main.js 9.1 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364
  1. const express = require('express'),
  2. app = express(),
  3. bodyParser = require('body-parser'),
  4. axios = require('axios'),
  5. tenpay = require('tenpay'),
  6. qr = require('qr-image'),
  7. qs = require('querystring'),
  8. imger = require('./src/image/imageCaptcha'),
  9. phoneer = require('./src/phone/phoneCaptcha'),
  10. email = require('./src/email/emailCaptcha'),
  11. sqldata = require('./src/session/sqler'),
  12. SMSClient = require('@alicloud/sms-sdk'),
  13. emailer = new email(),
  14. getphone = new phoneer(),
  15. generate = new imger(),
  16. session = require('express-session'),
  17. accessKeyId = 'LTAI1axR0bfBECLK',
  18. secretAccessKey = 'i4BARcxzLumd4SV2VeSero6VigEAqT',
  19. smsClient = new SMSClient({accessKeyId, secretAccessKey})
  20. // app.use('/', express.static(__dirname + '/test'))
  21. app.use(session({
  22. secret: 'captcha',
  23. cookie: {
  24. maxAge: 300000
  25. },
  26. saveUninitialized: true,
  27. resave: true,
  28. name: 'verificationcode'
  29. }))
  30. app.use(bodyParser.urlencoded({extended:false}))
  31. /**
  32. * 跨域解决方案
  33. *
  34. */
  35. app.all('*', (req, res, next) => {
  36. res.header("Access-Control-Allow-Origin", req.headers.origin); //设置来源
  37. res.header("Access-Control-Allow-Headers", "Origin, X-Requested-With, Content-Type, Accept");
  38. res.header("Access-Control-Allow-Methods", "PUT,POST,GET,DELETE,OPTIONS");
  39. res.header("Access-Control-Max-Age", "604800000");
  40. res.header("Access-Control-Allow-Credentials", true);
  41. res.header("X-Powered-By", ' 3.2.1');
  42. // res.header("Content-Type", "application/json;charset=utf-8");
  43. next();
  44. });
  45. /**
  46. *@effect 获取图形验证码
  47. *return Object newimg(图像的路径)
  48. */
  49. app.get('/getImage', (req, res) => {
  50. let svgimg = generate.captcha(4, 'ABCDEFGHIJKLMNOPQRSTUVWXYZ', 2, true)
  51. req.session.imgtext = svgimg.text
  52. res.status(201).send({
  53. svg: svgimg.data
  54. })
  55. })
  56. app.get('/notify', async (req, res) => {
  57. res.send(req.body)
  58. })
  59. /**
  60. *@effect 验证图形验证码
  61. *return object status (true/false)
  62. */
  63. app.post('/postImagetext', (req, res) => {
  64. if(req.session.imgtext){
  65. if(req.session.imgtext == req.body.imgtexter){
  66. res.status(201).send()
  67. }else{
  68. res.status(202).send({
  69. err: '验证码错误'
  70. })
  71. }
  72. }else{
  73. res.status(203).send({
  74. err: '未获取验证码'
  75. })
  76. }
  77. })
  78. /**
  79. * @effect 获取手机验证码
  80. *
  81. */
  82. app.post('/postPhone', (req, res) => {
  83. let userphone = req.body.userphone
  84. getphone.set(userphone, req, res, (data) => {
  85. req.session.phonetext = data.obj
  86. if(data.code == 200){
  87. res.status(201).send()
  88. }else{
  89. res.status(202).send({
  90. err: '服务器出错'
  91. })
  92. }
  93. })
  94. })
  95. /**
  96. * @effect 验证手机验证码
  97. *
  98. */
  99. app.post('/postphonetext', (req, res) => {
  100. if (req.session.phonetext){
  101. if (req.session.phonetext != req.body.userphonetext) {
  102. res.status(202).send({
  103. err: '验证码错误'
  104. })
  105. }else{
  106. res.status(201).send()
  107. }
  108. }else{
  109. res.status(203).send({
  110. err: '未获取验证码'
  111. })
  112. }
  113. })
  114. /**
  115. * @effect 发送邮箱验证码
  116. *
  117. */
  118. app.post('/postemail', (req, res) => {
  119. let useremail = req.body.useremail
  120. emailer.main(useremail, (info, statu) => {
  121. if (statu) {
  122. req.session.emailtext = info
  123. res.status(201).send()
  124. } else {
  125. res.status(202).send({
  126. err: info
  127. })
  128. }
  129. })
  130. })
  131. /**
  132. * @effect 验证邮箱验证码
  133. *
  134. */
  135. app.post('/postemailtext', (req, res) => {
  136. if(req.session.emailtext){
  137. if(req.session.emailtext != req.body.useremailtext){
  138. res.status(202).send({
  139. err: '验证码错误'
  140. })
  141. }else{
  142. res.status(201).send()
  143. }
  144. }else{
  145. res.status(203).send({
  146. err: '未获取验证码'
  147. })
  148. }
  149. })
  150. /**
  151. * @effect session验证
  152. */
  153. app.post('/postsession', (req, res) => {
  154. let cc = new sqldata (req.body.host, req.body.user, req.body.password, req.body.database, req.body.port, req.body.table, req.body.username, req.body.userpassword)
  155. cc.db((data,onlineusername)=>{
  156. if(data["1"] != 1){
  157. res.session.online = true
  158. res.session.onlineusername = onlineusername
  159. res.send({
  160. status: false
