|
|
@@ -1,5 +1,5 @@
|
|
|
import { App, Config, Inject, Middleware } from '@midwayjs/decorator';
|
|
|
-import { CoolUrlTagData, } from '@cool-midway/core';
|
|
|
+import { CoolUrlTagData } from '@cool-midway/core';
|
|
|
import { NextFunction, Context } from '@midwayjs/koa';
|
|
|
import {
|
|
|
IMiddleware,
|
|
|
@@ -10,6 +10,9 @@ import {
|
|
|
import { CachingFactory, MidwayCache } from '@midwayjs/cache-manager';
|
|
|
import { SunPayAdapter } from '../../payment/adapter/sunpay.adapter';
|
|
|
import * as crypto from 'crypto';
|
|
|
+import { InjectEntityModel } from '@midwayjs/typeorm';
|
|
|
+import { MerchantEntity } from '../../payment/entity/merchant';
|
|
|
+import { Repository } from 'typeorm';
|
|
|
|
|
|
/**
|
|
|
* 签名验证
|
|
|
@@ -27,6 +30,9 @@ export class BaseAuthorityMiddleware
|
|
|
@InjectClient(CachingFactory, 'default')
|
|
|
midwayCache: MidwayCache;
|
|
|
|
|
|
+ @InjectEntityModel(MerchantEntity)
|
|
|
+ merchantEntity: Repository<MerchantEntity>;
|
|
|
+
|
|
|
@Inject()
|
|
|
coolUrlTagData: CoolUrlTagData;
|
|
|
|
|
|
@@ -51,6 +57,22 @@ export class BaseAuthorityMiddleware
|
|
|
const params =
|
|
|
ctx?.req.method === 'GET' ? ctx?.request.query : ctx?.request.body;
|
|
|
|
|
|
+ const merchantInfo = await this.merchantEntity.findOne({
|
|
|
+ where: {
|
|
|
+ apiSecret: `${vaKey}`,
|
|
|
+ },
|
|
|
+ });
|
|
|
+
|
|
|
+ // 商户不存在或者说商户被禁用都提示失败
|
|
|
+ if (!merchantInfo || merchantInfo.status != 1) {
|
|
|
+ ctx.status = 401;
|
|
|
+ ctx.body = {
|
|
|
+ code: ctx.status,
|
|
|
+ message: '签名不匹配,认证失败',
|
|
|
+ };
|
|
|
+ return;
|
|
|
+ }
|
|
|
+
|
|
|
// 2. 生成签名
|
|
|
const sign = this.generateSignature(
|
|
|
`${vaTimestamp}`,
|
|
|
@@ -58,7 +80,6 @@ export class BaseAuthorityMiddleware
|
|
|
JSON.stringify(params),
|
|
|
`${vaKey}`
|
|
|
);
|
|
|
- console.log(6363636, {sign, vaSign})
|
|
|
if (sign !== vaSign) {
|
|
|
ctx.status = 401;
|
|
|
ctx.body = {
|
max