主题
VUE接口请求签名
对请求参数进行签名处理,防止请求被篡改,一般免登陆接口使用。
签名工具文件sign.js
需要安装加密库
crypto-js
js
//引入配置文件
import config from '@/config/index.js'
//引入加密库
import CryptoJS from 'crypto-js'
export function getSignAllMap(path, json, signJson) {
if (null != json) {
let type = Object.prototype.toString.call(json);
if (type == "[object Object]") {
for (let key in json) {
let value = json[key];
if (null != value && undefined != value) {
let type2 = Object.prototype.toString.call(value);
let path2 = key;
if (path) {
path2 = path + "." + key;
}
if (type2 == "[object Object]") {
getSignAllMap(path2, value, signJson)
} else if (type2 == "[object Array]") {
for (let i = 0; i < value.length; i++) {
getSignAllMap(path2 + "[" + i + "]", value[i], signJson)
}
} else {
signJson[path2] = value;
}
}
}
} else if (type == "[object Array]") {
for (let i = 0; i < json.length; i++) {
getSignAllMap(path + "[" + i + "]", json[i], signJson)
}
} else {
signJson[path] = json;
}
}
}
export function getSignStr(json) {
let signJson = {};
getSignAllMap("", json, signJson)
// 取 key
let keys = [];
for (let key in signJson) {
keys.push(key);
}
// 参数名 ASCII 码从小到大排序(字典序)
keys.sort();
let signStr = "";
for (let i=0;i<keys.length;i++) {
if(""!=signStr){
signStr += "&"
}
signStr += keys[i] + "=" + signJson[keys[i]]
}
return signStr;
}
function guid() {
return 'xxxxxxxx-xxxx-4xxx-yxxx-xxxxxxxxxxxx'.replace(/[xy]/g, function (c) {
var r = Math.random() * 16 | 0,
v = c == 'x' ? r : (r & 0x3 | 0x8);
return v.toString(16);
});
}
/**
* 获取签名信息
* @param {Object} url 接口地址
* @param {Object} data 业务数据对象
* @returns 签名后的url(包含签名的业务参数)
*/
export function getSign(url, data) {
let sinData = JSON.parse(JSON.stringify(data))
let randomStr = guid();
let timestamp = +new Date();
sinData.appId = config.appId;
sinData.appSecret = config.appSecret;
sinData.randomStr = randomStr;
sinData.timestamp = timestamp;
sinData = getSignStr(sinData);
console.log(sinData)
// 加签
var sign = CryptoJS.SHA1(sinData).toString();
return `${url}?appId=${config.appId}&randomStr=${randomStr}×tamp=${timestamp}&sign=${sign}`
}配置文件config.js
基础配置文件,也可以通过其他方式进行配置
js
export default {
appId: 'test', //应用id
appSecret: '11e1ebfd58254b84a6f3c1d81d27a562', //应用秘钥
}业务代码
js
//引用签名工具
import { getSign, getTripleDES } from './sign.js'
//业务数据对象
let data = {
"accountNo":"admin",
"password":"123456"
};
//获取签名url
let signUrl = getSign(url, data);
//请求接口
//...网关配置
启用商户拦截器,并配置url信息
yaml
logging:
file:
name: ./logs/gateway.log
max-history: 60
max-size: 100MB
level:
root: INFO
server :
port : 8080
spring:
cloud:
loadbalancer:
gateway:
discovery:
locator:
enabled: false
lowerCaseServiceId: true
routes:
#配置路径规则
- id: demo
uri: http://127.0.0.1:8081
predicates:
- Path=/demo/**
filters:
- StripPrefix= 1
data:
#配置redis
redis:
database: 9
host: 127.0.0.1
port: 6379
password: 123456
timeout: 3000
lettuce:
pool:
max-active: 100
max-wait: -1
max-idle: 10
min-idle: 0
wueasy :
gateway:
filter:
session:
enabled: true #启用session拦截器
items:
- type: redis #使用redis存储session信息
redis-auto-expire: true #启用会话自动延期
expire: PT1H #配置会话1小时过期
urls: #配置拦截的url地址,所有的/demo/请求都拦截
- /demo/**
user-login-urls: /demo/login #配置登录接口地址,需要和微服务调用的完全一致。
user-get-info-urls: /demo/getInfo #获取用户信息
security-visitor-urls: #配置免登陆接口地址
- /demo/login
- /demo/captcha
security-login-urls: #配置登录可访问的接口地址
- /demo/getInfo
merchant:
enabled: true #是否启用,默认false
items:
- app-id: test #应用id
app-secret: 11e1ebfd58254b84a6f3c1d81d27a562 #应用密钥
name: 测试 #商户名称
time-verify: true #是否启用时间验证,默认false
time-interval: PT30M #时间验证区间,默认30分钟
one-verify: true #是否请求一次有效,默认false
one-time-interval: PT1H #一次请求的验证时间,默认1小时
sign-type: ALL
urls: #拦截的url地址
- /demo/login