def save_order_payment_result():
alipay_dict=request.form.to_dict()
#对支付宝的数据进行分离,提取出支付宝的签名参数,sign和剩下的其他数据
alipay_sign=alipay_dict.pop('sign')
# 创建支付宝sdk的工具对象
alipay = AliPay(
appid="2016092800615894",
app_notify_url=None, # 默认回调url
app_private_key_path=os.path.join(os.path.dirname(__file__), 'keys/app_private_key.pem'), # 私钥
# 支付宝的公钥,验证支付宝回传消息使用,不是你自己的公钥,
alipay_public_key_path=os.path.join(os.path.dirname(__file__), 'keys/alpay_public_key.pem'),
sign_type="RSA2", # RSA 或者 RSA2
debug=True # 默认False
)
#借助工具验证参数的合法性.update
#验证是否是支付宝的参数
result=alipay.verify(alipay_dict,alipay_sign)
if result:
#修改数据库的订单状态信息
order_id = alipay_dict.get('out_trade_no')
trade_no =alipay_dict.get('trade_no') #支付宝的交易流水号
try:
Order.query.filter_by(id=order_id).update({'status':'WAIT_COMMENT','trade_no':trade_no})
db.session.commit()
except Exception as e:
current_app.logger.error(e)
db.session.rollback()
return jsonify(errno=RET.OK,errmsg='OK')
def post(self, request):
"""处理支付宝异步通知结果"""
# 初始化支付对象
alipay = AliPay(
appid=settings.ALIAPY_CONFIG["appid"],
app_notify_url=settings.ALIAPY_CONFIG["app_notify_url"], # 默认回调url
app_private_key_path=settings.
ALIAPY_CONFIG["app_private_key_path"],
# 支付宝的公钥,验证支付宝回传消息使用,不是你自己的公钥,
alipay_public_key_path=settings.
ALIAPY_CONFIG["alipay_public_key_path"],
sign_type=settings.ALIAPY_CONFIG["sign_type"],
debug=settings.ALIAPY_CONFIG["debug"] # 默认False
)
data = request.data
signature = data.pop("sign")
success = alipay.verify(data, signature)
if success and data["trade_status"] in ("TRADE_SUCCESS",
"TRADE_FINISHED"):
response = self.change_order_status(data)
if "credit" in response.data:
return HttpResponse("success")
return Response({"message": "对不起,当前订单支付失败!"})
def put(self, request):
data = request.query_params.dict()
signature = data.pop("sign")
alipay = AliPay(
appid=settings.ALIPAY_APPID,
app_notify_url=None, # 默认回调url
app_private_key_path=os.path.join(
os.path.dirname(os.path.abspath(__file__)),
"keys/app_private_key.pem"),
alipay_public_key_path=os.path.join(
os.path.dirname(os.path.abspath(__file__)),
"keys/alipay_public_key.pem"), # 支付宝的公钥,验证支付宝回传消息使用,不是你自己的公钥,
sign_type="RSA2", # RSA 或者 RSA2
debug=settings.ALIPAY_DEBUG # 默认False
)
success = alipay.verify(data, signature)
if success:
# 订单编号
order_id = data.get('out_trade_no')
# 支付宝支付流水号
trade_id = data.get('trade_no')
Payment.objects.create(order_id=order_id, trade_id=trade_id)
OrderInfo.objects.filter(order_id=order_id).update(
status=OrderInfo.ORDER_STATUS_ENUM["UNCOMMENT"])
return Response({'trade_id': trade_id})
else:
return Response({'message': '参数错误'},
status=status.HTTP_400_BAD_REQUEST)
class MyAlipay(View):
def __init__(self, **kwargs):
super().__init__(**kwargs)
self.alipay = AliPay(appid=settings.ALIPAY_APP_ID,
app_notify_url=None,
app_private_key_string=app_private_key_string,
alipay_public_key_string=alipay_public_key_string,
sign_type='RSA2',
debug=True)
print(settings.ALIPAY_APP_ID)
def get_trade_url(self, order_id, amount):
base_url = 'https://openapi.alipaydev.com/gateway.do'
order_string = self.alipay.api_alipay_trade_page_pay(
out_trade_no=order_id,
total_amount=amount,
subject=order_id,
return_url=settings.ALIPAY_RETURN_URL,
notify_url=settings.ALIPAY_NOTIFY_URL)
return base_url + '?' + order_string
def get_trade_result(self, order_id):
