Skip to content

Z
zhichan
Commit 11ce41dc by 宋毅
Options

tj

parent 37078d25
Showing with 303 additions and 172 deletions
center-app/app/base/api/api.base.js
......@@ -50,88 +50,14 @@ class APIBase {
}
return system.getResultSuccess();
}
/**
* 白名单验证
* @param {*} gname 组名
* @param {*} methodname 方法名
*/
async isCheckWhiteList(gname, methodname) {
var fullname = gname + "." + methodname;
var lst = [
"auth.getToken",
"auth.userLogin",
"auth.getToken",
"auth.getToken",
"payment.queryOrder",
"payment.getQrCode",
"payment.receiveCallBackNotify",
];
var x = lst.indexOf(fullname);
return x >= 0;
}
async checkAcck(gname, methodname, pobj, query, req) {
var uAppInfo = null;
var selfAppInfo = null;
var ispass = await this.isCheckWhiteList(gname, methodname);
if (ispass) {
return system.getResultSuccess();
}//在白名单里面
var token = req.headers["token"];
if (!token) {
return system.getResult(null, "token不能为空");
}
uAppInfo = await this.cacheManager["ApiAccessKeyCheckCache"].cache(token, { status: true }, this.exTime);
if (!uAppInfo || (uAppInfo.status && uAppInfo.status != 0)) {
return uAppInfo;
}
var selfAppInfo = await this.cacheManager["ApiAppKeyCheckCache"].cache(uAppInfo.data.app.appkey, null, this.exTime);
if (!selfAppInfo || (selfAppInfo.status && selfAppInfo.status != 0)) {
return selfAppInfo;
}
// if (!appInfo) {
// return system.getResult(null, "通过token获取sign的密钥信息失败,请重新获取");
// }
// var signResult = await this.verifySign(pobj.action_body, appInfo.appSecret);
// if (signResult.status != 0) {
// return system.getResultFail(system.signFail, signResult.msg);
// }
if (pobj.isUser && pobj.isUser == "yes") {
var channelUserId = pobj.channelUserId ? pobj.channelUserId : pobj.actionBody.channelUserId || "";
if (!channelUserId && pobj.actionBody.channelUser) {
channelUserId = pobj.actionBody.channelUser.channelUserId;
}
if (!channelUserId) {
return system.getResult(null, "base verify channelUserId is empty");
}
var userCacheKey = selfAppInfo.data.uappKey + "_" + channelUserId;
var userInfo = await this.cacheManager["ApiUserCache"].cache(userCacheKey, channelUserId,
this.exTime, pobj.actionBody, selfAppInfo, uAppInfo.data.app.id);
if (!userInfo || (userInfo.status && userInfo.status != 0)) {
return userInfo;
}
if (userInfo.data && userInfo.data.isEnabled && userInfo.data.isEnabled != 1) {
return system.getResultFail(system.getUserInfoFail, "用户处于待审核等待启用状态");
}
req.user = userInfo.data;
pobj.actionBody.channelUserId = channelUserId;
}
req.app = selfAppInfo.data;
return system.getResultSuccess();
}
async doexec(gname, methodname, pobj, query, req) {
req.requestId = this.getUUID();
try {
if (["getTokenByHosts", "receiveCallBackNotify", "getAppInfo"].indexOf(methodname) < 0) {
if (["getTokenByHosts", "receiveCallBackNotify", "getAppInfo", "getPayInfo"].indexOf(methodname) < 0) {
if (!pobj.appInfo) {
return system.getResult(null, "pobj.appInfo can not be empty !");
}
}
// //验证accesskey或验签
// var isPassResult = await this.checkAcck(gname, methodname, pobj, query, req);
// if (isPassResult.status != 0) {
// isPassResult.requestId = "";
// return isPassResult;
// }
var rtn = await this[methodname](pobj, query, req);
this.logCtl.createDb({
appid: pobj.appInfo ? pobj.appInfo.uapp_id : "",
......
