deliveryman-api/app/api/endpoints/bank_card.py

from fastapi import APIRouter, Depends
from sqlalchemy.orm import Session
from app.models.user_bank_card import UserBankCardDB, BankCardCreate, BankCardInfo
from app.models.user_auth import UserAuthDB
from app.models.database import get_db
from app.api.deps import get_current_user
from app.models.user import UserDB
from app.core.response import success_response, error_response, ResponseModel
from app.core.qcloud import qcloud_manager
from typing import List

router = APIRouter()

@router.post("", response_model=ResponseModel)
async def add_bank_card(
    card: BankCardCreate,
    db: Session = Depends(get_db),
    current_user: UserDB = Depends(get_current_user)
):
    """添加银行卡"""
    # 检查是否已实名认证
    if not current_user.is_auth:
        return error_response(code=400, message="请先完成实名认证")
    
    # 获取认证信息
    auth_info = db.query(UserAuthDB).filter(
        UserAuthDB.user_id == current_user.userid
    ).first()
    
    if not auth_info:
        return error_response(code=400, message="未找到实名认证信息")
    
    # 验证姓名是否一致
    if card.name != auth_info.name:
        return error_response(code=400, message="银行卡持卡人姓名与实名认证信息不一致")
    
    try:
        # 调用银行卡三要素核验
        verify_result = await qcloud_manager.verify_bank_card(
            name=auth_info.name,
            id_card=auth_info.id_number,
            card_number=card.card_number
        )
        
        # 验证不通过
        if verify_result["Result"] != "0":
            return error_response(
                code=400,
                message=f"银行卡验证失败: {verify_result['Description']}"
            )
        
        # 创建银行卡记录
        bank_card = UserBankCardDB(
            user_id=current_user.userid,
            name=card.name,
            card_number=card.card_number,
            bank_name=card.bank_name
        )
        db.add(bank_card)
        db.commit()
        db.refresh(bank_card)
        
        return success_response(data=BankCardInfo.model_validate(bank_card))
    except Exception as e:
        db.rollback()
        return error_response(code=500, message=f"添加银行卡失败: {str(e)}")

@router.get("", response_model=ResponseModel)
async def get_bank_cards(
    db: Session = Depends(get_db),
    current_user: UserDB = Depends(get_current_user)
):
    """获取用户的银行卡列表"""
    cards = db.query(UserBankCardDB).filter(
        UserBankCardDB.user_id == current_user.userid
    ).all()
    
    # 对银行卡号进行脱敏处理
    card_list = []
    for card in cards:
        card_info = BankCardInfo.model_validate(card)
        # 只显示后四位，其他用*代替
        card_info.card_number = f"{'*' * (len(card.card_number)-4)}{card.card_number[-4:]}"
        card_list.append(card_info)
    
    return success_response(data=card_list)

@router.delete("/{card_id}", response_model=ResponseModel)
async def delete_bank_card(
    card_id: int,
    db: Session = Depends(get_db),
    current_user: UserDB = Depends(get_current_user)
):
    """删除银行卡"""
    card = db.query(UserBankCardDB).filter(
        UserBankCardDB.id == card_id,
        UserBankCardDB.user_id == current_user.userid
    ).first()
    
    if not card:
        return error_response(code=404, message="银行卡不存在")
    
    try:
        db.delete(card)
        db.commit()
        return success_response(message="删除成功")
    except Exception as e:
        db.rollback()
        return error_response(code=500, message=f"删除失败: {str(e)}")