result = self.alipay.api_alipay_trade_query(out_trade_no=order_id)
if result.get('trade_status') == 'TRADE_SUCCESS':
return True
return False
def get_verify_result(self, data, sign):
# 验证签名
return self.alipay.verify(data, sign)
def get(self, request):
# 1.解析参数 --queydict---dict
data = request.GET.dict()
# 2.剔除 sign 签名
signature = data.pop('sign')
# 加自己的校验 ---订单是否存在--- 金额是否一致
# 3.支付宝校验 参数的 真伪
alipay = AliPay(
appid=settings.ALIPAY_APPID,
app_notify_url=None,
# 美多的 私钥路径
app_private_key_path=os.path.join(
settings.BASE_DIR, 'apps/payment/keys/app_private_key.pem'),
# alipay的 公钥路径
alipay_public_key_path=os.path.join(
os.path.dirname(os.path.abspath(__file__)),
'keys/alipay_public_key.pem'),
sign_type="RSA2",
debug=settings.ALIPAY_DEBUG)
sucess = alipay.verify(data, signature)
if sucess:
Payment.objects.create(order_id=data.get('out_trade_no'),
trade_id=data.get('trade_no'))
# 4.如果校验通过 --存储 trade_no
# 5.返回前端的数据
return render(request, 'pay_success.html',
{'trade_id': data.get('trade_no')})
def get(self, request):
alipay = AliPay(
appid=settings.ALIAPY_CONFIG['appid'],
app_notify_url=settings.ALIAPY_CONFIG['app_notify_url'], # 默认回调url
app_private_key_string=settings.
ALIAPY_CONFIG['app_private_key_path'],
# 支付宝的公钥,验证支付宝回传消息使用,不是你自己的公钥,
alipay_public_key_string=settings.
ALIAPY_CONFIG['alipay_public_key_path'],
sign_type=settings.ALIAPY_CONFIG['sign_type'], # RSA 或者 RSA2
debug=settings.ALIAPY_CONFIG['debug'], # 默认False
)
# 验证支付的异步通知
data = request.query_params.dict()
signature = data.pop("sign")
verify = alipay.verify(data, signature)
print(verify)
if verify:
# 处理订单状态,生成用户购买记录,返回支付成功的结果
return self.order_result_pay(data)
return Response({"message": "对不起,支付失败"})
def get(self, request):
alipay = AliPay(
appid=settings.ALIAPY_CONFIG['appid'],
app_notify_url=None, # 默认回调url
app_private_key_string=open(
settings.ALIAPY_CONFIG['app_private_key_path']).read(),
# 支付宝的公钥,验证支付宝回传消息使用,不是你自己的公钥,
alipay_public_key_string=open(
settings.ALIAPY_CONFIG['alipay_public_key_path']).read(),
sign_type=settings.ALIAPY_CONFIG['sign_type'], # RSA 或者 RSA2
debug=settings.ALIAPY_CONFIG['debug'], # 默认False
)
# 校验支付宝响应数据
data = request.query_params.dict()
out_trade_no = data.get('out_trade_no')
sign = data.pop('sign')
success = alipay.verify(data, sign)
print('status>>>', success)
if not success:
logger.error('%s,支付宝响应数据校验失败' % out_trade_no)
return Response('支付宝响应数据校验失败', status=status.HTTP_400_BAD_REQUEST)
res_data = self.change_order_status(data)
# 响应结果
return Response({'msg': '这一脚没毛病', 'data': res_data})
def get(self, request):
# 初始化支付参数
app_private_key_string = open(
os.path.join(BASE_DIR,
"apps/payments/keys/app_private_key.pem")).read()
alipay_public_key_string = open(
os.path.join(BASE_DIR,
"apps/payments/keys/app_private_key.pem")).read()
alipay = AliPay(
appid=settings.ALIAPY_CONFIG["appid"], # 沙箱支付的id
app_notify_url=settings.ALIAPY_CONFIG["app_notify_url"], # 默认回调url
app_private_key_string=app_private_key_string,
# 支付宝的公钥,验证支付宝回传消息使用,不是你自己的公钥,
alipay_public_key_string=alipay_public_key_string,
sign_type=settings.ALIAPY_CONFIG["sign_type"], # RSA 或者 RSA2
debug=settings.ALIAPY_CONFIG["debug"], # 默认False
)
# 验证支付结果
data = request.query_params.dict()
print('支付结果', data)
signature = data.pop("sign")
success = alipay.verify(data, signature)
success = True
