38 lines
1.7 KiB
JavaScript
38 lines
1.7 KiB
JavaScript
import LibGenerateTestUserSig from './lib-generate-test-usersig-es.min.js';
|
||
/**
|
||
* Signature expiration time, which should not be too short
|
||
* Time unit: second
|
||
* Default time: 7 * 24 * 60 * 60 = 604800 = 7days
|
||
*/
|
||
const EXPIRETIME = 604800;
|
||
|
||
/**
|
||
* Module: GenerateTestUserSig
|
||
*
|
||
* Description: Generates UserSig for testing. UserSig is a security signature designed by Tencent Cloud for its cloud services.
|
||
* It is calculated based on `SDKAppID`, `UserID`, and `EXPIRETIME` using the HMAC-SHA256 encryption algorithm.
|
||
*
|
||
* Attention: For the following reasons, do not use the code below in your commercial application.
|
||
*
|
||
* The code may be able to calculate UserSig correctly, but it is only for quick testing of the SDK’s basic features, not for commercial applications.
|
||
* `SECRETKEY` in client code can be easily decompiled and reversed, especially on web.
|
||
* Once your key is disclosed, attackers will be able to steal your Tencent Cloud traffic.
|
||
*
|
||
* The correct method is to deploy the `UserSig` calculation code and encryption key on your project server so that your application can request from your server a `UserSig` that is calculated whenever one is needed.
|
||
* Given that it is more difficult to hack a server than a client application, server-end calculation can better protect your key.
|
||
*
|
||
* Reference: https://cloud.tencent.com/document/product/647/17275#Server
|
||
*/
|
||
|
||
function genTestUserSig(options) {
|
||
const { SDKAppID, secretKey, userID } = options;
|
||
const generator = new LibGenerateTestUserSig(SDKAppID, secretKey, EXPIRETIME);
|
||
const userSig = generator.genTestUserSig(userID);
|
||
return {
|
||
SDKAppID,
|
||
userSig,
|
||
};
|
||
}
|
||
|
||
export { genTestUserSig, EXPIRETIME };
|