verify-result-oko

郭成尧
Commit ead96a4b7cb2fa9daf61c4f572eee8184ca95ead 1 parent 4da54206
Showing 3 changed files with 92 additions and 27 deletions
apps/cart/controllers/pay.js
apps/cart/models/pay.js
config/common.js
--- a/apps/cart/controllers/pay.js
View file @ead96a4
+++ b/apps/cart/controllers/pay.js
View file @ead96a4
@@ -73,8 +73,10 @@ const payAli = (req, res, next) => {
         return;
     }
+    let verifyResult = payModel.alipayResultVerify(req.query);
+
     // 支付失败
-    if (req.query.trade_status !== 'TRADE_SUCCESS') {
+    if (!verifyResult.payResult) {
         return res.render('pay/pay-ali', responseData);
     }
--- a/apps/cart/models/pay.js
View file @ead96a4
+++ b/apps/cart/models/pay.js
View file @ead96a4
@@ -11,15 +11,15 @@ const serviceAPI = global.yoho.ServiceAPI;
 const utils = '../../../utils';
 const productProcess = require(`${utils}/product-process`);
 const _ = require('lodash');
+const ApipayConfig = global.yoho.config.alipayConfig;
+const md5 = require('md5');
 // 资源位
 const _getBanner = (param) => {
     return serviceAPI.get('operations/api/v5/resource/get', {
         content_code: param.contentCode,
         platform: 'iphone'
-    }, {
-        code: 200
-    }).then((result) => {
+    }, { code: 200 }).then((result) => {
         result = result.data;
@@ -36,9 +36,7 @@ const _getOthersBuy2 = (param) => {
         rec_pos: '100005',
         limit: 2,
         client_id: param.client_id
-    }, {
-        code: 200
-    }).then((result) => {
+    }, { code: 200 }).then((result) => {
         if (result && result.data && result.data.product_list) {
             return productProcess.processProductList(result.data.product_list);
@@ -53,9 +51,7 @@ const _getOtherDetail = (param) => {
         method: 'app.SpaceOrders.detail',
         uid: param.uid,
         order_code: param.orderCode
-    }, {
-        code: 200
-    }).then((result) => {
+    }, { code: 20 }).then((result) => {
         return result;
@@ -74,7 +70,7 @@ const _getOthersBuy = (param) => {
             goodSkn = result[0].data.order_goods[0].product_skn;
         }
-        return _getOthersBuy2(Object.assign(param, {skn: goodSkn}));
+        return _getOthersBuy2(Object.assign(param, { skn: goodSkn }));
     }).then((result) => {
@@ -125,6 +121,69 @@ const getPayCod = (param) => {
     });
 };
+const _raw = (args) => {
+    let keys = Object.keys(args);
+
+    keys = keys.filter(k => {
+        let keyValueCheck =
+            k === 'sign' ||
+            k === 'sign_type' ||
+            k === 'code' ||
+            args[k] === '' ||
+            args[k] === 'undefined';
+
+        return !keyValueCheck;
+    }).sort();
+
+    return keys.map(k => {
+        return k + '=' + decodeURI(args[k]);
+    }).join('&');
+};
+
+/**
+ * 验证返回结果的正确性
+ */
+const _checkResponse = (params) => {
+    if (!params.sign) {
+        return false;
+    }
+    let rawResult = _raw(params);
+    let sign = rawResult + ApipayConfig.alipayKey;
+    let md5Result = md5(sign);
+
+    return md5Result === params.sign;
+};
+
+
+/**
+ * 支付宝支付结果校验
+ */
+const alipayResultVerify = (params) => {
+    let checkResult = {};
+
+    if (params.q) {
+        delete params.q;
+    }
+
+    if (!_checkResponse(params)) {
+        checkResult.payResult = false;
+    } else {
+        _.assign(checkResult, {
+            bankName: '',
+            orderCode: params.out_trade_no,
+            payResult: params.trade_status === 'TRADE_SUCCESS',
+            payTime: params.gmt_payment || '',
+            totalFee: params.total_fee,
+            resultMsg: params.notify_type,
+            payOrderCode: params.out_trade_no,
+            tradeNo: params.trade_no,
+            bankBillNo: ''
+        });
+    }
+
+    return checkResult;
+};
+
 // 支付宝支付
 const getPayAli = (param) => {
     return api.all([
@@ -171,5 +230,6 @@ const getPayAli = (param) => {
 module.exports = {
     getPayCod,
-    getPayAli
+    getPayAli,
+    alipayResultVerify
 };
--- a/config/common.js
View file @ead96a4
+++ b/config/common.js
View file @ead96a4
@@ -16,21 +16,21 @@ module.exports = {
     siteUrl: '//m.yohobuy.com',
     assetUrl: '//127.0.0.1:5001',
     domains: {
-        // api: 'http://api-test3.yohops.com:9999/',
-        // service: 'http://service-test3.yohops.com:9999/',
-        // liveApi: 'http://testapi.live.yohops.com:9999/',
-        // singleApi: 'http://api-test3.yohops.com:9999/',
-        // imSocket: 'ws://im.yohobuy.com:10240',
-        // imCs: 'http://im.yohobuy.com/api',
-        // imServer: 'http://im.yohobuy.com/server'
+        api: 'http://api-test3.yohops.com:9999/',
+        service: 'http://service-test3.yohops.com:9999/',
+        liveApi: 'http://testapi.live.yohops.com:9999/',
+        singleApi: 'http://api-test3.yohops.com:9999/',
+        imSocket: 'ws://im.yohobuy.com:10240',
+        imCs: 'http://im.yohobuy.com/api',
+        imServer: 'http://im.yohobuy.com/server'
-        api: 'http://api.yoho.cn/',
-        service: 'http://service.yoho.cn/',
-        liveApi: 'http://api.live.yoho.cn/',
-        singleApi: 'http://single.yoho.cn/',
-        imSocket: 'ws://imsocket.yohobuy.com:10000',
-        imCs: 'http://imhttp.yohobuy.com/api',
-        imServer: 'http://imhttp.yohobuy.com/server'
+        // api: 'http://api.yoho.cn/',
+        // service: 'http://service.yoho.cn/',
+        // liveApi: 'http://api.live.yoho.cn/',
+        // singleApi: 'http://single.yoho.cn/',
+        // imSocket: 'ws://imsocket.yohobuy.com:10000',
+        // imCs: 'http://imhttp.yohobuy.com/api',
+        // imServer: 'http://imhttp.yohobuy.com/server'
     },
     subDomains: {
         host: '.m.yohobuy.com',
@@ -86,7 +86,10 @@ module.exports = {
             appSecret: 'ce21ae4a3f93852279175a167e54509b'
         }
     },
-    zookeeperServer: '192.168.102.168:2188'
+    zookeeperServer: '192.168.102.168:2188',
+    alipayConfig: {
+        alipayKey: 'kcxawi9bb07mzh0aq2wcirsf9znusobw'
+    }
 };
 if (isProduction) {