center-app/app/base/api/impl/auth/channelAccessAuth.js 0 → 100644
var WEBBase = require("../../web.base");
var system = require("../../../system");
class ChannelAccessAuthAPI extends WEBBase {
constructor() {
super();
this.utilsuserSve = system.getObject("service.utilsSve.utilsuserSve");
}
/**
* 获取钉钉用户信息
* actionBody code授权码
*/
async getH5AliDingUserByCode(pobj, qobj, req) {
var opResult = await this.utilsuserSve.getH5AliDingUserByCode(pobj);
return opResult;
}
}
module.exports = ChannelAccessAuthAPI;
\ No newline at end of file
center-app/app/base/api/impl/payment/aliPayment.js 0 → 100644
var APIBase = require("../../api.base");
var system = require("../../../system");
class AliPayment extends APIBase {
constructor() {
super();
this.utilsAlibankSve = system.getObject("service.utilsSve.utilsAlibankSve");
}
//支付成功后通知
async receiveCallBackNotify(pobj, query, req) {
// var rtn = await this.utilstlbankSve.receiveCallBackNotify(pobj.actionBody.parmas, pobj.client_ip);
// return rtn;
}
async getPayInfo(pobj, qobj, req) {
var result = await this.utilsAlibankSve.getH5AliDingPayInfo(pobj, pobj);
return result;
}
}
module.exports = AliPayment;
\ No newline at end of file
center-app/app/base/db/cache/appUserPinByUserNameCache.js
......@@ -17,9 +17,9 @@ class AppUserPinByUserNameCache extends CacheBase {
var actionBody = val.actionBody;
var appInfo = val.appInfo;
var uUserName = actionBody.userName ? actionBody.userName : actionBody.channelUserId;
var uPassword = actionBody.userName ? actionBody.userName : actionBody.channelUserId;//uPassword
var uPassword = actionBody.userName ? actionBody.userName : actionBody.channelUserId;//uPassword
var mobile = actionBody.mobile ? actionBody.mobile : actionBody.channelUserId;
var userInfo = await this.appuserDao.getItemByChannelUserId(uUserName, appInfo.uapp_id);
if (userInfo) {
if (userInfo.is_enabled != 1) {
......@@ -43,6 +43,8 @@ class AppUserPinByUserNameCache extends CacheBase {
org_path: actionBody.orgPath || "",
is_enabled: 1,
email: actionBody.email || "",
is_admin: actionBody.isAdmin || 0,
is_super: actionBody.isSuper || 0,
last_login_time: new Date()
};
userInfo = await this.appuserDao.create(params);
......
center-app/app/base/db/impl/dbapp/apppaliparamDao.js 0 → 100644
const system = require("../../../system");
const Dao = require("../../dao.base");
class ApppAliParamDao extends Dao {
constructor() {
super(Dao.getModelName(ApppAliParamDao));
}
async getItemByUAppId(uapp_id) {
return this.model.findOne({
where: {
uapp_id: uapp_id
},
raw: true
});
}
}
module.exports = ApppAliParamDao;
center-app/app/base/db/models/dbapp/apppaliparam.js 0 → 100644
const system = require("../../../system");
const settings = require("../../../../config/settings");
const uiconfig = system.getUiConfig2(settings.appKey);
module.exports = (db, DataTypes) => {
return db.define("apppaliparam", {
uapp_id: DataTypes.STRING(50),
corp_id: DataTypes.STRING(64),
agent_id: DataTypes.STRING(64),
appkey: DataTypes.STRING(64),
appsecret: DataTypes.STRING(255),
seller_id: DataTypes.STRING(64),
partner: DataTypes.STRING(64),
partner_md5: DataTypes.STRING(64),
publickey: DataTypes.STRING(1024),
ali_publickey: DataTypes.STRING(1024),
privatekey: DataTypes.STRING(2048),
pay_url: DataTypes.STRING(500), //支付地址
notify_url: DataTypes.STRING(500),
is_enabled: { //状态 0禁用 1启用
type: DataTypes.BOOLEAN,
defaultValue: true,
},
notes: DataTypes.STRING(255),
}, {
paranoid: false,//假的删除
underscored: true,
version: true,
freezeTableName: true,
timestamps: true,
updatedAt: false,
tableName: 'p_app_aliparam',
validate: {
},
indexes: [
]
});
}
center-app/app/base/service/app.base.js
......@@ -8,6 +8,72 @@ class AppServiceBase {
this.execClient = system.getObject("util.execClient");
this.cacheManager = system.getObject("db.common.cacheManager");
}
async getReqBeforeParam(jsonObj, pay_key) {//获取请求前的参数信息
jsonObj.key = pay_key;
