签名认证

app/controllers/ecloud_controller.rb

@@ -5,7 +5,7 @@ require 'digest'
 class EcloudController < ApplicationController
   skip_before_filter :verify_authenticity_token
 
-  before_filter check_sign
+  before_filter :check_sign
   before_filter :user_setup
   before_filter :require_login, only: [:authorize]
 
@@ -20,8 +20,10 @@ class EcloudController < ApplicationController
   def trustie_login
   end
 
-  CLIENT_ID = '1022'
-  CLIENT_SECRET = '2112037a-6d7a-432b-9081-feb1153d8668'
+  # CLIENT_ID = '1022'
+  CLIENT_ID = '124124'
+  CLIENT_SECRET = '72ff7f4e-9b2e-4b33-8232-07cb0d08bbf3'
+  # CLIENT_SECRET = '2112037a-6d7a-432b-9081-feb1153d8668'
   ROOT_URl = 'http://localhost:3000'
   SERVER_URL = "https://221.176.54.92:9081/restful/services/"
 
@@ -29,7 +31,7 @@ class EcloudController < ApplicationController
 
   ## 签名
   def sign(timestamp)
-    Digest::MD5.hexdigest("client_id=#{CLIENT_ID}client_key=#{CLIENT_SECRET}timestamp=#{timestamp}")
+    Digest::MD5.hexdigest("client_id=#{CLIENT_ID}client_key=#{CLIENT_SECRET}timestamp=#{timestamp}").upcase
   end
 
 
@@ -186,9 +188,13 @@ class EcloudController < ApplicationController
 
   private
   def check_sign
-    public_key = '1022'
-    secret_key = '2112037a-6d7a-432b-9081-feb1153d8668'
-    timestamp = params['timestamp']
+    sign = sign(params['timestamp'])
+    logger.info("######@2222#{sign}")
+    logger.info("######@2222#{params['sign']}")
+    if sign != params['sign']
+      render :json => {code: 501, msg: "sign的值错误"}
+      return
+    end
 
   end
 end