if success:
return self.payResult(data)
return Response({'message': '验证支付结果失败'})
def alipayback(request):
query_dict = request.GET
data = query_dict.dict()
print(data)
# 获取并从请求参数中剔除signature
signature = data.pop('sign')
app_private_key_string = open(os.path.join(settings.BASE_DIR, "alipay/app_private_key.pem")).read()
alipay_public_key_string = open(os.path.join(settings.BASE_DIR, "alipay/alipay_public_key.pem")).read()
# 创建支付宝支付对象
alipay = AliPay(
appid='2016092700609211',
app_notify_url=None, # 默认回调url
app_private_key_string=app_private_key_string,
alipay_public_key_string=alipay_public_key_string,
sign_type="RSA2",
debug=True
)
# 校验这个重定向是否是alipay重定向过来的
success = alipay.verify(data, signature)
if success:
# 验证成功
# 生成支付记录,改变订单状态
order_code = data.get('out_trade_no')
Order.objects.filter(order_code=order_code).update(status=2)
return redirect(reverse('user:info'))
else:
# 验证失败
print('no')
return HttpResponse('支付失败')
def put(self,request):
data = request.query_params.dict()
signature = data.pop('sign')
alipay = AliPay(
appid=settings.ALIPAY_APPID,
app_notify_url=None, #默认回调地址
app_private_key_path=os.path.join(os.path.dirname(os.path.abspath(__file__)), "keys/app_private_key.pem"),
alipay_public_key_path=os.path.join(os.path.dirname(os.path.abspath(__file__)),'keys/alipay_public_key.pem'), #支付宝的公钥
sign_type="RSA2",
debug=settings.ALIPAY_DEBUG #默认是false
)
success = alipay.verify(data,signature)
if success:
#订单编号
order_id = data.get('out_trade_no')
#支付宝支付流水号
trade_id = data.get('trade_no')
Payment.objects.create(
order_id=order_id,
trade_id=trade_id
)
OrderInfo.objects.filter(order_id=order_id,status=OrderInfo.ORDER_STATUS_ENUM['UNPAID']).update(status=OrderInfo.ORDER_STATUS_ENUM['UNCOMMENT'])
return Response({'trade_id':trade_id})
else:
return Response({'message':'非法请求'},status=status.HTTP_403_FORBIDDEN)
def save_order_payment_result(request):
"""保存订单支付结果"""
data = request.body.decode()
post_data = parse_qs(data)
post_dict = {}
# 支付宝的数据进行分离,提取出支付宝的签名参数sign和剩下的其他数据
for k, v in post_data.items():
post_dict[k] = v[0]
alipay_sign = post_dict.pop("sign")
app_private_key_string = open(
os.path.join(os.path.dirname(__file__),
"key\\app_private_key.pem")).read()
alipay_public_key_string = open(
os.path.join(os.path.dirname(__file__),
"key\\alipay_public_key.pem")).read()
alipay_client = AliPay(
appid="2016092500594174",
app_notify_url=None, # 默认回调url
app_private_key_string=app_private_key_string,
# 支付宝的公钥,验证支付宝回传消息使用,不是你自己的公钥,
alipay_public_key_string=alipay_public_key_string,
sign_type="RSA2", # RSA 或者 RSA2
debug=True # 默认False
)
result = alipay_client.verify(post_dict, alipay_sign)
if result:
# 修改数据库的订单状态信息
order_id = post_dict.get("out_trade_no")
order = Order.objects.filter(id=order_id).first()
order.status = 4
order.save()
return JsonResponse({"msg": "ok"})
else:
return JsonResponse({'err': 'error'})
class MyAliPay(View):
def __init__(self, **kwargs):
super().__init__(**kwargs)
self.alipay = AliPay(
appid=settings.ALIPAY_ID,
app_private_key_string=app_private_key_string,
alipay_public_key_string=alipay_public_key_string,
app_notify_url=None,
sign_type='RSA2',
debug=True, # 默认是False True则是将请求转发沙箱环境
)
# 支付绑定地址 -- 订单id,订单价格
def get_trade_url(self, order_id, amount):
order_string = self.alipay.api_alipay_trade_page_pay(
