Set Binance API Applications signed Keys in Nestjs
When interacting with the Nestjs wallpaper with the Binance API, it is essential to receive signed keys to authenticate the applications and prevent unauthorized access. In this article, we give guidance to set the signed keys to the /api/v3/order" and "order/test" endpoints.
** Why is signed keys required?
Binance API requires a valid API key to complete each operation. However, by default, the key is not signed, so it becomes vulnerable against unauthorized access. To solve the problem, you need to create an application secret (also known as X-Signature-Public-Key) and use it to sign your requests.
Generation of signed keys
Follow these steps to obtain a valid signature:
- Create a Binance Developer Account : If you haven't done so, register for a Binance Developer account.
- Make the secret of an application : Once you have signed in to the developer dashboard, find the API key tab and click "Generate the Secret of the New Application". You can choose between JSON web tokens (JWT) or server -side public key encryption (SSEK).
- Select an algorithm : Select an appropriate algorithm to produce signed keys.
- Use the secret of the application in the Nestjs background : In the NESTJS application, it imported the@nestjs/jwt” package and use it to create an authentication service.
Example Implementation
Here’s an example of setting up the signed button on the “/API/V3/Order” and “Order/Test” endpoints with JWT:
`Typescript
Import {injectable} from '@nest/common';
Import * JWT from 'Jsonwebtoken';
@Injectable ()
Export class Authservice {
Private Appsecret: String;
constructor () {
this.Appsecret = Process.env.binance_App_Secret;
}
Async generatetoken (user: user): Promise
Const payload = {user};
RETURN JWT.SIGN (Useful burden, this.appsecret, {out: '1h'});
}
Async Verifyytoken (token: String): Promise
Try {
Conodicized = jwt.verify (token, this.appsecret);
Return decodos.user as a user;
} catch (error) {
Return zero;
}
}
Async Createrord (User: User, Order: Orderinput): Promise
CONST TOKEN = Wait for Autheter.generatetoken (user);
Const paysad = {user, order};
Const Signature = JWT.SIGN (Useful load, this.Appsret, {out: '1H'});
Return {... order, signature};
}
}
In the example above:
- We make a signed key using “jsonwebtoken” and store it as an environmental variable.
- When creating a new order, the user’s token is confirmed with the signed key to ensure power.
Compilation of the whole
Here is the updated version of the NESTJS application that contains the signed keys:
`Typescript
Import {module} from '@nest/common';
Import {AppController} from './App.Controller';
{Appservice} import from './App.Service';
Import {AuthService} from './auth.Service';
@Module ({
Controllers: [AppController],
Service Providers: [AuthService, Appservice],
})
Export class Appmodule {}
“ Typescript
Import Express ‘Express’;
Import authcontroller ‘./auth.controller’;
Import Authservice from ‘./auth.Service’;
CONST App = Express ();
App.use (Express.json ());
app.post (‘/api/v3/order’, async (req: request, res: reply) => {{{{{
Const order = req.Body;
Try {
// Create a new order with the signed key
CONST TOKEN = Wait for Autheter.generatetoken ({user: ‘YOUR_USER_NAME’});
Const payload = {user: ‘your_user_name’, order};
Const Signature = jwt.sign (useful load, ‘your_app_secret_key’);
return res.status (201) .json ({{
Message: “Order is successfully created!”,
Date: {
… order,
Signature,
},
});
} catch (error) {
Console.Error (error);
Return res.status (500).
