const crypto = require('crypto'); function testSignatureGeneration() { const timestamp = '1745997864484'; const url = `/api/account/login?t=${timestamp}&env=&qm_csrf_backend=undefined`; const data = { account_name: "zhuoyue", password: "Wnl3ejAzOTYz", env: "" }; function test(testName, signString) { const signature = crypto.createHash('sha256') .update(signString) .digest('hex'); console.log(`\n${testName}:`); console.log('签名字符串:', signString); console.log('生成签名:', signature); console.log('是否匹配:', signature === '87c88d2b321fd439c756847c7348a198be6abf769a46f34dbc83d9a4fec34567'); } // 方案13:使用Base64编码的数据 const base64Data = Buffer.from(JSON.stringify(data)).toString('base64'); const str13 = `${url}&${base64Data}&${timestamp}`; test('方案13', str13); // 方案14:URL参数分开处理 const urlParams = new URLSearchParams({ t: timestamp, env: '', qm_csrf_backend: 'undefined' }); const path = '/api/account/login'; const sortedData = Object.keys(data) .sort() .map(key => `${key}=${JSON.stringify(data[key])}`) .join('&'); const str14 = `${path}?${urlParams.toString()}&${sortedData}&${timestamp}`; test('方案14', str14); // 方案15:将参数作为对象处理 const allParams = { ...data, t: timestamp, env: '', qm_csrf_backend: 'undefined' }; const sortedAllParams = Object.keys(allParams) .sort() .map(key => `${key}=${JSON.stringify(allParams[key])}`) .join('&'); const str15 = `${path}&${sortedAllParams}`; test('方案15', str15); // 方案16:处理特殊字符 const encodedSortedData = Object.keys(data) .sort() .map(key => { const value = data[key].toString() .replace(/"/g, '\\"') .replace(/'/g, "\\'"); return `${key}="${value}"`; }) .join('&'); const str16 = `${url}&${encodedSortedData}&${timestamp}`; test('方案16', str16); // 方案17:尝试不同的时间戳位置 const str17 = `${timestamp}&${url}&${sortedData}`; test('方案17', str17); // 方案18:完全扁平化所有参数 const flatParams = { url: path, t: timestamp, env: '', qm_csrf_backend: 'undefined', ...data }; const str18 = Object.keys(flatParams) .sort() .map(key => `${key}=${flatParams[key]}`) .join('&'); test('方案18', str18); } testSignatureGeneration();