subject=order_id,
out_trade_no=order_id,
total_amount=amount,
# 支付完毕,将用户跳转至哪个页面
return_url='http://127.0.0.1:5000/',
notify_url='http://127.0.0.1:5000/',
)
return 'https://openapi.alipaydev.com/gateway.do?' + order_string
def get_verify_result(self, data, sign):
# 验证签名 True 成功 False 失败
return self.alipay.verify(data, sign)
def get_trade_result(self, order_id):
# 主动查询
result = self.alipay.api_alipay_trade_query(order_id)
if result.get('trade_status') == 'TRADE_SUCCESS':
return True
return False
def get_sdict_ali_verify(self, request, method):
"""
:param request:
:param method: 请求方式
:return: success_dict,ali_verufy,alipay
"""
success_dict = {}
if method == 1:
for key, val in request.GET.items():
success_dict[key] = val
if method == 2:
for key, val in request.POST.items():
success_dict[key] = val
# 1.剔除掉sign做验签准备
sign = success_dict.pop("sign", None)
# 2.生成alipay对象
alipay = AliPay(
appid="2016101900725372",
app_notify_url=None, # 默认回调url- 阿里与商户后台交互
# 使用的文件读取方式,载入支付秘钥
app_private_key_string=private_key,
# 支付宝的公钥,验证支付宝回传消息使用,不是你自己的公钥,
# 使用文件读取的方式,载入支付报公钥
alipay_public_key_string=ali_public_key,
sign_type="RSA2", # RSA 或者 RSA2
debug=True)
# 3.使用支付宝接口进行验签
ali_verify = alipay.verify(success_dict, sign)
return success_dict, ali_verify, alipay
def put(self, request):
data = request.query_params.dict()
# sign 不能参与签名验证
signature = data.pop("sign")
app_private_key_string = open(settings.APP_PRIVATE_KEY_PATH).read()
alipay_public_key_string = open(settings.ALIPAY_PUBLIC_KEY_PATH).read()
alipay = AliPay(
appid=settings.ALIPAY_APPID,
app_notify_url=None, # 默认回调url
app_private_key_string=app_private_key_string,
# 支付宝的公钥,验证支付宝回传消息使用,不是你自己的公钥,
alipay_public_key_string=alipay_public_key_string,
sign_type="RSA2", # RSA 或者 RSA2
debug=settings.DEBUG # 默认False
)
# verify
success = alipay.verify(data, signature)
if success:
# 订单号
order_id = data.get('out_trade_no')
# 支付宝订单号
trade_id = data.get('trade_no')
Payment.objects.create(order_id=order_id, trade_id=trade_id)
OrderInfo.objects.filter(order_id=order_id).update(
status=OrderInfo.ORDER_STATUS_ENUM["UNCOMMENT"])
return Response({'trade_id': trade_id})
return Response({'message': '参数错误'},
status=status.HTTP_400_BAD_REQUEST)
def put(self, request):
# 将query_dict转换为python的字典
data_dict = request.query_params.dict()
signature = data_dict.pop('sign')
app_private_key_string = open(
os.path.join(os.path.dirname(os.path.abspath(__file__)), "keys/app_private_key.pem")).read()
alipay_public_key_string = open(
os.path.join(os.path.dirname(os.path.abspath(__file__)), "keys/alipay_public_key.pem")).read()
# 调用python-alipay-sdk中的类创建alipay对象
alipay = AliPay(
appid="2016091700529506", # 沙箱的appid
app_notify_url=None, # 默认回调url
app_private_key_string=app_private_key_string,
alipay_public_key_string=alipay_public_key_string,
sign_type="RSA2", # RSA 或者 RSA2
debug=True # 默认False
)
success = alipay.verify(data_dict, signature)
if success:
# 订单编号
order_id = data_dict.get('out_trade_no')
# 支付宝支付流水号
trade_id = data_dict.get('trade_no')
Payment.objects.create(
order_id=order_id,
trade_id=trade_id
)
OrderInfo.objects.filter(order_id=order_id, status=OrderInfo.ORDER_STATUS_ENUM['UNPAID']).update(
status=OrderInfo.ORDER_STATUS_ENUM["UNCOMMENT"])
return Response({'trade_id': trade_id})
else:
return Response({'message': '非法请求'}, status=403)
