秒杀结算

陈轩
Commit 8f97098c72c474850c3a9d59d036f0b04a20a41e 1 parent 5ef8b663
Showing 3 changed files with 25 additions and 7 deletions
apps/cart/controllers/seckill.js
apps/cart/views/action/order-ensure.hbs
public/js/cart/seckill/order-ensure.js
--- a/apps/cart/controllers/seckill.js
View file @8f97098
+++ b/apps/cart/controllers/seckill.js
View file @8f97098
@@ -8,11 +8,13 @@ const seckillModel = require('../models/seckill');
 const headerModel = require('../../../doraemon/models/header'); // 头部model
 
 const BAD_REQUEST = '非法请求';
+ const SLAT = 'yohobuyseckill98';
 
 exports.ensure = (req, res, next) => {
     const sku = Number.parseInt(req.query.sku, 10);
     const skn = Number.parseInt(req.query.skn, 10);
     const uid = req.user.uid;
+     let activityId;
 
     let orderInfo = req.cookies['order-info'];
 
@@ -24,7 +26,7 @@ exports.ensure = (req, res, next) => {
 
     // require skn, sku;
     if (!(sku && skn)) {
-         return next('error');
+         return next();
     }
 
     co(function*() {
@@ -38,14 +40,20 @@ exports.ensure = (req, res, next) => {
         let skillData = yield seckillModel.skillData(skn); // 根据skn查活动信息
 
         skillData = skillData.data;
+ 
+         // 不在秒杀中
+         if (skillData && (skillData.status !== 2)) {
+             return res.redirect('/product/seckill');
+         }
+ 
         if (!(
                 skillData &&
-                 skillData.status &&
                 skillData.secKillSku.some(obj => obj.productSku === sku)  // skn has sku;
             )) {
             return Promise.reject('活动不存在');
         }
-         paymentOption.activity_id = skillData.activityId;
+ 
+         paymentOption.activity_id = activityId = skillData.activityId;
 
         // 获取结算 数据
         let paymentInfo = yield seckillModel.payment(paymentOption, orderInfo);
@@ -74,7 +82,8 @@ exports.ensure = (req, res, next) => {
         res.render('order-ensure', Object.assign({
             pageHeader: headerModel.setNav({
                 navTitle: '确认订单'
-             })
+             }),
+             cartToken: crypto.encryption(SLAT, [sku, activityId].join(''))
         }, view));
     })().catch(next);
 };
@@ -123,12 +132,19 @@ exports.submit = (req, res, next) => {
         deliveryTime = Number.parseInt(req.body.deliveryTime, 10),
         deliveryWay = Number.parseInt(req.body.deliveryWay, 10),
         paymentId = Number.parseInt(req.body.paymentId, 10),
-         paymentType = Number.parseInt(req.body.paymentType, 10);
+         paymentType = Number.parseInt(req.body.paymentType, 10),
+         token = req.body.cartToken;
 
     let addressId = req.body.addressId || '';
 
     if (!req.xhr) {
-         return next(404);
+         return next();
+     }
+ 
+     let compareToken = crypto.encryption(SLAT, [sku, activityId].join(''));
+ 
+     if (token !== compareToken) {
+         return next();
     }
 
     if (!addressId) {
--- a/apps/cart/views/action/order-ensure.hbs
View file @8f97098
+++ b/apps/cart/views/action/order-ensure.hbs
View file @8f97098
 <div class="order-ensure-page yoho-page">
+     <input id="cart-token" type="hidden" name="token" value="{{cartToken}}">
     {{#if orderEnsure}}
     {{#if addressInfo}}
     <div class="address block address-wrap {{#if pageHeader.boys}} boys{{/if}}{{#if pageHeader.girls}} girls{{/if}}{{#if pageHeader.kids}} kids{{/if}}{{#if pageHeader.lifeStyle}} life-style{{/if}}" data-id ="{{addressId}}">
--- a/public/js/cart/seckill/order-ensure.js
View file @8f97098
+++ b/public/js/cart/seckill/order-ensure.js
View file @8f97098
@@ -269,7 +269,8 @@ function submitOrder() {
             remark: msg,
             paymentId: orderInfo('paymentTypeId'),
             paymentType: orderInfo('paymentType'), // 支付方式
-             useYohoCoin: orderInfo('yohoCoin')
+             useYohoCoin: orderInfo('yohoCoin'),
+             cartToken: $('#cart-token').val()
         }
     }).then(function(res) {
         var url;