OperationalService/web-network1/routes/auth/index.js

const request = require('superagent');
const moment = require('moment');
const crypto = require('crypto');
module.exports = {
  entry(app, router, opts) {
    function isTimestampWithin5Minutes(timestamp) {
      const timestampMoment = moment.unix(timestamp);
      const currentMoment = moment();

      // 计算时间差（单位：秒）
      const timeDifferenceInSeconds = currentMoment.diff(timestampMoment, 'seconds');

      // 检查时间差是否小于等于5分钟（300秒）
      return timeDifferenceInSeconds <= 300;
    }
    const getSignToken = async function (ctx) {
      let error = { statusCode: -1, message: '获取token失败', token: '' };
      let signRlt = null;
      try {
        const { apiUrl, singleAccount, singlePwd } = opts;
        const appKey = 'd037044023914e76';
        const appSecret = 'dc5b21a91cd840cabc7751d3e81dd8aa';
        const { code, rnd, sign } = ctx.headers;
        const bridgeCode = 'G94441900L1430';
        if (!code || !rnd || !sign) {
          error = { statusCode: -1, message: '缺少参数或参数有误', token: '' };
          ctx.status = 200;
          ctx.body = error;
          return;
        }
        // 验证时间戳，超过5分钟即超时
        if (!isTimestampWithin5Minutes(rnd)) {
          error = { statusCode: -1, message: '时间戳已过期,超过5分钟', token: '' };
          ctx.status = 200;
          ctx.body = error;
          return;
        }
        const signData = appKey + bridgeCode + rnd + appSecret;
        const checkSign = crypto.createHash('sha1').update(signData).digest('hex').toUpperCase();

        if (checkSign !== sign) {
          error = { statusCode: -1, message: '数据签名验证失败', token: '' };
          ctx.status = 200;
          ctx.body = error;
          return;
        }
        const res = await request.post(`${apiUrl}/project/login`).set('Content-Type', 'application/json').send({
          username: singleAccount,
          password: singlePwd,
          p: 'default',
        });
        signRlt = res.body.token || null;
        error = null;
        ctx.status = 200;
        ctx.body = { statusCode: 1, message: '操作成功', token: signRlt };
      } catch (e) {
        ctx.fs.logger.error(e);
        ctx.status = 200;
        ctx.body = error;
      }
    };

    router.post('/verify/getSignToken', getSignToken);
  },
};