def get(self, request):
#1,获取参数
dict_data = request.GET.dict()
sign = dict_data.pop("sign")
#2,校验参数
app_private_key_string = open(settings.APLIPAY_PRIVATE_KEY).read()
alipay_public_key_string = open(settings.APLIPAY_PUBLIC_KEY).read()
#2,创建alipay对象
alipay = AliPay(
appid=settings.ALIPAY_APPID,
app_notify_url=None, # 默认回调url
app_private_key_string=app_private_key_string,
# 支付宝的公钥,验证支付宝回传消息使用,不是你自己的公钥,
alipay_public_key_string=alipay_public_key_string,
sign_type="RSA2", # RSA 或者 RSA2
debug=False # 默认False
)
success = alipay.verify(dict_data, sign)
if not success:
return http.HttpResponseForbidden("非法请求")
#3,数据入库(payment, status)
order_id = dict_data.get("out_trade_no")
trade_id = dict_data.get("trade_no")
Payment.objects.create(order_id=order_id, trade_id=trade_id)
OrderInfo.objects.filter(order_id=order_id).update(
status=OrderInfo.ORDER_STATUS_ENUM["UNCOMMENT"])
#4,返回响应
return render(request,
'pay_success.html',
context={"trade_id": trade_id})
def get_sdict_ali_verify(self, request, method):
"""
:param request:
:param method: 请求方式
:return: success_dict,ali_verufy,alipay
"""
success_dict = {}
if method == 1:
for key, val in request.GET.items():
success_dict[key] = val
if method == 2:
for key, val in request.POST.items():
success_dict[key] = val
# 1.剔除掉sign做验签准备
sign = success_dict.pop("sign", None)
# 2.生成alipay对象
alipay = AliPay(appid="2016100200644279",
app_notify_url=None,
app_private_key_path=os.path.join(
os.getcwd(), "utils/key_file/s7_private_key.pem"),
alipay_public_key_path=os.path.join(
os.getcwd(),
"utils/key_file/alipay_public_key.pem"),
debug=True)
# 3.使用支付宝接口进行验签
ali_verify = alipay.verify(success_dict, sign)
return success_dict, ali_verify, alipay
def get(self, request):
# 查询字符串数据
data = request.GET.dict()
signature = data.pop('sign')
# 验证是否是从支付宝套转的请求
aalipay = AliPay(
appid=settings.ALIPAY_APPID, # 支付宝应用中的appid
app_notify_url=None, # 默认回调url
# 美多私钥
app_private_key_path=os.path.join(
settings.BASE_DIR, 'apps/payments/keys/app_private_key.pem'),
# 支付宝的公钥,验证支付宝回传消息使用,不是你自己的公钥,
alipay_public_key_path=os.path.join(
settings.BASE_DIR, 'apps/payments/keys/alipay_public_key.pem'),
sign_type="RSA2", # RSA 或者 RSA2
debug=True # 默认False
)
success = aalipay.verify(data, signature)
if success:
# 保存支付结果
order_id = data['out_trade_no']
trade_id = data['trade_no']
Payment.objects.create(order_id - order_id, trade_id=trade_id)
# 当前订单状态的修改
OrderInfo.objects.filter(order_id=order_id,
pay_method=2).update(status=2)
# 渲染支付成功页面
return render(request, 'pay_success.html', {'trade_no': trade_id})
else:
return render(request, 'index.html')
def post(self, request):
data = request.data
alipay_data = dict(list(data.items()))
signature = alipay_data.pop('sign')
alipay = AliPay(
appid="2016102000727796",
app_notify_url=None, # 默认回调url
app_private_key_string=open(
os.path.join(settings.BASE_DIR, 'keys', 'app_private_key.txt'),
'r').read(),
# 支付宝的公钥,验证支付宝回传消息使用,不是你自己的公钥,
alipay_public_key_string=open(
os.path.join(settings.BASE_DIR, 'keys',
'alipay_public_key.txt'), 'r').read(),
sign_type="RSA2", # RSA 或者 RSA2
debug=True # 默认False
)
success = alipay.verify(alipay_data, signature)
if success and alipay_data["trade_status"] in ("TRADE_SUCCESS",
"TRADE_FINISHED"):
order_id = alipay_data.get('out_trade_no')
order = models.Order.objects.get(pk=order_id)
