余额

src/main/java/com/izouma/nineth/service/OrderPayService.java

@@ -13,8 +13,10 @@ import com.izouma.nineth.utils.DateTimeUtils;
 import com.izouma.nineth.utils.SnowflakeIdWorker;
 import lombok.AllArgsConstructor;
 import lombok.extern.slf4j.Slf4j;
+import org.apache.commons.lang3.StringUtils;
 import org.apache.rocketmq.spring.core.RocketMQTemplate;
 import org.springframework.cache.annotation.Cacheable;
+import org.springframework.security.crypto.password.PasswordEncoder;
 import org.springframework.stereotype.Service;
 
 import java.math.BigDecimal;
@@ -42,6 +44,7 @@ public class OrderPayService {
     private final SnowflakeIdWorker  snowflakeIdWorker;
     private final RechargeOrderRepo  rechargeOrderRepo;
     private final SysConfigService   sysConfigService;
+    private final PasswordEncoder    passwordEncoder;
 
     public static void setPayChannel(String payChannel) {
         if ("hmPay".equals(payChannel) || "sandPay".equals(payChannel)) {
@@ -87,12 +90,17 @@ public class OrderPayService {
         if (!Objects.equals(order.getUserId(), userId)) {
             throw new BusinessException("订单不属于该用户");
         }
-        if (!Objects.equals(userRepo.findTradeCode(userId), tradeCode)) {
+        String encodedPwd = userRepo.findTradeCode(userId);
+        if (StringUtils.isEmpty(encodedPwd)) {
+            throw new BusinessException("请先设置交易密码");
+        }
+        if (!passwordEncoder.matches(tradeCode, encodedPwd)) {
             throw new BusinessException("交易码错误");
         }
         BalanceRecord record = userBalanceService.balancePay(order.getUserId(), order.getTotalPrice(), orderId, order.getName());
         rocketMQTemplate.syncSend(generalProperties.getOrderNotifyTopic(),
-                new OrderNotifyEvent(orderId, PayMethod.BALANCE, record.getId().toString(), System.currentTimeMillis()));
+                new OrderNotifyEvent(orderId, PayMethod.BALANCE, record.getId().toString(),
+                        System.currentTimeMillis()));
     }
 
     @Cacheable(value = "payOrder", key = "'gift#'+#orderId")

src/main/java/com/izouma/nineth/web/OrderPayControllerV2.java

@@ -35,13 +35,13 @@ public class OrderPayControllerV2 {
     private final SandPayService  sandPayService;
     private final OrderPayService orderPayService;
 
-    @RequestMapping(value = "/alipay", method = RequestMethod.GET)
+    @RequestMapping(value = "/alipay")
     @ResponseBody
     public String payOrderAlipayH5(Long id) {
         return orderPayService.payOrder(id);
     }
 
-    @RequestMapping(value = "/alipay_wx", method = RequestMethod.GET)
+    @RequestMapping(value = "/alipay_wx")
     public String payOrderAlipayWx(Long id, Model model) {
         Order order = orderRepo.findById(id).orElseThrow(new BusinessException("订单不存在"));
         if (order.getStatus() != OrderStatus.NOT_PAID) {
@@ -53,26 +53,26 @@ public class OrderPayControllerV2 {
         return "AlipayHtml";
     }
 
-    @RequestMapping(value = "/balance", method = RequestMethod.GET)
+    @RequestMapping(value = "/balance")
     @ResponseBody
     public void payOrderBalance(@RequestParam Long id, @RequestParam String tradeCode) {
         orderPayService.payOrderBalance(id, SecurityUtils.getAuthenticatedUser().getId(), tradeCode);
     }
 
     @ApiOperation("衫德h5快捷")
-    @RequestMapping(value = "/sandQuick", method = RequestMethod.GET, produces = "text/html")
+    @RequestMapping(value = "/sandQuick", produces = "text/html")
     @ResponseBody
     public String sandQuick(@RequestParam Long id) {
         return sandPayService.payOrderQuick(id);
     }
 
-    @RequestMapping(value = "/gift/alipay", method = RequestMethod.GET)
+    @RequestMapping(value = "/gift/alipay")
     @ResponseBody
     public String payGiftOrderAlipayH5(Long id) {
         return orderPayService.payGiftOrder(id);
     }
 
-    @RequestMapping(value = "/gift/alipay_wx", method = RequestMethod.GET)
+    @RequestMapping(value = "/gift/alipay_wx")
     public String payGiftOrderAlipayWx(Long id, Model model) {
         String payUrl = orderPayService.payGiftOrder(id);
         model.addAttribute("payUrl", payUrl);
@@ -80,24 +80,24 @@ public class OrderPayControllerV2 {
         return "AlipayHtml";
     }
 
-    @RequestMapping(value = "/gift/balance", method = RequestMethod.GET)
+    @RequestMapping(value = "/gift/balance")
     public void payGiftOrderBalance(@RequestParam Long id, @RequestParam String tradeCode) {
         orderPayService.payGiftBalance(id, SecurityUtils.getAuthenticatedUser().getId(), tradeCode);
     }
 
-    @RequestMapping(value = "/gift/sandQuick", method = RequestMethod.GET, produces = "text/html")
+    @RequestMapping(value = "/gift/sandQuick", produces = "text/html")
     @ResponseBody
     public String payGiftQuick(@RequestParam Long id) {
         return sandPayService.payGiftQuick(id);
     }
 
-    @RequestMapping(value = "/mint/alipay", method = RequestMethod.GET)
+    @RequestMapping(value = "/mint/alipay")
     @ResponseBody
     public String payMintOrderAlipayH5(Long id) {
         return orderPayService.payMintOrder(id);
     }
 
-    @RequestMapping(value = "/mint/alipay_wx", method = RequestMethod.GET)
+    @RequestMapping(value = "/mint/alipay_wx")
     public String payMintOrderAlipayWx(Long id, Model model) {
         String payUrl = orderPayService.payMintOrder(id);
         model.addAttribute("payUrl", payUrl);
@@ -105,13 +105,13 @@ public class OrderPayControllerV2 {
         return "AlipayHtml2";
     }
 
-    @RequestMapping(value = "/mint/sandQuick", method = RequestMethod.GET, produces = "text/html")
+    @RequestMapping(value = "/mint/sandQuick", produces = "text/html")
     @ResponseBody
     public String payMintQuick(@RequestParam Long id) {
         return sandPayService.payMintQuick(id);
     }
 
-    @RequestMapping(value = "mint/balance", method = RequestMethod.GET)
+    @RequestMapping(value = "/mint/balance")
     public void payMintOrderBalance(@RequestParam Long id, @RequestParam String tradeCode) {
         orderPayService.payMintOrderBalance(id, SecurityUtils.getAuthenticatedUser().getId(), tradeCode);
     }