root
/
wechatpay


			
							123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364
							const express = require('express'),
    app = express(),
    bodyParser = require('body-parser'),
    axios = require('axios'),
    tenpay = require('tenpay'),
    qr = require('qr-image'),
    qs = require('querystring'),
    imger = require('./src/image/imageCaptcha'),
    phoneer = require('./src/phone/phoneCaptcha'),
    email = require('./src/email/emailCaptcha'),
    sqldata = require('./src/session/sqler'),
    SMSClient = require('@alicloud/sms-sdk'),
    emailer = new email(),
    getphone = new phoneer(),
    generate = new imger(),
    session = require('express-session'),
    accessKeyId = 'LTAI1axR0bfBECLK',
    secretAccessKey = 'i4BARcxzLumd4SV2VeSero6VigEAqT',
    smsClient = new SMSClient({accessKeyId, secretAccessKey})

// app.use('/', express.static(__dirname + '/test'))
app.use(session({
    secret: 'captcha',
    cookie: {
        maxAge: 300000
    },
    saveUninitialized: true,
    resave: true,
    name: 'verificationcode'
}))
app.use(bodyParser.urlencoded({extended:false}))


/**
 * 跨域解决方案
 * 
*/

app.all('*', (req, res, next) => {
    res.header("Access-Control-Allow-Origin", req.headers.origin); //设置来源
    res.header("Access-Control-Allow-Headers", "Origin, X-Requested-With, Content-Type, Accept");
    res.header("Access-Control-Allow-Methods", "PUT,POST,GET,DELETE,OPTIONS");
    res.header("Access-Control-Max-Age", "604800000");
    res.header("Access-Control-Allow-Credentials", true);
    res.header("X-Powered-By", ' 3.2.1');
    // res.header("Content-Type", "application/json;charset=utf-8");
    next();
});

/**
*@effect 获取图形验证码
*return Object newimg(图像的路径)
*/
app.get('/getImage', (req, res) => {
    let svgimg = generate.captcha(4, 'ABCDEFGHIJKLMNOPQRSTUVWXYZ', 2, true)
    req.session.imgtext = svgimg.text
    res.status(201).send({
        svg: svgimg.data
    })
})

app.get('/notify', async (req, res) => {
   res.send(req.body)
})

/**
*@effect 验证图形验证码
*return object status (true/false)
*/

app.post('/postImagetext', (req, res) => {
    if(req.session.imgtext){
        if(req.session.imgtext == req.body.imgtexter){
            res.status(201).send()
        }else{
            res.status(202).send({
                err: '验证码错误'
            })
        }
    }else{
        res.status(203).send({
            err: '未获取验证码'
        })
    }
})

/**
 * @effect 获取手机验证码
 * 
*/

app.post('/postPhone', (req, res) => {
    let userphone = req.body.userphone
    getphone.set(userphone, req, res, (data) => {
        req.session.phonetext = data.obj
        if(data.code == 200){
            res.status(201).send()
        }else{
            res.status(202).send({
                err: '服务器出错'
            })
        }
    })
})

/**
 * @effect 验证手机验证码
 * 
*/

app.post('/postphonetext', (req, res) => {
    if (req.session.phonetext){
        if (req.session.phonetext != req.body.userphonetext) {
            res.status(202).send({
                err: '验证码错误'
            })
        }else{
            res.status(201).send()
        }
    }else{
        res.status(203).send({
            err: '未获取验证码'
        }) 
    }
})

/**
 * @effect 发送邮箱验证码
 * 
*/

app.post('/postemail', (req, res) => {
    let useremail = req.body.useremail
    emailer.main(useremail, (info, statu) => {
        if (statu) {
            req.session.emailtext = info
            res.status(201).send()
        } else {
            res.status(202).send({
                err: info
            })
        }
    })
})

/**
 * @effect 验证邮箱验证码
 * 
*/

app.post('/postemailtext', (req, res) => {
    if(req.session.emailtext){
        if(req.session.emailtext != req.body.useremailtext){
            res.status(202).send({
                err: '验证码错误'
            }) 
        }else{
            res.status(201).send() 
        }
    }else{
        res.status(203).send({
            err: '未获取验证码'
        }) 
    }
})