print('order_id: ' + order_id)
order.pay_method = 2
order.order_status = 2
order.save()
return Response()
else:
return Response({'message': '订单支付失败!'},
status=status.HTTP_400_BAD_REQUEST)
def post(self, request):
data = request.data
# print(data)
alipay_data = {}
for key, value in data.items():
alipay_data[key] = value
sign = alipay_data.pop("sign")
app_private_key_string = open(
os.path.join(settings.BASE_DIR, 'keys', 'app_private_key.txt'),
'r').read()
alipay_public_key_string = open(
os.path.join(settings.BASE_DIR, 'keys', 'alipay_public_key.txt'),
'r').read()
alipay = AliPay(
appid="2016100100640619",
app_notify_url=None, # 默认回调url
app_private_key_string=app_private_key_string,
# 支付宝的公钥,验证支付宝回传消息使用,不是你自己的公钥,
alipay_public_key_string=alipay_public_key_string,
sign_type="RSA2", # RSA 或者 RSA2
debug=True # 默认False
)
success = alipay.verify(alipay_data, sign)
if success and alipay_data["trade_status"] in ("TRADE_SUCCESS",
"TRADE_FINISHED"):
order_id = alipay_data.get('out_trade_no')
order = Order.objects.get(pk=order_id)
order.order_status = 4
order.pay_method = 2
order.save()
return Response()
else:
return Response({"message": "订单支付失败!"},
status=status.HTTP_400_BAD_REQUEST)
def get(self, request):
app_private_key_string = open(
os.path.join(BASE_DIR,
"apps/payments/keys/app_private_key.pem")).read()
alipay_public_key_string = open(
os.path.join(BASE_DIR,
"apps/payments/keys/alipay_public_key.pem")).read()
# 初始化支付参数
alipay = AliPay(
appid=settings.ALIAPY_CONFIG["appid"], # 沙箱支付的id
app_notify_url=settings.ALIAPY_CONFIG["app_notify_url"], # 默认回调url
app_private_key_string=app_private_key_string,
# 支付宝的公钥,验证支付宝回传消息使用,不是你自己的公钥,
alipay_public_key_string=alipay_public_key_string,
sign_type=settings.ALIAPY_CONFIG["sign_type"], # RSA 或者 RSA2
debug=settings.ALIAPY_CONFIG["debug"], # 默认False
)
# 验证alipay的异步通知,data来自支付宝回调POST 给你的data,字典格式.
data = request.query_params.dict()
# 获取签名信息
signature = data.pop("sign")
# 比对签名是否合法
success = alipay.verify(data, signature)
success = True
if success:
# TODO 支付成功后的业务逻辑
return self.order_result_pay(data)
return Response({"message": "对不起,当前订单支付失败!"})
def get(self, request):
query_dict = request.GET
data = query_dict.dict()
signature = data.pop('sign')
# 创建支付宝支付对象
alipy = AliPay(
appid=settings.ALIPAY_APPID,
app_notify_url=None, # 默认回调url
app_private_key_path=os.path.join(
os.path.dirname(os.path.abspath(__file__)),
"keys/app_private_key.pem"),
alipay_public_key_path=os.path.join(
os.path.dirname(os.path.abspath(__file__)),
"keys/alipay_public_key.pem"),
sign_type="RSA2",
debug=settings.ALIPAY_DEBUG)
success = alipy.verify(data, signature)
# 校验这个重定向是否是alipay重定向过来的
if success:
trade_id = data.get('trade_no') # 支付宝交易号
order_id = data.get('out_trade_no') # 商户订单号
Payment.objects.create(order_id=order_id, trade_id=trade_id)
OrderInfo.objects.filter(
order_id=order_id,
status=OrderInfo.ORDER_STATUS_ENUM['UNPAID']).update(
status=OrderInfo.ORDER_STATUS_ENUM['UNCOMMENT'])
context = {'trade_id': trade_id}
return render(request, 'pay_success.html', context)
else:
return http.HttpResponseForbidden('非法访问')
def get(self, request):
#获取请求参数,类型是query_dict类型
query_dict = request.GET
#将query_dict类型转成字典
date = query_dict.dict()
#传过来的字符串多了签名属性,将它剔除
signature = date.pop('sign')
#创建支付宝支付对象
alipay = AliPay(