var reqResult = { status: 0, msg: "success", req_param: null };
var signArr = [];
var keys = Object.keys(jsonObj).sort();
if (keys.length == 0) {
reqResult.status = -230;
reqResult.msg = "请求参数信息为空";
return reqResult;
}
for (let k = 0; k < keys.length; k++) {
const tKey = keys[k];
if (tKey != "sign" && jsonObj[tKey]) {
signArr.push(tKey + "=" + jsonObj[tKey]);
}
}
if (signArr.length == 0) {
reqResult.status = -250;
reqResult.msg = "请求组装签名参数信息为空";
return reqResult;
}
var signStr = signArr.join("&");
var tmpSign = md5(signStr).toUpperCase();
jsonObj.sign = tmpSign;
delete jsonObj["key"];
return reqResult;
}
async resultSign(resultData, pay_key) {//返回值进行验签
var rtnResult = { status: 0, msg: "success" };
if (!resultData || !resultData.appid) {
rtnResult.status = -310;
rtnResult.msg = "返回值信息data为空";
return rtnResult;
}
resultData.key = pay_key;
var resultSignArr = [];
var keys = Object.keys(resultData).sort();
if (keys.length == 0) {
rtnResult.status = -330;
rtnResult.msg = "返回值参数信息为空";
return rtnResult;
}
for (let k = 0; k < keys.length; k++) {
const tKey = keys[k];
if (tKey != "sign" && resultData[tKey]) {
resultSignArr.push(tKey + "=" + resultData[tKey]);
}
}
if (resultSignArr.length == 0) {
rtnResult.status = -350;
rtnResult.msg = "返回值组装签名参数信息为空";
return rtnResult;
}
var resultSignStr = resultSignArr.join("&");
var resultTmpSign = md5(resultSignStr).toUpperCase();
delete resultData["key"];
if (resultData.sign != resultTmpSign) {
rtnResult.status = -380;
rtnResult.msg = "返回值签名验证失败";
return rtnResult;
}
return rtnResult;
}
/**
* 验证签名
* @param {*} params 要验证的参数
......@@ -84,6 +150,15 @@ class AppServiceBase {
var result = JSON.parse(rtn.stdout);
return result;
}
async execGetUrl(pobj, url) {
var rtn = await this.execClient.execGet(pobj, url);
if (!rtn || !rtn.stdout) {
return system.getResult(null, "execGet data is empty");
}
var result = JSON.parse(rtn.stdout);
return result;
}
/*
返回20位业务订单号
prefix:业务前缀
......
center-app/app/base/service/impl/dbapp/apppaliparamSve.js 0 → 100644
const system = require("../../../system");
const ServiceBase = require("../../sve.base");
const settings = require("../../../../config/settings");
class ApppAliParamService extends ServiceBase {
constructor() {
super("dbapp", ServiceBase.getDaoName(ApppAliParamService));
}
}
module.exports = ApppAliParamService;
center-app/app/base/service/impl/utilsSve/utilsAlibankSve.js 0 → 100644
var system = require("../../../system");
var settings = require("../../../../config/settings");
const AppServiceBase = require("../../app.base");
const querystring = require('querystring');
const md5 = require("MD5");
const NodeRSA = require('node-rsa');
class utilsTlBankSve extends AppServiceBase {
constructor() {
super();
this.logCtl = system.getObject("service.common.oplogSve");
this.apppaliparamDao = system.getObject("db.dbapp.apppaliparamDao");
}
//-------------------------------------------钉钉h5支付-----------------开始
/**
* 唤起钉钉h5支付信息---只供简单应用
* @param {*} pobj
* @param {*} actionBody {total_fee:总额,单位为分,order_num:订单号,body_desc:标题描述}
*/
async getH5AliDingPayInfo(pobj, actionBody) {
var payParam = await this.apppaliparamDao.getItemByUAppId(pobj.appInfo.uapp_id);
if (!payParam) {
return { status: -310, msg: "应用没有对应的支付凭证" }
}
var parameters = {
service: "mobile.securitypay.pay",
partner: payParam.partner,
_input_charset: "utf-8",
notify_url: payParam.notify_url,
out_trade_no: actionBody.order_num,
subject: actionBody.body_desc,
payment_type: "1",
seller_id: payParam.seller_id,
total_fee: actionBody.total_fee,
sign_type: "RSA"
};
var signStr = await this.getCreateAliSignStr(payParam, parameters);
parameters.sign = signStr;
return system.getResultSuccess(parameters);
}
async getCreateAliSignStr(payParam, parameters) {
let userPrivateKey = payParam.privatekey;
const key = new NodeRSA();
key.setOptions({ b: 1024, signingScheme: "sha1" });
key.importKey(userPrivateKey, 'pkcs8-private');//导入密钥并设定格式
