Trang chủ Khám phá Trợ giúp
Đăng ký Đăng nhập
904118851
/
tg_factory
1
0
Fork 0
Các tập tin Các vấn đề 0 Yêu cầu kéo về 0 Wiki
Tree: cbe381935a
Branches Tags
tg_factory
/
src
/
api
/
qm
/
qm_gen_signature.js

qm_gen_signature.js 2.6 KB
Lịch sử Raw

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687 
  1. const crypto = require('crypto');
    2. 

  2. 

  3. function testSignatureGeneration() {
    4. 

  4.     const timestamp = '1745997864484';
    5. 

  5.     const url = `/api/account/login?t=${timestamp}&env=&qm_csrf_backend=undefined`;
    6. 

  6.     const data = {
    7. 

  7.         account_name: "zhuoyue",
    8. 

  8.         password: "Wnl3ejAzOTYz",
    9. 

  9.         env: ""
    10. 

  10.     };
    11. 

  11. 

  12.     function test(testName, signString) {
    13. 

  13.         const signature = crypto.createHash('sha256')
    14. 

  14.             .update(signString)
    15. 

  15.             .digest('hex');
    16. 

  16.         console.log(`\n${testName}:`);
    17. 

  17.         console.log('签名字符串:', signString);
    18. 

  18.         console.log('生成签名:', signature);
    19. 

  19.         console.log('是否匹配:', signature === '87c88d2b321fd439c756847c7348a198be6abf769a46f34dbc83d9a4fec34567');
    20. 

  20.     }
    21. 

  21. 

  22.     // 方案13:使用Base64编码的数据
    23. 

  23.     const base64Data = Buffer.from(JSON.stringify(data)).toString('base64');
    24. 

  24.     const str13 = `${url}&${base64Data}&${timestamp}`;
    25. 

  25.     test('方案13', str13);
    26. 

  26. 

  27.     // 方案14:URL参数分开处理
    28. 

  28.     const urlParams = new URLSearchParams({
    29. 

  29.         t: timestamp,
    30. 

  30.         env: '',
    31. 

  31.         qm_csrf_backend: 'undefined'
    32. 

  32.     });
    33. 

  33.     const path = '/api/account/login';
    34. 

  34.     const sortedData = Object.keys(data)
    35. 

  35.         .sort()
    36. 

  36.         .map(key => `${key}=${JSON.stringify(data[key])}`)
    37. 

  37.         .join('&');
    38. 

  38.     const str14 = `${path}?${urlParams.toString()}&${sortedData}&${timestamp}`;
    39. 

  39.     test('方案14', str14);
    40. 

  40. 

  41.     // 方案15:将参数作为对象处理
    42. 

  42.     const allParams = {
    43. 

  43.         ...data,
    44. 

  44.         t: timestamp,
    45. 

  45.         env: '',
    46. 

  46.         qm_csrf_backend: 'undefined'
    47. 

  47.     };
    48. 

  48.     const sortedAllParams = Object.keys(allParams)
    49. 

  49.         .sort()
    50. 

  50.         .map(key => `${key}=${JSON.stringify(allParams[key])}`)
    51. 

  51.         .join('&');
    52. 

  52.     const str15 = `${path}&${sortedAllParams}`;
    53. 

  53.     test('方案15', str15);
    54. 

  54. 

  55.     // 方案16:处理特殊字符
    56. 

  56.     const encodedSortedData = Object.keys(data)
    57. 

  57.         .sort()
    58. 

  58.         .map(key => {
    59. 

  59.             const value = data[key].toString()
    60. 

  60.                 .replace(/"/g, '\\"')
    61. 

  61.                 .replace(/'/g, "\\'");
    62. 

  62.             return `${key}="${value}"`;
    63. 

  63.         })
    64. 

  64.         .join('&');
    65. 

  65.     const str16 = `${url}&${encodedSortedData}&${timestamp}`;
    66. 

  66.     test('方案16', str16);
    67. 

  67. 

  68.     // 方案17:尝试不同的时间戳位置
    69. 

  69.     const str17 = `${timestamp}&${url}&${sortedData}`;
    70. 

  70.     test('方案17', str17);
    71. 

  71. 

  72.     // 方案18:完全扁平化所有参数
    73. 

  73.     const flatParams = {
    74. 

  74.         url: path,
    75. 

  75.         t: timestamp,
    76. 

  76.         env: '',
    77. 

  77.         qm_csrf_backend: 'undefined',
    78. 

  78.         ...data
    79. 

  79.     };
    80. 

  80.     const str18 = Object.keys(flatParams)
    81. 

  81.         .sort()
    82. 

  82.         .map(key => `${key}=${flatParams[key]}`)
    83. 

  83.         .join('&');
    84. 

  84.     test('方案18', str18);
    85. 

  85. }
    86. 

  86. 

  87. testSignatureGeneration();
    88.