| 123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150 |
- const API = require("../../lib/API.js")
- const db = require("../../plugin/DataBase/db.js")
- const Redis = require('../../plugin/DataBase/Redis')
- const { BaseStdResponse } = require("../../BaseStdResponse.js")
- const AccessControl = require("../../lib/AccessControl.js")
- const crypto = require('crypto')
- const axios = require('axios')
- const config = require('../../config.json')
- function generateOrderId() {
- const now = new Date()
- const pad = (n, w = 2) => n.toString().padStart(w, '0')
- return `${now.getFullYear()}${pad(now.getMonth() + 1)}${pad(now.getDate())}` +
- `${pad(now.getHours())}${pad(now.getMinutes())}${pad(now.getSeconds())}` +
- `${pad(now.getMilliseconds(), 3)}`
- }
- function generatePaymentSign(params, key) {
- const sorted = Object.keys(params).sort()
- const query = sorted.map(k => `${k}=${params[k]}`).join('&') + key
-
- return crypto.createHash('md5').update(query, 'utf8').digest('hex')
- }
- // async function getPayStatus(order_no) {
- // const endpoint = config.pay.url + '/api/findorder'
- // try {
- // const res = await axios.post(endpoint, {order_no, type: 1})
- // } catch (error) {
-
- // }
- // }
- class CreateOrder extends API {
- constructor() {
- super()
- this.setPath('/Order/CreateOrder')
- this.setMethod('POST')
- }
- async onRequest(req, res) {
- const { uuid, session, goods_id, pay_type } = req.body
- if ([uuid, session, goods_id, pay_type].some(v => v === '' || v === null || v === undefined)) {
- return res.json({
- ...BaseStdResponse.MISSING_PARAMETER,
- endpoint: 1513126
- })
- }
- const sessionValid = await AccessControl.checkSession(uuid, session)
- if (!sessionValid) {
- return res.status(401).json({
- ...BaseStdResponse.ACCESS_DENIED
- })
- }
- try {
- const goodsSql = 'SELECT name, price, num, state FROM goods WHERE id = ?'
- const goodsRows = await db.query(goodsSql, [goods_id])
- if (!goodsRows || goodsRows.length !== 1) {
- return res.json({
- ...BaseStdResponse.ERR,
- msg: '商品不存在',
- endpoint: 1513126
- })
- }
- const goods = goodsRows[0]
- if (goods.num < 1 || goods.state !== 1) {
- return res.json({
- ...BaseStdResponse.ERR,
- msg: '商品已下架或库存不足',
- endpoint: 1513126
- })
- }
- const createTime = Date.now()
- const orderId = generateOrderId()
- const insertSql = `
- INSERT INTO orders (orderId, create_user, create_time, goods_id, price, pay_type)
- VALUES (?, ?, ?, ?, ?, ?)
- `
- const result = await db.query(insertSql, [
- orderId, uuid, createTime, goods_id, goods.price, pay_type
- ])
- const updateSql = 'UPDATE goods SET num = num - 1 WHERE id = ?'
- await db.query(updateSql, [goods_id])
- if (result && result.affectedRows > 0) {
- const paymentConfig = config.pay || {}
- if (!paymentConfig.pid || !paymentConfig.url || !paymentConfig.key || !paymentConfig.return_url) {
- return res.json({
- ...BaseStdResponse.ERR,
- msg: '支付配置错误,请联系管理员'
- })
- }
- const payParams = {
- pid: paymentConfig.pid,
- type: pay_type,
- out_trade_no: orderId,
- notify_url: `${config.url}/Order/CallBack`,
- return_url: paymentConfig.return_url + orderId,
- name: goods.name,
- money: goods.price
- }
- const sign = generatePaymentSign(payParams, paymentConfig.key)
- payParams.sign = sign
- payParams.sign_type = 'MD5'
- await Redis.set(`payData:${orderId}`, JSON.stringify(payParams), {
- EX: 300
- })
- return res.json({
- ...BaseStdResponse.OK,
- id: orderId,
- pay: {
- payUrl: `${paymentConfig.url}/submit.php`,
- payData: payParams
- }
- })
- // 定时器轮询订单状态
- } else {
- return res.json({
- ...BaseStdResponse.ERR,
- msg: '创建订单失败',
- endpoint: 7894378
- })
- }
- } catch (err) {
- this.logger.error(`创建订单失败!${err.stack}`)
- return res.json({
- ...BaseStdResponse.ERR,
- msg: "创建订单异常,请联系管理员"
- })
- }
- }
- }
- module.exports.CreateOrder = CreateOrder
|