const publicDer = key.exportKey('pkcs8-public');
let text = Object.keys(parameters).sort().map(key => {
return `${encodeURIComponent(key)}=${encodeURIComponent(parameters[key])}`
}).join('&');
let buffer = Buffer.from(text);
let signature = key.sign(buffer).toString('base64');
return signature;
}
//-------------------------------------------钉钉h5支付-----------------结束
}
module.exports = utilsTlBankSve;
center-app/app/base/service/impl/utilsSve/utilstlbankSve.js
......@@ -16,7 +16,7 @@ class utilsTlBankSve extends AppServiceBase {
}
async getPayParamItem(uappId) {
async getPayParamItem(uappId) {//获取通联支付信息配置
var item = await this.apppayparamDao.getItemByUAppId(uappId);
if (!item) {
return system.getResult(null, "应用支付参数为空");
......@@ -24,7 +24,7 @@ class utilsTlBankSve extends AppServiceBase {
return system.getResultSuccess(item);
}
async getAppItem(uappId) {
async getAppItem(uappId) {//获取应用信息
var item = await this.appDao.getItemByUAppId(uappId);
if (!item) {
return system.getResult(null, "应用数据为空");
......@@ -35,11 +35,8 @@ class utilsTlBankSve extends AppServiceBase {
/**
* 唤起H5支付---只供简单应用
* @param {*} company_id 公司ID
* @param {*} pay_title 支付显示标题
* @param {*} total_sum 支付金额
* @param {*} order_no 订单号
* @param {*} returl 支付成功后返回的url
* @param {*} pobj
* @param {*} actionBody {total_fee:总额,单位为分,order_num:订单号,body_desc:标题描述}
*/
async getH5PayUrl(pobj, actionBody) {
// pobj.actionBody.body_desc, pobj.actionBody.total_fee, pobj.actionBody.order_num, pobj.actionBody.returl
......@@ -152,73 +149,6 @@ class utilsTlBankSve extends AppServiceBase {
return result;
}
async getReqBeforeParam(jsonObj, pay_key) {//获取请求前的参数信息
jsonObj.key = pay_key;
var reqResult = { status: 0, msg: "success", req_param: null };
var signArr = [];
var keys = Object.keys(jsonObj).sort();
if (keys.length == 0) {
reqResult.status = -230;
reqResult.msg = "请求参数信息为空";
return reqResult;
}
for (let k = 0; k < keys.length; k++) {
const tKey = keys[k];
if (tKey != "sign" && jsonObj[tKey]) {
signArr.push(tKey + "=" + jsonObj[tKey]);
}
}
if (signArr.length == 0) {
reqResult.status = -250;
reqResult.msg = "请求组装签名参数信息为空";
return reqResult;
}
var signStr = signArr.join("&");
var tmpSign = md5(signStr).toUpperCase();
jsonObj.sign = tmpSign;
delete jsonObj["key"];
return reqResult;
}
async resultSign(resultData, pay_key) {//返回值进行验签
var rtnResult = { status: 0, msg: "success" };
if (!resultData || !resultData.appid) {
rtnResult.status = -310;
rtnResult.msg = "返回值信息data为空";
return rtnResult;
}
resultData.key = pay_key;
var resultSignArr = [];
var keys = Object.keys(resultData).sort();
if (keys.length == 0) {
rtnResult.status = -330;
rtnResult.msg = "返回值参数信息为空";
return rtnResult;
}
for (let k = 0; k < keys.length; k++) {
const tKey = keys[k];
if (tKey != "sign" && resultData[tKey]) {
resultSignArr.push(tKey + "=" + resultData[tKey]);
}
}
if (resultSignArr.length == 0) {
rtnResult.status = -350;
rtnResult.msg = "返回值组装签名参数信息为空";
return rtnResult;
}
var resultSignStr = resultSignArr.join("&");
var resultTmpSign = md5(resultSignStr).toUpperCase();
delete resultData["key"];
if (resultData.sign != resultTmpSign) {
rtnResult.status = -380;
rtnResult.msg = "返回值签名验证失败";
return rtnResult;
}
return rtnResult;
}
async execReqInfo(self_method_name, reqUrl, param) {
try {
var req_param = querystring.stringify(param);
......@@ -261,7 +191,7 @@ class utilsTlBankSve extends AppServiceBase {
-400:请求接口请求返回值错误
-410:请求结算接口返回空
*/
async queryOrder(uapp_id, trxid) {//查询订单支付状态
async queryOrder(uapp_id, trxid) {//查询通联订单支付状态
var payParam = await this.apppayparamDao.getItemByUAppId(uapp_id);
if (!payParam) {
return { status: -210, msg: "应用没有对应的支付凭证" }
......@@ -371,7 +301,7 @@ class utilsTlBankSve extends AppServiceBase {
}
}
async verifyCallBackParams(getParams) {//验证回调参数
async verifyCallBackParams(getParams) {//验证通联回调参数
if (!getParams.trxcode) {
return "回调trxcode参数为空";
}
......