/**
 * @effect session验证
 */

app.post('/postsession', (req, res) => {
    let cc = new sqldata (req.body.host, req.body.user, req.body.password, req.body.database, req.body.port, req.body.table, req.body.username, req.body.userpassword)
    cc.db((data,onlineusername)=>{
        if(data["1"] != 1){
            res.session.online = true
            res.session.onlineusername = onlineusername
            res.send({
                status: false
            }) 
        }else{
            res.send({
                status: true
            }) 
        }
    })
})

app.get('/getsessiontext', (req, res) => {
    if(req.session.online && req.session.onlineusername){
        if(req.session.onlineusername == req.body.onlineusername){
            res.send({
                status: true
            })
        }else{
            res.send({
                status: false
            })
        }
    }else{
        res.send({
            status: false
        })
    }
})

app.post('/postnumber', async (req, res) => {
    if (/^1[3|4|5|8][0-9]\d{4,8}$/.test(req.body.number)) {
        if (req.session.code) {
            res.status(202).send({
                err: '不要多次发送消息噢'
            })
        } else {
            let code = Math.floor(Math.random() * 99999)
            req.session.code = code
            try{
                let data = await main(req.body.number, code)
                if (data.Code === 'OK') {
                    res.status(201).send({
                        code: 'ok'
                    })
                } else {
                    res.status(202).send({
                        err: '服务器繁忙，请重新再试'
                    })
                }
            } catch (e) {
                if (e.code == "isv.BUSINESS_LIMIT_CONTROL") {
                    res.status(202).send({
                        err: '你号码已经限流，请稍后再试'
                    })
                } 
            }
        }
    } else {
        res.status(202).send({
            err: '请检查手机格式是否正确'
        })
    }
})


app.post('/verifi', (req, res) => {
    if (req.session.code) {
        if (req.body.code == req.session.code) {
            res.status(201).send({
                code: 'ok'
            })
        } else {
            res.status(202).send({
                err: '验证码错误'
            })
        }
    }else {
        res.status(202).send({
            err: '还没发送验证码噢'
        })   
    }
})

const config = {
    appid: 'wxb558057b16b95dd5',
    mchid: '1391101602',
    partnerKey: 'WLfN6xZt60JL2Pj1HFb72VA48IPofN3n',
    notify_url: 'http://api.cloudsql.1473.cn/wechatredirect',
}

const payconfig = {
    appid: 'wxb558057b16b95dd5',
    redirect_uri: 'http://api.cloudsql.1473.cn/wechatredirect',
    response_type: 'code',
    scope: 'snsapi_base',
    state: 'test'
}

const api = new tenpay(config);


const pay = async (msg, req) => {
    let ordersid = Date.now().toString()
    req.session.ordersid = ordersid
    let result = await api.unifiedOrder({
        out_trade_no: req.session.ordersid,
        body: '商品简单描述',
        total_fee: 1,
        openid: msg
    });
    return result
}

const buildSign = (json) => {
    return 'http://weixin.1473.cn/index/index.html?' + qs.stringify(json) + '#wechat_redirect'
}

app.get('/wechatredirect', async (req, res) => {
    req.session.erre = '123'
    console.log(req.session.erre)
    try {
        if (req.query.code) {
            let code = await axios.get('https://api.weixin.qq.com/sns/oauth2/access_token?appid=wxb558057b16b95dd5&secret=46237a17fbc57f5ebc5cc93c2b8cc505&code=' + req.query.code + '&grant_type=authorization_code')
            let orders = await pay(code.data.openid, req)
            let result = await api.getPayParamsByPrepay({
              prepay_id: orders.prepay_id
            });
            req.session.prepay = result
            res.redirect('/pay')
        } else {
            res.send('服务器出错，请重新发送请求')
        }
    } catch (e) {
        res.send(e)
    }
})

app.get('/getorders', (req, res) => {
    res.send(req.session.prepay)
})

app.get('/pay', async (req, res) => {
    console.log(req.session.erre)
    res.sendFile(__dirname + '/wechatpay/index.html');
})

app.post('/selectorders', async (req, res) => {
    console.log(req.session.erre)
    let result = await api.orderQuery({
        out_trade_no: ordersid
    });
    res.send(result)
})

app.get('/getqr', async (req, res) => {
    let msg = req.query
    if (msg) {
        let qrurl = await buildSign(payconfig)
        let code = await qr.image(qrurl, {size : 50})
        code.pipe(res)
    } else {
        res.send('请传入正确的参数')
    }
})

app.get('/orderquery', async (req, res) => {
    let result = await api.orderQuery({
        out_trade_no: req.query.older
    });
})

const main = async (number, code) => {
    let data = await smsClient.sendSMS({
        PhoneNumbers: number,
        SignName: '阿里云短信测试专用',
        TemplateCode: 'SMS_133180335',
        TemplateParam: '{"code":"' + code + '"}'
    })
    return data
}


app.listen('9000', () => {
    console.log('service listing port 9000')
})