import { AES, SHA256, enc } from "crypto-js"import moment from "moment"const

1. import { AES, SHA256, enc } from "crypto-js"
2. import moment from "moment"
3.  
4. const privateKey = "secret"
5. const password = "123456"
6. const refCode = "ASDASD"
7.  
8. const createOtp = (password, refCode) => {
9. return {
10. password: AES.encrypt(password, privateKey).toString(),
11. refCode,
12. expireTime: moment().add(1, "minute").unix()
13. }
14. }
15.  
16. const sign = (otp) => {
17. return {
18. token: otp,
19. signature: SHA256(JSON.stringify(otp), privateKey).toString()
20. }
21. }
22.  
23. const send = sign(createOtp(password, refCode))
24.  
25. console.log("send", send)
26.  
27. // from client
28. const receive = {
29. tryPassword: "123456",
30. token: send.token,
31. signature: send.signature
32. }
33.  
34. const validateToken = (token, signature) => {
35. return signature === SHA256(JSON.stringify(token), privateKey).toString()
36. }
37.  
38. const validateExpireTime = (token, now) => {
39. return moment(token.expireTime).isAfter(now)
40. }
41.  
42. const validatePassword = (token, tryPassword) => {
43. return AES.decrypt(token.password, privateKey).toString(enc.Utf8) === tryPassword
44. }
45.  
46. console.log("token:", validateToken(receive.token, receive.signature))
47. console.log("expire:", validateExpireTime(receive.token, moment()))
48. console.log("password", validatePassword(receive.token, receive.tryPassword))