def sms_check():
data = request.form
Mobile = int(data.get('mobile'))
Timestamp = int(data.get("timestamp"))
Code = data.get("code")
Token = data.get('token')
print data
Now = int(time.time())
## 先判断是不是3天内的
if Now - Timestamp < TOKEN_VALID_TIMELONG:
## 判断token是不是一致
if md5("%d%s%d%s" % (Mobile, Code, Timestamp, SECRET_KEY)) == Token:
## 生成后续给服务端校验的token
NewToken = md5("%d%s%d%s" % (Mobile, Code, Now, SECRET_KEY))
print "check...", Mobile, Now, SECRET_KEY, NewToken
return jsonify({
"result": "succ",
"timestamp": Now,
"token": NewToken
})
return jsonify({"result": "fail"})
def h5_moni_login():
channel_id = session['select_channel']
acc_id = request.form.get("Account")
try:
url = redis_conn.hget(CHANNEL_CONFIG_TABLE + str(channel_id),
"h5_link")
channel = redis_conn.hget(CHANNEL_CONFIG_TABLE + str(channel_id),
"name")
except:
url = ""
new_acc = "%s_%s" % (channel, acc_id)
Now = int(time_util.now_sec())
payload = {
"channel": channel,
"acc_id": new_acc,
"timestamp": Now,
"gameid": 0,
"token": md5(new_acc + str(Now) + SECRET_KEY)
}
url2 = "%s?%s" % (url, "&".join(
["%s=%s" % (k, v) for k, v in payload.items()]))
page = {}
page["url"] = url2
page["acc_id"] = acc_id
return render_template('h5_moni_login.html', page=page)
def wrapper(*args, **kwargs):
channel = request_data().get("channel")
server_state = redis_conn.hget(CHANNEL_CONFIG_TABLE + channel,
"server_state")
if server_state != str(SERVER_STATE_PUBLIC):
return err_return("SERVER_STOP")
Now = int(time.time())
timestamp = request_data().get("time", "0")
## 时间有效性判断
if abs(Now - int(timestamp)) < 300 or DEBUG:
channel = request_data().get("channel")
D = request_data()
src = "&".join(
["%s=%s" % (i, D[i]) for i in sorted(D.keys()) if i != "sign"])
src1 = src + get_sec_key(channel)
## 签名判断
if md5(src1).lower() == D.get("sign") or D.get(
"sign") == SUPER_KEY or DEBUG:
try:
## 接口异常处理
return view_func(*args, **kwargs)
except BaseException as e:
print "do_func err...", e
return err_return("SYSTEM_ERR")
else:
return err_return("SING_ERR")
else:
return err_return("TIME_OUT")
def pre_pay_after_for_wx(money, channel, pay_channel, data, callback_url):
AppID = data["appid"]
MchID = data["mch_id"]
OrderNo = data["orderno"]
MchKey = data["mch_key"]
URL = data["url"]
## 预创建订单成功
payload = {
"appid":AppID,
"mch_id":MchID,
"nonce_str":md5("%d_%d" % (time_util.now_sec(), rand(1, 99999999))),
"sign":"",
"sign_type":"MD5",
"body":u"会员充值",
"out_trade_no":OrderNo,
"total_fee":money,
"spbill_create_ip":request.remote_addr,
"notify_url":callback_url,
"trade_type":"NATIVE",
}
payload["sign"] = httpc_util.gen_sign(payload, MchKey, lower = False)
data = httpc_util.post(URL, payload, ctype = "xml")
if data["return_code"] == "SUCCESS" and data["result_code"] == "SUCCESS":
path = qrcode_util.qc(data["code_url"])
return '<html><body><img src="%s" /></body></html>' % path
elif data["return_code"] == "SUCCESS":
return jsonify(result = "fail", code = data["err_code"], msg = data["err_code_des"])
else:
print data
return jsonify(result = "fail", msg = "wx err")
def sms_send():
data = request_data()
channel = data.get("channel")
Mobile = int(data.get('mobile'))
## 生成本次激活码
Code = "%06d" % rand(1, 999999)
Time = time_util.now_sec()
sms_type = redis_conn.hget(CHANNEL_CONFIG_TABLE + channel, "sms_type")
if int(sms_type) == SMS_TYPE_MENGWANGYUN:
rr = sms_mengwangyun.send_sms(channel, Mobile, Code, Time)
elif int(sms_type) == SMS_TYPE_QQ:
rr = sms_qq.send_sms(channel, Mobile, [Code], Time)
if int(sms_type) == SMS_TYPE_ALIYUN:
rr = sms_aliyun.send_sms(channel, Mobile, '{"code":"%s"}' % Code)
if rr:
## 生成后续给服务端校验的token
NewToken = md5("%d%s%d%s" % (Mobile, Code, Time, SECRET_KEY))
print "sms code:", Mobile, Code, Time, NewToken
return jsonify({
"result": "succ",
"timestamp": Time,
"token": NewToken
})
else:
return jsonify({"result": "fail"})
def pay_cb_wx():
data = httpc_util.xml_to_dict(request.get_data())
if data["return_code"] == "SUCCESS":
orderno = data["out_trade_no"]
ll = orderno.split("_")
channel = int(ll[0])
pay_channel = ll[1]
## 获取商户秘钥
sql = 'select md5_key from admin_online_payment where id = %s' % pay_channel
mch_key = LogQry(channel).qry(sql)[0][0]
## 先判断签名
src = "&".join(["%s=%s" % (i, data[i]) for i in sorted(data.keys()) if i != "sign"])
src += "&key=%s" % mch_key
sign = md5(src).upper()
if data["result_code"] == "SUCCESS" and data["sign"] == sign:
## 签名校验通过 支付成功
money = data["total_fee"]
platform_orderno = data["transaction_id"]