  161. })
  162. }else{
  163. res.send({
  164. status: true
  165. })
  166. }
  167. })
  168. })
  169. app.get('/getsessiontext', (req, res) => {
  170. if(req.session.online && req.session.onlineusername){
  171. if(req.session.onlineusername == req.body.onlineusername){
  172. res.send({
  173. status: true
  174. })
  175. }else{
  176. res.send({
  177. status: false
  178. })
  179. }
  180. }else{
  181. res.send({
  182. status: false
  183. })
  184. }
  185. })
  186. app.post('/postnumber', async (req, res) => {
  187. if (/^1[3|4|5|8][0-9]\d{4,8}$/.test(req.body.number)) {
  188. if (req.session.code) {
  189. res.status(202).send({
  190. err: '不要多次发送消息噢'
  191. })
  192. } else {
  193. let code = Math.floor(Math.random() * 99999)
  194. req.session.code = code
  195. try{
  196. let data = await main(req.body.number, code)
  197. if (data.Code === 'OK') {
  198. res.status(201).send({
  199. code: 'ok'
  200. })
  201. } else {
  202. res.status(202).send({
  203. err: '服务器繁忙,请重新再试'
  204. })
  205. }
  206. } catch (e) {
  207. if (e.code == "isv.BUSINESS_LIMIT_CONTROL") {
  208. res.status(202).send({
  209. err: '你号码已经限流,请稍后再试'
  210. })
  211. }
  212. }
  213. }
  214. } else {
  215. res.status(202).send({
  216. err: '请检查手机格式是否正确'
  217. })
  218. }
  219. })
  220. app.post('/verifi', (req, res) => {
  221. if (req.session.code) {
  222. if (req.body.code == req.session.code) {
  223. res.status(201).send({
  224. code: 'ok'
  225. })
  226. } else {
  227. res.status(202).send({
  228. err: '验证码错误'
  229. })
  230. }
  231. }else {
  232. res.status(202).send({
  233. err: '还没发送验证码噢'
  234. })
  235. }
  236. })
  237. const config = {
  238. appid: 'wxb558057b16b95dd5',
  239. mchid: '1391101602',
  240. partnerKey: 'WLfN6xZt60JL2Pj1HFb72VA48IPofN3n',
  241. notify_url: 'http://api.cloudsql.1473.cn/wechatredirect',
  242. }
  243. const payconfig = {
  244. appid: 'wxb558057b16b95dd5',
  245. redirect_uri: 'http://api.cloudsql.1473.cn/wechatredirect',
  246. response_type: 'code',
  247. scope: 'snsapi_base',
  248. state: 'test'
  249. }
  250. const api = new tenpay(config);
  251. const pay = async (msg, req) => {
  252. let ordersid = Date.now().toString()
  253. req.session.ordersid = ordersid
  254. let result = await api.unifiedOrder({
  255. out_trade_no: req.session.ordersid,
  256. body: '商品简单描述',
  257. total_fee: 1,
  258. openid: msg
  259. });
  260. return result
  261. }
  262. const buildSign = (json) => {
  263. return 'http://weixin.1473.cn/index/index.html?' + qs.stringify(json) + '#wechat_redirect'
  264. }
  265. app.get('/wechatredirect', async (req, res) => {
  266. req.session.erre = '123'
  267. console.log(req.session.erre)
  268. try {
  269. if (req.query.code) {
  270. let code = await axios.get('https://api.weixin.qq.com/sns/oauth2/access_token?appid=wxb558057b16b95dd5&secret=46237a17fbc57f5ebc5cc93c2b8cc505&code=' + req.query.code + '&grant_type=authorization_code')
  271. let orders = await pay(code.data.openid, req)
  272. let result = await api.getPayParamsByPrepay({
  273. prepay_id: orders.prepay_id
  274. });
  275. req.session.prepay = result
  276. res.redirect('/pay')
  277. } else {
  278. res.send('服务器出错,请重新发送请求')
  279. }
  280. } catch (e) {
  281. res.send(e)
  282. }
  283. })
  284. app.get('/getorders', (req, res) => {
  285. res.send(req.session.prepay)
  286. })
  287. app.get('/pay', async (req, res) => {
  288. console.log(req.session.erre)
  289. res.sendFile(__dirname + '/wechatpay/index.html');
  290. })
  291. app.post('/selectorders', async (req, res) => {
  292. console.log(req.session.erre)
  293. let result = await api.orderQuery({
  294. out_trade_no: ordersid
  295. });
  296. res.send(result)
  297. })
  298. app.get('/getqr', async (req, res) => {
  299. let msg = req.query
  300. if (msg) {
  301. let qrurl = await buildSign(payconfig)
  302. let code = await qr.image(qrurl, {size : 50})
  303. code.pipe(res)
  304. } else {
  305. res.send('请传入正确的参数')
  306. }
  307. })
  308. app.get('/orderquery', async (req, res) => {
  309. let result = await api.orderQuery({
  310. out_trade_no: req.query.older
  311. });
  312. })
  313. const main = async (number, code) => {
  314. let data = await smsClient.sendSMS({
  315. PhoneNumbers: number,
  316. SignName: '阿里云短信测试专用',
  317. TemplateCode: 'SMS_133180335',
  318. TemplateParam: '{"code":"' + code + '"}'
  319. })
  320. return data
  321. }
  322. app.listen('9000', () => {
  323. console.log('service listing port 9000')
  324. })