#应用APPID
appid=settings.ALIPAY_APPID,
#回调URL,使用None
app_notify_url=None,
#私钥地址
app_private_key_path=os.path.join(
os.path.dirname(os.path.abspath(__file__)),
"keys/app_private_key.pem"), #支付宝公钥,指定路径
#支付宝公钥地址
alipay_public_key_path=os.path.join(
os.path.dirname(os.path.abspath(__file__)),
"keys/alipay_public_key.pem"),
#签名方式RSA/RSA2
sign_type="RSA2",
#是否为沙箱环境
debug=settings.ALIPAY_DEBUG,
)
#判断重定向是否为alipay重定向过来的verify(剔除签名后的字符串参数,签名)
succes = alipay.verify(date, signature)
if succes:
#获取支付成功的订单编号
order_id = date.get('out_trade_no')
#获取支付成功支付宝流水编号
trade_id = date.get('trade_no')
#先获取当前的交易数据,保证唯一
try:
Payment.objects.get(order_id=order_id, trade_id=trade_id)
except Payment.DoesNotExist:
#保存交易数据
Payment.objects.create(
order_id=order_id,
trade_id=trade_id,
)
#修改订单状态
OrderInfo.objects.filter(
order_id=order_id,
status=OrderInfo.ORDER_STATUS_ENUM['UNPAID']).update(
order_id=order_id,
status=OrderInfo.ORDER_STATUS_ENUM['UNCOMMENT'],
)
#渲染页面
context = {
'trade_id': trade_id,
}
return render(request, 'pay_success.html', context)
else:
return HttpResponseForbidden('请求出错')
def put(self,request):
# 1、获取数据
data=request.query_params.dict()
# sign 不能参与签名验证
signature = data.pop("sign")
# 2、验证数据
alipay = AliPay(
appid=settings.ALIPAY_APPID,
app_notify_url=None, # 默认回调url
app_private_key_path=os.path.join(os.path.dirname(os.path.abspath(__file__)), 'keys/app_private_key.pem'),
# 支付宝的公钥,验证支付宝回传消息使用,不是你自己的公钥,
alipay_public_key_path=os.path.join(os.path.dirname(os.path.abspath(__file__)),
'keys/alipay_public_key.pem'),
sign_type="RSA2", # RSA 或者 RSA2
debug=settings.ALIPAY_DEBUG # 默认False
)
success = alipay.verify(data, signature)
if success:
order_id=data['out_trade_no']
trade_id=data['trade_no']
# 3、保存数据
Payment.objects.create(order_id=order_id,trade_id=trade_id)
# 更新订单状态
OrderInfo.objects.filter(order_id=order_id).update(status=OrderInfo.ORDER_STATUS_ENUM['UNSEND'])
# 4、返回结果
return Response({'trade_id': trade_id})
else:
return Response({'error':'验证失败'},status=400)
def order_check():
"""校验支付是否完成"""
# 获取数据
alipay_data = request.form.to_dict()
signure = alipay_data.pop("sign")
# 创建支付宝支付对象
alipay = AliPay(
appid="2016101300676658",
app_notify_url=None, # 默认回调url
app_private_key_path=os.path.join(os.path.dirname(__file__),
"keys/app_private_key.pem"),
# 支付宝的公钥,验证支付宝回传消息使用,不是你自己的公钥,
alipay_public_key_path=os.path.join(os.path.dirname(__file__),
"keys/alipay_public_key.pem"),
sign_type="RSA2", # RSA 或者 RSA2
debug=True # 默认False
)
result = alipay.verify(alipay_data, signure)
if result:
# 交易成功,更新数据库数据
id = alipay_data.get("out_trad_on")
alipay_on = alipay_data.get("trad_on")
try:
Order.query.filter_by(id=id).update({
"status": "PAID",
"alipay_on": alipay_data
})
db.session.commit()
except Exception as e:
current_app.logger.error(e)
db.session.rollback()
return jsonify(errno=RET.OK, errmsg="ok")
def get(self, request):
# 支付的初始化参数
alipay = AliPay(
appid=settings.ALIAPY_CONFIG['appid'], # 沙箱支付的应用id
app_notify_url=settings.ALIAPY_CONFIG['app_notify_url'], # 默认回调url
# app_private_key_string=app_private_key_string, # 应用私钥
# # 支付宝的公钥,验证支付宝回传消息使用,不是你自己的公钥,
# alipay_public_key_string=alipay_public_key_string,
app_private_key_string=settings.
ALIAPY_CONFIG['app_private_key_path'], # 应用私钥
# 支付宝的公钥,验证支付宝回传消息使用,不是你自己的公钥,
alipay_public_key_string=settings.
