update inapp_shop callback

2024-12-04 10:26:33 +08:00 · 2024-12-04 10:26:33 +08:00 · 177cb8b34c
commit 177cb8b34c
parent f323500040
6 changed files with 48 additions and 19 deletions
--- a/bin/wheelserver/config/config.json
+++ b/bin/wheelserver/config/config.json
@ -1,2 +1,3 @@
 {
    "shop_secret": "iG4Rpsa)6U31$H#^T85$^^3\""
 }
--- a/server/wheelserver/api/v1/inapp_shop/inapp_shop.go
+++ b/server/wheelserver/api/v1/inapp_shop/inapp_shop.go
@ -25,7 +25,7 @@ func (this *InAppShopApi) Purchase(c *gin.Context) {
 		return
 	}
 	reqJson := struct {
-		GoodsId int32 `json:"goods_id"`
+		GoodsId  int32 `json:"goods_id"`
 		GoodsNum int32 `json:"goods_num"`
 	}{}
 	if err := c.ShouldBindJSON(&reqJson); err != nil {
@ -67,7 +67,7 @@ func (this *InAppShopApi) OrderInfo(c *gin.Context) {
 	}
 	orderId := c.Param("order_id")
 	orderModel := new(model.InAppOrder)
-	if err, found := orderModel.Find(s.GetAccountId(), orderId); err != nil  {
+	if err, found := orderModel.Find(s.GetAccountId(), orderId); err != nil {
 		f5.RspErr(c, 500, "server internal error")
 		return
 	} else if !found {
@ -78,7 +78,7 @@ func (this *InAppShopApi) OrderInfo(c *gin.Context) {
 		vo.BaseVo
 		Data struct {
 			OrderId string `json:"order_id"`
-			Status int32 `json:"status"`
+			Status  int32  `json:"status"`
 		} `json:"data"`
 	}{}
 	rspObj.Data.OrderId = orderModel.OrderId
@ -88,9 +88,9 @@ func (this *InAppShopApi) OrderInfo(c *gin.Context) {
 func (this *InAppShopApi) Callback(c *gin.Context) {
 	reqObj := struct {
-	    Channel string `json:"channel"`
+		Channel   string                   `json:"channel"`
-		Records []map[string]interface{} `json:"records"`
+		Records   []map[string]interface{} `json:"records"`
-		Signature string `json:"sign"`
+		Signature string                   `json:"sign"`
 	}{}
 	if err := c.ShouldBindJSON(&reqObj); err != nil || len(reqObj.Records) == 0 {
@ -115,19 +115,19 @@ func (this *InAppShopApi) Callback(c *gin.Context) {
 		strb.WriteString(q5.SafeToString(rec[k]))
 	}
-	secret:= `iG4Rpsa)6U31$H#^T85$^^3"`
+	secret := mt.Table.Config.GetShopSecret()
 	mac := hmac.New(sha256.New, []byte(secret))
-    _, _ = mac.Write([]byte(strb.String()))
+	_, _ = mac.Write([]byte(strb.String()))
-    sign := string(mac.Sum(nil))
+	sign := string(mac.Sum(nil))
-	if sign != reqObj.Signature {
+	if strings.EqualFold(strings.ToLower(sign), strings.ToLower(reqObj.Signature)) {
 		f5.RspErr(c, 401, "invalid sign")
 		return
 	}
 	orderId := q5.SafeToString(rec["orderId"])
 	orderModel := new(model.InAppOrder)
-	if err, found := orderModel.FindByOrderId(orderId); err != nil  {
+	if err, found := orderModel.FindByOrderId(orderId); err != nil {
 		f5.RspErr(c, 500, "server internal error")
 		return
 	} else if !found {
@ -135,11 +135,17 @@ func (this *InAppShopApi) Callback(c *gin.Context) {
 		return
 	}
-	orderModel.Status = q5.SafeToInt32(rec["status"])
+	status := q5.SafeToInt32(rec["status"])
 	if status <= orderModel.Status {
 		f5.RspErr(c, 401, "invalid status")
 		return
 	}
 	orderModel.Status = status
 	if orderModel.UpdateFields([]string{"status"}) != nil {
 		f5.RspErr(c, 500, "server internal error")
 		return
 	}
-	c.JSON(200,"")
+	f5.RspErr(c, 0, "")
 }
--- a/server/wheelserver/model/inapp_order.go
+++ b/server/wheelserver/model/inapp_order.go
@ -39,12 +39,19 @@ func (this *InAppOrder) UpdateFields(fields []string) error {
 }
 func (this *InAppOrder) Find(accountId string, orderId string) (error, bool) {
-	if result := f5.GetApp().GetOrmDb(constant.WHEEL_DB).Table(this.TableName()).Take(
+	// if result := f5.GetApp().GetOrmDb(constant.WHEEL_DB).Table(this.TableName()).Take(
-		this, "account_id = ? AND order_id = ?", accountId, orderId); result.Error != nil &&
+	// 	this, "account_id = ? AND order_id = ?", accountId, orderId); result.Error != nil &&
-		!errors.Is(result.Error, gorm.ErrRecordNotFound) {
+	// 	!errors.Is(result.Error, gorm.ErrRecordNotFound) {
-		return result.Error, false
+	// 	return result.Error, false
 	// } else {
 	// 	return nil, result.RowsAffected > 0
 	// }
 	err, ok := this.FindByOrderId(orderId)
 	if err != nil {
 		return err, false
 	} else {
-		return nil, result.RowsAffected > 0
+		return nil, ok && this.AccountId == accountId
 	}
 }
--- a/server/wheelserver/mt/Config.go
+++ b/server/wheelserver/mt/Config.go
@ -20,3 +20,7 @@ func (this *ConfigTable) PostInit1() {
 		panic("无法读取config.json")
 	}
 }
 func (this *ConfigTable) GetShopSecret() string {
 	return this.selfConf.GetShopSecret()
 }
--- a/server/wheelserver/mtb/mtb.auto_gen.go
+++ b/server/wheelserver/mtb/mtb.auto_gen.go
@ -116,6 +116,7 @@ type ShopGoods struct {
 }
 type Config struct {
        shop_secret string
        _flags1_ uint64
        _flags2_ uint64
@ -481,6 +482,14 @@ func (this *ShopGoods) HasItemId() bool {
        return (this._flags1_ & (uint64(1) << 3)) > 0
 }
 func (this *Config) GetShopSecret() string {
        return this.shop_secret
 }
 func (this *Config) HasShopSecret() bool {
        return (this._flags1_ & (uint64(1) << 1)) > 0
 }
 func (this *WheelServerCluster) LoadFromKv(kv map[string]interface{}) {
        f5.ReadMetaTableField(&this.instance_id, "instance_id", &this._flags1_, 1, kv)
@ -561,4 +570,5 @@ func (this *ShopGoods) LoadFromKv(kv map[string]interface{}) {
 }
 func (this *Config) LoadFromKv(kv map[string]interface{}) {
        f5.ReadMetaTableField(&this.shop_secret, "shop_secret", &this._flags1_, 1, kv)
 }
--- a/server/wheelserver/proto/mt.proto
+++ b/server/wheelserver/proto/mt.proto
@ -93,4 +93,5 @@ message ShopGoods
 message Config
 {
    optional string shop_secret = 1;
 }