退款

Ant.Core/Ant.Core.csproj

@@ -33,6 +33,7 @@
   <ItemGroup>
     <Reference Include="System" />
     <Reference Include="System.Core" />
+    <Reference Include="System.Web.Extensions" />
     <Reference Include="System.Xml.Linq" />
     <Reference Include="System.Data.DataSetExtensions" />
     <Reference Include="Microsoft.CSharp" />
@@ -45,6 +46,7 @@
     <Compile Include="Properties\AssemblyInfo.cs" />
     <Compile Include="Utils\ConvertHelper.cs" />
     <Compile Include="Utils\IdGenerator.cs" />
+    <Compile Include="Utils\MD5Helper.cs" />
     <Compile Include="Utils\SafeClone.cs" />
     <Compile Include="Utils\Snowflake.cs" />
   </ItemGroup>

Ant.Core/Utils/MD5Helper.cs

@@ -0,0 +1,38 @@
+using System;
+using System.Collections.Generic;
+using System.Linq;
+using System.Security.Cryptography;
+using System.Text;
+using System.Threading.Tasks;
+using System.Web.Script.Serialization;
+
+namespace Ant.Core.Utils
+{
+    public class MD5Helper
+    {
+        public static string MD5Hash(string input)
+        {
+            StringBuilder hash = new StringBuilder();
+            MD5CryptoServiceProvider md5provider = new MD5CryptoServiceProvider();
+            byte[] bytes = md5provider.ComputeHash(new UTF8Encoding().GetBytes(input));
+
+            for (int i = 0; i < bytes.Length; i++)
+            {
+                hash.Append(bytes[i].ToString("x2"));
+            }
+            return hash.ToString();
+        }
+
+        public static string MD5Hash<T>(T obj)
+        {
+            var jsonString = string.Empty;
+
+            if (obj != null)
+            {
+                jsonString = new JavaScriptSerializer().Serialize(obj);
+            }
+
+            return MD5Hash(jsonString);
+        }
+    }
+}

Central.Control.WebApi/App_Data/Central.Control.WebApi.xml

@@ -143,6 +143,16 @@
             </summary>
             <returns>过滤后的字符串类型私钥</returns>
         </member>
+        <member name="T:Central.Control.WebApi.Config.WebSystemAccessConfig">
+            <summary>
+            
+            </summary>
+        </member>
+        <member name="F:Central.Control.WebApi.Config.WebSystemAccessConfig.Sign">
+            <summary>
+            
+            </summary>
+        </member>
         <member name="T:Central.Control.WebApi.Controllers.DeviceController">
             <summary>
             设备相关接口
@@ -269,7 +279,7 @@
             </summary>
             <returns></returns>
         </member>
-        <member name="M:Central.Control.WebApi.Controllers.OrderController.OrderRefund(System.String)">
+        <member name="M:Central.Control.WebApi.Controllers.OrderController.OrderRefund(System.String,System.String)">
             <summary>
             申请退款
             </summary>

Central.Control.WebApi/Central.Control.WebApi.csproj

@@ -211,6 +211,7 @@
     <Compile Include="Cache\CacheHelper.cs" />
     <Compile Include="Cache\ICacheHelper.cs" />
     <Compile Include="Config\AliPayConfig.cs" />
+    <Compile Include="Config\WebSystemAccessConfig.cs" />
     <Compile Include="Controllers\DeviceController.cs" />
     <Compile Include="Controllers\LoginController.cs" />
     <Compile Include="Controllers\OrderController.cs" />

Central.Control.WebApi/Config/WebSystemAccessConfig.cs

@@ -0,0 +1,18 @@
+using System;
+using System.Collections.Generic;
+using System.Linq;
+using System.Web;
+
+namespace Central.Control.WebApi.Config
+{
+    /// <summary>
+    /// 
+    /// </summary>
+    public class WebSystemAccessConfig
+    {
+        /// <summary>
+        /// 
+        /// </summary>
+        public const string Sign = "7A170B0C-66FB-46F9-9AF0-ADC19840F1B3";
+    }
+}

Central.Control.WebApi/Controllers/OrderController.cs

@@ -1,4 +1,6 @@
-using Ant.Core.WebApi.Model;
+using Ant.Core.Utils;
+using Ant.Core.WebApi.Enum;
+using Ant.Core.WebApi.Model;
 using Central.Control.WebApi.Config;
 using Central.Control.WebApi.Log4net;
 using Central.Control.WebApi.Models.Request;
@@ -142,10 +144,22 @@ namespace Central.Control.WebApi.Controllers
         /// 申请退款
         /// </summary>
         /// <returns></returns>
+        [AllowAnonymous]
         [HttpPut]
         [Route("orderrefund/{orderId}")]
-        public ApiResult OrderRefund(string orderId)
+        public ApiResult OrderRefund(string orderId, string token)
         {
+            #region 验证token
+
+            string stringForHash = $"{orderId}|{WebSystemAccessConfig.Sign}";
+            string hash = MD5Helper.MD5Hash(stringForHash);
+            if (string.Compare(token, hash, true) != 0)
+            {
+                return new ApiResult(ApiStatusCode.Forbidden, "认证不通过");
+            }
+
+            #endregion
+
             return _orderService.OrderRefund(orderId);
         }
 

Central.Control.WebApi/Service/OrderService.cs

@@ -541,7 +541,7 @@ namespace Central.Control.WebApi.Service
                 order.PayStatus = PayStatusEnum.Refunding;
                 order.OrderStatus = OrderStatusEnum.Cancel;
                 order.ModifyDT = DateTime.Now;
-                order.ModifyBY = "用户申请";
+                order.ModifyBY = "系统申请";
                 _dbContent.SaveChanges();
                 // 写入订单流程记录
                 _ywLogService.WriteOrderProcess(order.Id, order.DeviceId, OrderStatusEnum.Cancel, "申请退款", "用户申请");