deliveryman/deliveryman-api
3
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
1e22bc4587
deliveryman-api/app/api/endpoints/wechat.py
aaron 1e22bc4587 修改 username 为 nickname
2025-01-20 22:47:55 +08:00

241 lines
8.2 KiB
Python
Raw Blame History

from fastapi import APIRouter, Depends, Response, Request
from sqlalchemy.orm import Session
from app.models.database import get_db
from app.models.user import UserInfo,UserDB, PhoneLoginRequest, generate_user_code
from app.models.order import ShippingOrderDB, OrderStatus
from app.core.response import success_response, error_response, ResponseModel
from app.core.wechat import WeChatClient,generate_random_string
from app.core.security import create_access_token, set_jwt_cookie
from pydantic import BaseModel
import json
import time
from datetime import datetime, timezone
from app.api.deps import get_current_user
from app.core.config import settings
import random
import string
router = APIRouter()
class PhoneNumberRequest(BaseModel):
code: str # 登录凭证
referral_code: str = None # 推荐码(可选)
@router.post("/phone-login", response_model=ResponseModel)
async def wechat_phone_login(
request: PhoneNumberRequest,
db: Session = Depends(get_db),
response: Response = None
):
"""通过微信手机号登录/注册"""
try:
# 初始化微信客户端
wechat = WeChatClient()
# 获取用户 openid
session_info = await wechat.code2session(request.code)
openid = session_info["openid"]
# 获取用户手机号
phone_info = await wechat.get_phone_number(request.code)
if not phone_info or not phone_info.get('phone_number'):
return error_response(code=400, message="获取手机号失败")
phone = phone_info['phone_number']
# 查找或创建用户
user = db.query(UserDB).filter(UserDB.phone == phone).first()
if not user:
# 生成用户编码
user_code = generate_user_code(db)
user = UserDB(
username=f"user_{phone[-4:]}",
phone=phone,
user_code=user_code,
referral_code=request.referral_code,
openid=openid # 保存 openid
)
db.add(user)
db.flush()
# 发放优惠券
from app.api.endpoints.user import issue_register_coupons
issue_register_coupons(db, user.userid)
db.commit()
db.refresh(user)
else:
# 更新现有用户的 openid
user.openid = openid
db.commit()
# 创建访问令牌
access_token = create_access_token(
data={"phone": user.phone, "userid": user.userid}
)
# 设置JWT cookie
if response:
set_jwt_cookie(response, access_token)
return success_response(
message="登录成功",
data={
"user": UserInfo.model_validate(user),
"access_token": access_token,
"token_type": "bearer"
}
)
except Exception as e:
db.rollback()
return error_response(code=500, message=f"登录失败: {str(e)}")
@router.post("/pay/order", response_model=ResponseModel)
async def create_wechat_pay_order(
orderid: str,
db: Session = Depends(get_db),
current_user: UserDB = Depends(get_current_user)
):
"""创建微信支付订单"""
# 查询订单
order = db.query(ShippingOrderDB).filter(
ShippingOrderDB.orderid == orderid,
ShippingOrderDB.userid == current_user.userid,
ShippingOrderDB.status == OrderStatus.UNPAID # 只能支付新创建的订单
).first()
if not order:
return error_response(code=404, message="订单不存在或状态不正确")
# 检查是否已经支付
if order.pay_status:
return error_response(code=400, message="订单已支付")
try:
# 获取微信支付客户端
wx_pay_client = WeChatClient()
# 创建支付订单
resp_data = wx_pay_client.create_jsapi_payment(
orderid=orderid,
amount=int(order.final_amount * 100),
openid=current_user.openid,
description=f"蜂快到家-配送订单{orderid}"
)
# 更新订单支付信息
order.prepay_id = resp_data.get("prepay_id")
db.commit()
# 生成支付参数
timestamp = str(int(time.time()))
nonce_str = generate_random_string()
package = f"prepay_id={resp_data.get('prepay_id')}"
# 构建签名数据
sign_data = f"{settings.WECHAT_APPID}\n{timestamp}\n{nonce_str}\n{package}\n"
signature = wx_pay_client.sign(sign_data.encode())
return success_response(data={
"orderid": orderid,
"payment_params": {
"appId": settings.WECHAT_APPID,
"timeStamp": timestamp,
"nonceStr": nonce_str,
"package": package,
"signType": "RSA",
"paySign": signature
}
})
except Exception as e:
db.rollback()
return error_response(code=500, message=f"创建支付订单失败: {str(e)}")
@router.post("/pay/notify")
async def wechat_pay_notify(request: Request):
"""微信支付回调通知"""
try:
# 获取微信支付客户端
wx_pay_client = WeChatClient()
# 读取原始请求数据
body = await request.body()
# 验证签名
headers = request.headers
signature = headers.get("Wechatpay-Signature")
timestamp = headers.get("Wechatpay-Timestamp")
nonce = headers.get("Wechatpay-Nonce")
serial_no = headers.get("Wechatpay-Serial")
if not all([signature, timestamp, nonce, serial_no]):
return error_response(code=400, message="缺少必要的请求头")
# 验证签名
sign_str = f"{timestamp}\n{nonce}\n{body.decode()}\n"
if not wx_pay_client.verify_signature(
sign_str.encode(),
signature,
serial_no
):
return error_response(code=401, message="签名验证失败")
# 解密数据
data = json.loads(body)
resource = data.get("resource")
if not resource:
return error_response(code=400, message="缺少资源数据")
# 解密回调数据
decrypted_data = wx_pay_client.decrypt_callback(
resource.get("associated_data", ""),
resource.get("nonce", ""),
resource.get("ciphertext", "")
)
# 解析解密后的数据
notify_data = json.loads(decrypted_data)
# 获取订单信息
trade_state = notify_data.get("trade_state")
orderid = notify_data.get("out_trade_no")
transaction_id = notify_data.get("transaction_id")
# 处理支付结果
if trade_state == "SUCCESS":
# 获取数据库会话
db = next(get_db())
try:
# 查询并更新订单
order = db.query(ShippingOrderDB).filter(
ShippingOrderDB.orderid == orderid,
ShippingOrderDB.pay_status == False # 避免重复处理
).first()
if order:
# 更新订单支付状态
order.pay_status = True
order.pay_time = datetime.now(timezone.utc)
order.transaction_id = transaction_id
db.commit()
return success_response(message="支付成功")
except Exception as e:
db.rollback()
# 记录错误日志
print(f"处理支付回调失败: {str(e)}")
return error_response(code=500, message=f"处理失败: {str(e)}")
finally:
db.close()
return success_response(message="回调处理成功")
except Exception as e:
# 记录错误日志
print(f"支付回调异常: {str(e)}")
return error_response(code=500, message=f"回调处理异常: {str(e)}")
Reference in New Issue View Git Blame Copy Permalink