 添加crypto-js依赖用于签名验证

ci: 配置测试环境数据库和端口设置
2026-04-02 08:07:53 +08:00

50 lines
1.4 KiB
JavaScript
Raw Blame History

const CryptoJS = require('crypto-js')
const SIGNATURE_SECRET = 'NovalonManageSystemSecretKey2026'
function generateSignature(method, path, query = '', body = '', timestamp, nonce) {
const stringToSign = [
method,
path,
query || '',
body || '',
timestamp.toString(),
nonce
].join('\n')
console.log('String to sign:', stringToSign)
const signature = CryptoJS.HmacSHA256(stringToSign, SIGNATURE_SECRET)
const signatureBase64 = CryptoJS.enc.Base64.stringify(signature)
return signatureBase64
}
function generateNonce() {
const timestamp = Date.now().toString(36)
const randomPart = Math.random().toString(36).substring(2, 15)
return `${timestamp}-${randomPart}`
}
const timestamp = Date.now()
const nonce = generateNonce()
const method = 'POST'
const path = '/api/auth/login'
const query = ''
const body = JSON.stringify({ username: 'admin', password: 'admin123' })
const signature = generateSignature(method, path, query, body, timestamp, nonce)
console.log('\nGenerated Signature Headers:')
console.log('X-Signature:', signature)
console.log('X-Timestamp:', timestamp)
console.log('X-Nonce:', nonce)
console.log('\ncurl command:')
console.log(`curl -X POST http://localhost:8080/api/auth/login \\
-H "Content-Type: application/json" \\
-H "X-Signature: ${signature}" \\
-H "X-Timestamp: ${timestamp}" \\
-H "X-Nonce: ${nonce}" \\
-d '${body}'`)
Reference in New Issue View Git Blame Copy Permalink