| 123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566 |
- const API = require("../../lib/API.js")
- const db = require("../../plugin/DataBase/db.js")
- const { BaseStdResponse } = require("../../BaseStdResponse.js")
- const config = require('../../config.json')
- const crypto = require("crypto")
- const PAYMENT_KEY = config.pay.key
- class CallBack extends API {
- constructor() {
- super()
- this.setPath('/Order/CallBack')
- this.setMethod('GET')
- }
- async onRequest(req, res) {
- const {
- pid, trade_no, out_trade_no, type, name, money,
- trade_status, sign, sign_type
- } = req.query
- // 参数校验
- if ([pid, trade_no, out_trade_no, type, name, money, trade_status, sign, sign_type].some(v => v === undefined))
- return res.json({
- ...BaseStdResponse.MISSING_PARAMETER
- })
- // 签名校验
- const rawParams = {
- money, name, out_trade_no, pid, trade_no, trade_status, type
- }
- const sortedKeys = Object.keys(rawParams).sort()
- const preSignStr = sortedKeys.map(key => `${key}=${rawParams[key]}`).join('&') + `&key=${PAYMENT_KEY}`
- const localSign = crypto.createHash('md5').update(preSignStr, 'utf8').digest('hex')
- if (localSign !== sign)
- return res.json({
- ...BaseStdResponse.ERR,
- msg: '签名验证失败'
- })
- // 判断支付状态
- if (trade_status !== 'TRADE_SUCCESS') {
- const sql = 'UPDATE orders SET \`state\` = 2, pay_id = ? WHERE orderId = ?'
- await db.query(sql, [trade_no, out_trade_no])
- }
-
- try {
- // 更新订单状态
- const sql = 'UPDATE orders SET \`state\` = 1, pay_type = ?, pay_id = ? WHERE orderId = ? AND \`state\` = 0'
- const result = await db.query(sql, [type, trade_no, out_trade_no])
- if (result.affectedRows > 0) {
- return res.send('success')
- } else {
- return res.send('订单不存在或已处理')
- }
- } catch (err) {
- this.logger.error(`支付回调异常:${err.stack}`)
- return res.send('服务器错误')
- }
- }
- }
- module.exports.CallBack = CallBack
|
