- 流程
向后端ajax申请时进行加密,加密是通过一些规则对data加密,调用tokentest方法需要做三个事情
1.生成时间戳 timestamp
2.生成随机字符串 nonceStr
3.通过CryptoJS.HmacSHA256生成加密签名 signature,密要就是nonceStr
let hash = CryptoJS.HmacSHA256(根据一定顺序从系排序后获取的data的键值组成的数据字符串, nonceStr);
let hashInBase64 = CryptoJS.enc.Hex.stringify(hash);
function generateMixed() {
var chars = ['0','1','2','3','4','5','6','7','8','9','A','B','C','D','E','F','G','H','I','J','K','L','M','N','O','P','Q','R','S','T','U','V','W','X','Y','Z'];
var res = "";
for(var i = 0; i < 16 ; i ++) {
var id = Math.ceil(Math.random()*35);
res += chars[id];
}
return res;
}
function tokentest(data){
let timestamp = new Date().getTime();
let nonceStr = generateMixed();
data.timestamp = timestamp;
data.nonceStr= nonceStr;
let sorted = {};
let newstr='';
Object.keys(data).sort().forEach(item=>{
sorted[item]=data[item];
})
Object.values(sorted).forEach(item=>{
newstr+=item;
});
let hash = CryptoJS.HmacSHA256(newstr, nonceStr);
let hashInBase64 = CryptoJS.enc.Hex.stringify(hash);
data.signature = hashInBase64;
return data;
}
function submits() {
var data = {
'submit':00001
,'submit_s':0001001
,'tel':188888888
,'s_id':3
,'g_id':5,
}
$.ajax(
{
url: /submit/,
type: 'POST',
dataType: 'json',
data:tokentest(data),
cache: false,
timeout: 20000,
error: function() {layer.msg('系统错误');},
success: function(json)
{
console.log(json,'hhh');
}
});
}
//引入的插件文件
<script src="cryptojs/core.js">script>
<script src="cryptojs/hmac.js">script>
<script src="cryptojs/sha256.js">script>
<script src="cryptojs/hmac-sha256.js">script>
<script src="cryptojs/enc-base64.js">script>
