认证

帐号

目前采取的方案是，每刻管理员分配客户端帐号／密码；后期将会完善为公司管理员创建帐号／密码，并设置相应的权限；

登录

客户端提供以下信息登录每刻系统

接口： /auth/login POST JSON

请求参数

参数	类型	描述
appCode	string	客户端帐号
timestamp	long	客户端提供的时间戳
secret	string	不是客户端密码；是将客户端密码、客户端帐号、时间戳依次连接，然后通过sha256算法加密后的字符串

返回数据

参数	类型	描述
entCode	string	公司唯一编码
tokenId	string	本次登录有效的临时令牌

示例

请求数据

{   
  "appCode": "ABC",
  "timestamp": 123232323,
  "secret": "a very long string by sha 256 (appPwd + ":" + appCode + ":" + timestamp)"
}

返回数据(成功）

{    
  "entCode": "AAAAAAA",
  "tokenId": "BBBBBBB",
  "refreshTokenId": "BBBBBBB",
  "success": true,
  "message": null,
  "code": "ACK"
}

返回数据（失败）

{
  "data": null,
  "success": false,
  "message": "fail to login",
  "code": "NACK"
}

java demo

假设：

appCode = UI1604261WJAYV7K
timestamp = {now()}.longValue()
appSecret = 123456

secret = sha256Hex((appSecret + ":" + appCode + ":" + timestamp));

Java获取authToken


OkHttpClient client = new OkHttpClient();

MediaType mediaType = MediaType.parse("application/json");
RequestBody body = RequestBody.create(mediaType, "{\"appCode\":\"UI1604261WJAYV7K\",\"secret\":\"****\",\"timestamp\":\"1467805765758\"}");
Request request = new Request.Builder()
  .url("http://localhost:8080/maycur-pro/openapi/auth/login")
  .post(body)
  .addHeader("content-type", "application/json")
  .build();

Response response = client.newCall(request).execute();

C#获取authToken


var client = new RestClient("http://localhost:8080/maycur-pro/openapi/auth/login");
var request = new RestRequest(Method.POST);
request.AddHeader("cache-control", "no-cache");
request.AddHeader("content-type", "application/json");
request.AddParameter("application/json", "{\"appCode\":\"UI1446256748040100141\",\"secret\":\"c358d871d9b1f22f008df05ed4c7f7325ce7babaeb0d998470e23c3c2d6b0d7c\",\"timestamp\":\"1468377280\"}", ParameterType.RequestBody);
IRestResponse response = client.Execute(request);

results matching ""

No results matching ""