小程序签名代码案例 - 微信小程序开发教程
小程序签名是保证小程序信息安全性的一种措施,以下是小程序签名的代码案例:
- 获取小程序的access_token和ticket
const request = require('request');
// 获取access_token
function getAccessToken(appId, appSecret) {
return new Promise((resolve, reject) => {
const url = `https://api.weixin.qq.com/cgi-bin/token?grant_type=client_credential&appid=${appId}&secret=${appSecret}`;
request(url, function (error, response, body) {
if (!error && response.statusCode == 200) {
const result = JSON.parse(body);
resolve(result.access_token);
} else {
reject(error);
}
});
});
}
// 获取ticket
function getTicket(accessToken) {
return new Promise((resolve, reject) => {
const url = `https://api.weixin.qq.com/cgi-bin/ticket/getticket?access_token=${accessToken}&type=jsapi`;
request(url, function (error, response, body) {
if (!error && response.statusCode == 200) {
const result = JSON.parse(body);
resolve(result.ticket);
} else {
reject(error);
}
});
});
}
- 生成noncestr和timestamp
// 生成随机字符串
function generateNonceStr(length) {
const chars = 'ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789';
const maxPos = chars.length;
let nonceStr = '';
for (let i = 0; i < length; i++) {
nonceStr += chars.charAt(Math.floor(Math.random() * maxPos));
}
return nonceStr;
}
// 获取当前时间戳
function getTimestamp() {
return parseInt(new Date().getTime() / 1000) + '';
}
- 对签名的参数进行排序
// 对参数进行排序
function raw(args) {
let keys = Object.keys(args);
keys = keys.sort();
const newArgs = {};
keys.forEach(function (key) {
newArgs[key.toLowerCase()] = args[key];
});
let str = '';
for (let k in newArgs) {
str += '&' + k + '=' + newArgs[k];
}
return str.substr(1);
}
- 对参数进行签名
const crypto = require('crypto');
// 对参数进行签名
function sign(ticket, nonceStr, timestamp, url) {
const params = {
jsapi_ticket: ticket,
nonceStr: nonceStr,
timestamp: timestamp,
url: url,
};
const string = raw(params);
const shasum = crypto.createHash('sha1');
shasum.update(string);
return shasum.digest('hex');
}
- 完整的小程序签名代码
const request = require('request');
const crypto = require('crypto');
// 获取access_token
function getAccessToken(appId, appSecret) {
return new Promise((resolve, reject) => {
const url = `https://api.weixin.qq.com/cgi-bin/token?grant_type=client_credential&appid=${appId}&secret=${appSecret}`;
request(url, function (error, response, body) {
if (!error && response.statusCode == 200) {
const result = JSON.parse(body);
resolve(result.access_token);
} else {
reject(error);
}
});
});
}
// 获取ticket
function getTicket(accessToken) {
return new Promise((resolve, reject) => {
const url = `https://api.weixin.qq.com/cgi-bin/ticket/getticket?access_token=${accessToken}&type=jsapi`;
request(url, function (error, response, body) {
if (!error && response.statusCode == 200) {
const result = JSON.parse(body);
resolve(result.ticket);
} else {
reject(error);
}
});
});
}
// 生成随机字符串
function generateNonceStr(length) {
const chars = 'ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789';
const maxPos = chars.length;
let nonceStr = '';
for (let i = 0; i < length; i++) {
nonceStr += chars.charAt(Math.floor(Math.random() * maxPos));
}
return nonceStr;
}
// 获取当前时间戳
function getTimestamp() {
return parseInt(new Date().getTime() / 1000) + '';
}
// 对参数进行排序
function raw(args) {
let keys = Object.keys(args);
keys = keys.sort();
const newArgs = {};
keys.forEach(function (key) {
newArgs[key.toLowerCase()] = args[key];
});
let str = '';
for (let k in newArgs) {
str += '&' + k + '=' + newArgs[k];
}
return str.substr(1);
}
// 对参数进行签名
function sign(ticket, nonceStr, timestamp, url) {
const params = {
jsapi_ticket: ticket,
nonceStr: nonceStr,
timestamp: timestamp,
url: url,
};
const string = raw(params);
const shasum = crypto.createHash('sha1');
shasum.update(string);
return shasum.digest('hex');
}
// 获取小程序签名信息
async function getSignInfo(appId, appSecret, url) {
const accessToken = await getAccessToken(appId, appSecret);
const ticket = await getTicket(accessToken);
const nonceStr = generateNonceStr(16);
const timestamp = getTimestamp();
const signature = sign(ticket, nonceStr, timestamp, url);
return {
appId: appId,
timestamp: timestamp,
nonceStr: nonceStr,
signature: signature,
};
}
module.exports = getSignInfo;
使用方法:
const getSignInfo = require('./sign');
getSignInfo(appId, appSecret, url).then((result) => {
console.log(result);
}).catch((error) => {
console.error(error);
});
原文地址: https://www.cveoy.top/t/topic/lMfZ 著作权归作者所有。请勿转载和采集!