center-app/app/base/service/impl/utilsSve/utilsuserSve.js
var system = require("../../../system");
var settings = require("../../../../config/settings");
const AppServiceBase = require("../../app.base");
const logCtl = system.getObject("service.common.oplogSve");
//商标查询操作
class UtilsUserSve {
class UtilsUserSve extends AppServiceBase {
constructor() {
this.opPlatformUtils = system.getObject("util.businessManager.opPlatformUtils");
super();
this.apppaliparamDao = system.getObject("db.dbapp.apppaliparamDao");
}
async loginUserByChannelUserId(action_body, action_process, userpin, req) {
action_body.appInfo = req.appInfo;
var opResult = null;
switch (action_process) {
case "gsbhome":
opResult = await this.getDefaultUserInfo(action_body, userpin);
break;
default:
opResult = system.getResult(null, "action_process参数错误");
break;
async getH5AliDingUserByCode(pobj) {
var item = await this.apppaliparamDao.getItemByUAppId(Number(pobj.appInfo.uapp_id || 0));
if (!item) {
return system.getResult(null, "应用对应的配置数据为空!");
}
return opResult;
}
async getDefaultUserInfo(action_body, userpin) {
var userinfo = await this.opPlatformUtils.getReqUserPinByChannelUserId(action_body, userpin);
return userinfo;
var param = {
appkey: item.appkey,
appsecret: item.appsecret
};
var accessTokenResult = await this.execGetUrl(param, "https://oapi.dingtalk.com/gettoken");
this.logCtl.info({
appid: pobj.appInfo ? pobj.appInfo.uapp_id : "",
appkey: pobj.appInfo ? pobj.appInfo.uapp_key : "",
op: "https://oapi.dingtalk.com/gettoken",
content: "参数:" + JSON.stringify(param) + "返回结果:" + JSON.stringify(accessTokenResult),
optitle: "获取钉钉access_token信息返回",
});
if (accessTokenResult.status != 0) {
return accessTokenResult;
}
if (accessTokenResult.errcode != 0) {
return system.getResult(null, accessTokenResult.errmsg);
}
param = {
access_token: accessTokenResult.access_token,
code: pobj.actionBody.code
};
var userResult = await this.execGetUrl(param, "https://oapi.dingtalk.com/user/getuserinfo");
this.logCtl.info({
appid: pobj.appInfo ? pobj.appInfo.uapp_id : "",
appkey: pobj.appInfo ? pobj.appInfo.uapp_key : "",
op: "https://oapi.dingtalk.com/user/getuserinfo",
content: "参数:" + JSON.stringify(param) + "返回结果:" + JSON.stringify(userResult),
optitle: "获取钉钉用户信息返回",
});
if (userResult.status != 0) {
return userResult;
}
if (userResult.errcode != 0) {
return system.getResult(null, userResult.errmsg + "-userResult");
}
return system.getResultSuccess({
channelUserId: userResult.userid,
isAdmin: userResult.is_sys && userResult.is_sys == true ? 1 : 0,
isSuper: userResult.sys_level && userResult.sys_level == 1 ? 1 : 0
});
}
}
module.exports = UtilsUserSve;
center-app/package.json
......@@ -39,6 +39,7 @@
"multer": "^1.3.0",
"mysql2": "^1.5.3",
"node-cron": "^2.0.1",
"node-rsa": "^1.0.7",
"node-uuid": "^1.4.8",
"node-xlsx": "^0.15.0",
"nodemailer": "^6.3.0",
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment