How to create a reusable API authentication mechanism with AES encryption in Retool?

💬 App Building
1

I'm trying to create a reusable API authentication mechanism in Retool. Here's what I need to accomplish:

Current Implementation:
I have a JavaScript function that:

  1. Generates a timestamp in Asia/Shanghai timezone
  2. Creates a signature string with multiple parameters (app_key, biz_content, charset, etc.)
  3. Performs AES encryption (CBC mode, PKCS7 padding) on the signature string
  4. Uses the encrypted signature to make API calls

Code example:

async function sign(para_biz_content, para_methord) {
  const timestamp = moment().zone("Asia/Shanghai").format("x");
  const SignString2 = "app_key=xxx" +
    "&biz_content=" + para_biz_content +
    "&charset=UTF-8" +
    "&interface_method=" + para_methord +
    // ... other parameters ...
    "&timestamp=" + timestamp;

  const encrypted = CryptoJS.AES.encrypt(SignString2, key, {
    keySize: 128,
    iv: iv1,
    mode: CryptoJS.mode.CBC,
    padding: CryptoJS.pad.Pkcs7,
  });
  
  // Use encrypted signature in API calls
}

How can I set up the authentication in the REST API Resource configuration?
3

Hi @Cheng_Eddy,

You could do this by adding in a Javascript step to your Custom Auth Flow!

Where you are defining variables, you would assign one of the variables to be the hashed encryption string that are are generating in the JS snippet.

This would allow for the auth handshake to pass this encrypted string to the server it is looking to execute the auth handshake with.

This is how you would create the variable with JS and then in the next step give the variable a name and set it to be the return value of the JS block.

image
image1886×1518 279 KB

Then in the resource, under Headers or wherever you want to put the variable, you would add in the Bearer ENCRYPTED_TOKEN

image (1)
image (1)1902×1522 164 KB