ALIAPY_CONFIG['alipay_public_key_path'],
sign_type=settings.ALIAPY_CONFIG['sign_type'], # RSA 或者 RSA2
debug=settings.ALIAPY_CONFIG['debug'], # 默认False
)
# 验证alipay的异步通知,
data = request.query_params.dict()
signature = data.pop("sign")
success = alipay.verify(data, signature)
if success:
# 验证支付结果成功后 开始处理订单相关的业务
return self.order_result_pay(data)
return Response({"message": "对不起,当前订单支付失败"})
def save_order_result():
"""保存支付结果"""
alipay_dict = request.form.to_dict()
signature = alipay_dict.pop("sign")
alipay = AliPay(
appid=settings.ALIPAY_APPID,
app_notify_url=None, # 默认回调url
app_private_key_string=app_private_key_string,
# 支付宝的公钥,验证支付宝回传消息使用,不是你自己的公钥,
alipay_public_key_string=alipay_public_key_string,
sign_type="RSA2", # RSA 或者 RSA2
debug=True # 默认False
)
result = alipay.verify(alipay_dict, signature)
if result:
order_id = alipay_dict.get("out_trade_no")
trade_no = alipay_dict.get("trade_no")
try:
Order.query.filter_by(id=order_id).update({
"status": "WAIT_COMMENT",
"trade_no": trade_no
})
db.session.commit()
except Exception as e:
current_app.logger.error(e)
db.session.rollback()
return jsonify(errno=RET.OK, errmsg="OK")
def save_order_payment_result():
"""保存订单支付结果"""
alipay_dict = request.form.to_dict()
# 对支付宝的数据进行分离 提取出支付宝的签名参数sign 和 剩下的其他数据
alipay_sign = alipay_dict.pop("sign")
# 创建支付宝SDK的工具对象
alipay_client = AliPay(
appid="2016092400581852",
app_notify_url=None, # 默认回调url
app_private_key_path=os.path.join(os.path.dirname(__file__), "keys/app_private_key.pem"),
# 支付宝的公钥,验证支付宝回传消息使用,不是你自己的公钥,
alipay_public_key_path=os.path.join(os.path.dirname(__file__), "keys/alipay_public_key.pem"),
sign_type="RSA2", # RSA 或者 RSA2
debug=True # 默认False
)
# 借助工具验证参数合法性
# 如果确定参数是支付宝的,返回True , 否则返回false
result = alipay_client.verify(alipay_dict, alipay_sign)
if result:
# 修改数据库的订单状态信息
order_id = alipay_dict.get("out_trade_no")
trade_no = alipay_dict.get("trade_no") # 支付宝的交易号
try:
Order.query.filter_by(id=order_id).update({"status": "WAIT_COMMENT", "trade_no": trade_no})
db.session.commit()
except Exception as e:
current_app.logger.error(e)
db.session.rollback()
return jsonify(errno=RET.OK, errmsg="OK")
def put(self, request):
# 1.接收支付宝返回的数据
aliay_dict = request.query_params.dict()
# 2.验证是否支付成功
signature = aliay_dict.pop('sign')
alipay = AliPay(appid=settings.ALIPAY_APPID,
app_notify_url=None,
app_private_key_path=settings.ALIPAY_PRIVATE_KEY_PATH,
alipay_public_key_path=settings.ALIPAY_PUBLIC_KEY_PATH,
sign_type=settings.ALIPAY_SIGN_TYPE,
debug=settings.ALIPAY_DEBUG)
success = alipay.verify(aliay_dict, signature)
# print(aliay_dict)
if success:
# 3.如果支付成功
# 3.1修改订单状态
order_id = aliay_dict.get('out_trade_no')
try:
order = OrderInfo.objects.get(pk=order_id)
except:
raise Exception('订单编号无效')
else:
order.status = 2
order.save()
# 3.2创建订单支付对象
Payment.objects.create(order_id=order_id,
trade_id=aliay_dict.get('trade_no'))
return Response({'trade_id': aliay_dict.get('trade_no')})
else:
return Response({'message': '支付失败'})
class Pay:
def __init__(self):
if not settings.USE_ALIPAY:
return
# NOTE 暂时只支持支付宝
self.alipay = AliPay(
app_notify_url="",
appid=settings.ALIPAY_APP_ID,
app_private_key_string=settings.ALIPAY_APP_PRIVATE_KEY_STRING,
alipay_public_key_string=settings.ALIPAY_PUBLIC_KEY_STRING,
)
def trade_precreate(self, out_trade_no, total_amount, subject,
timeout_express, notify_url):
return self.alipay.api_alipay_trade_precreate(
out_trade_no=out_trade_no,
total_amount=total_amount,
subject=subject,
timeout_express=timeout_express,
notify_url=notify_url,
)
def trade_query(self, out_trade_no):
return self.alipay.api_alipay_trade_query(out_trade_no=out_trade_no)
def verify(self, data, signature):
return self.alipay.verify(data=data, signature=signature)
