From 338e7aea692d608201564730614a4be4e3b58d4d Mon Sep 17 00:00:00 2001
From: daiao <358551898@qq.com>
Date: Thu, 30 May 2019 18:27:26 +0800
Subject: [PATCH] 1

---
 app/api/mobile/api.rb | 13 ++++++++++++-
 1 file changed, 12 insertions(+), 1 deletion(-)

diff --git a/app/api/mobile/api.rb b/app/api/mobile/api.rb
index 6085d00f..e93c374c 100644
--- a/app/api/mobile/api.rb
+++ b/app/api/mobile/api.rb
@@ -57,7 +57,18 @@ module Mobile
         ## 签名
         accessKeyId = 'LTAISM4HFWpQHh3g'.freeze
         accessKeySecret = '9NMU8ushmFu8SN1EKHOhvo9jmv1qp0'.freeze
-        sign = Digest::MD5.hexdigest("AccessKeyId=#{accessKeyId}AccessKeySecret=#{accessKeySecret}").upcase
+        str = []
+        params.each do |key, value|
+          if key != "sign"
+            str << "#{key}=#{value}"
+          end
+        end
+        sign_str = "#{str.join("&")}&sk=#{accessKeySecret}"
+        Rails.logger.info("#####sign_str: #{sign_str}")
+        sign = Digest::MD5.hexdigest("#{sign_str}").upcase
+        Rails.logger.info("#####sign: #{sign}")
+        Rails.logger.info("#####params[:sign]: #{params[:sign]}")
+
         if params[:sign] != sign
           error!('401 Unauthorized', 401)
         end