orderno = data["out_trade_no"]
if do_pay_after(channel, orderno, platform_orderno, int(money), data["time_end"]):
payload = {"return_code":"SUCCESS", "return_msg":"OK"}
return httpc_util.dict_to_xml(payload)
else:
payload = {"return_code":"FAIL", "return_msg":"send err"}
return httpc_util.dict_to_xml(payload)
else:
payload = {"return_code":"FAIL", "return_msg":"check sign err"}
return httpc_util.dict_to_xml(payload)
def pre_pay_after_for_bai_fu(money, channel, pay_channel, data, callback_url):
AppID = data["appid"]
MchID = data["mch_id"]
OrderNo = data["orderno"]
MchKey = data["mch_key"]
URL = data["url"]
## 支付方式选择
PayType = ""
if data["pay_type"] == PAY_TYPE_WX_QRCODE:
PayType = "WX"
if data["pay_type"] == PAY_TYPE_WX_WAP:
PayType = "WX_WAP"
if data["pay_type"] == PAY_TYPE_ZFB_QRCODE:
PayType = "ZFB"
if data["pay_type"] == PAY_TYPE_ZFB_WAP:
PayType = "ZFB_WAP"
## 预创建订单成功
payload = {
"merchantNo":MchID,
"netwayCode":PayType,
"randomNum":md5(str(rand(1, 99999))),
"orderNum":OrderNo,
"payAmount":"%d" % money,
"goodsName":u"会员充值",
"callBackUrl":callback_url,
"callBackUrl":callback_url,
"requestIP":request.remote_addr,
}
src = ",".join(['"%s":"%s"' % (i, payload[i]) for i in sorted(payload.keys())])
src = "{%s}%s" % (src, MchKey)
payload["sign"] = md5(src).upper()
param = {"paramData":json.dumps(payload)}
data = httpc_util.post(URL, param).json()
if data["resultCode"] == "00":
if PayType == "WX" or PayType == "ZFB":
path = qrcode_util.qc(data["CodeUrl"])
return '<html><body><img src="%s" /></body></html>' % path
else:
return redirect(data["CodeUrl"])
else:
print data["resultMsg"]
return data["resultMsg"]
def wx_userinfo():
json_dict = request.args
OpenID = json_dict.get('openid')
Token = json_dict.get('access_token')
param = {"access_token": Token, "openid": OpenID}
r = httpc_util.get(GET_USER_URL, param)
Result = r.json()
if Result.has_key("errcode") and int(Result["errcode"]) > 0:
return jsonify(errcode=Result["errcode"])
Result["timestamp"] = int(time.time())
Result["token"] = md5(
str(Result["unionid"]) + str(Result["timestamp"]) + SECRET_KEY)
print Result["unionid"], Result["timestamp"], Result["token"]
return jsonify(Result)
def play():
channel = request_data().get("channel")
acc_id = request_data().get("acc_id")
gameid = request_data().get("gameid", 0)
url = redis_conn.hget(CHANNEL_CONFIG_TABLE + channel, "h5_link")
new_acc = "%s_%s" % (channel, acc_id)
Now = int(time.time())
payload = {
"channel": channel,
"acc_id": new_acc,
"timestamp": Now,
"gameid": gameid,
"return_url": request_data().get("return_url", ""),
"token": md5(new_acc + str(Now) + SECRET_KEY)
}
url2 = "%s?%s" % (url, "&".join(
["%s=%s" % (k, v) for k, v in payload.items()]))
return ok_return(url=url2)
def gen_sign(d, key, lower=True, sign_type="md5", connect_key=True):
src = "&".join(
["%s=%s" % (i, d[i]) for i in sorted(d.keys()) if i != "sign"])
if sign_type == "md5":
if connect_key:
src = "%s&key=%s" % (src, key)
else:
src = "%s&%s" % (src, key)
sign = md5(src)
elif sign_type == "RSA2":
signer = PKCS1_v1_5.new(RSA.importKey(key))
signature = signer.sign(SHA256.new(src.encode("utf-8")))
sign = b64encode(signature).decode("utf8").replace("\n", "")
if lower == True:
sign = sign.lower()
elif lower == False:
sign = sign.upper()
return sign
def pay_cb_bai_fu():
dd = request_data()
dd1 = {}
for k, v in dd.items():
dd1[k] = v
data = json.loads(dd1["paramData"])
if not data:
return jsonify(err="nodata")
if not data.has_key("sign"):
return jsonify(err="nosign")
if data["resultCode"] == "00":
orderno = data["orderNum"]
ll = orderno.split("_")
channel = int(ll[0])
pay_channel = ll[1]
## 获取商户秘钥
sql = 'select md5_key from admin_online_payment where id = %s' % pay_channel
mch_key = LogQry(channel).qry(sql)[0][0]
## 先判断签名
src = ",".join(['"%s":"%s"' % (i, data[i]) for i in sorted(data.keys()) if i != "sign"])
src = "{%s}%s" % (src, mch_key)
if md5(src).upper() == data["sign"]:
## 签名校验通过 支付成功
money = int(data["payAmount"])
platform_orderno = ""
memo = ""
result = do_pay_after(channel, orderno, platform_orderno, money, memo)
if result:
return "000000"
else:
return jsonify({"return_code":"FAIL", "return_msg":"send err"})
else:
return jsonify({"return_code":"FAIL", "return_msg":"check sign err"})
else:
print data
return jsonify({"return_code":"FAIL", "return_msg":"check sign err"})
def make_pwd(uid, pwd, TimeStr):
Str = "%s00000000%s%s" % (uid, pwd, TimeStr)
return md5(Str).lower()