gen_auth_sig.js

'use strict'

const crypto = require('crypto')
const getNonce = require('./nonce')

/**
 * Authorization signature for WS & REST APIs.
 *
 * @typedef {object} AuthSignature
 * @property {string} payload - request payload, default
 *   'AUTH${nonce}${nonce}''
 * @property {string} sig - signature in hexadecimal
 * @property {number} nonce - used nonce
 */

/**
 * Generates an auth signature, payload, and nonce for passing to the WS & REST
 * APIs
 *
 * @param {string} secret - API secret
 * @param {string} [payload=''] - signature payload, generated by default
 * @returns {AuthSignature} authSignature
 */
const genAuthSig = (secret, payload = '') => {
  const nonce = getNonce()
  if (payload.length === 0) {
    payload = `AUTH${nonce}${nonce}`
  }

  const sig = crypto
    .createHmac('sha384', secret)
    .update(payload)
    .digest('hex')

  return {
    payload,
    sig,
    nonce: getNonce()
  }
}

module.exports = genAuthSig