diff --git a/DysonNetwork.Sphere/Wallet/PaymentHandlers/AfdianPaymentHandler.cs b/DysonNetwork.Sphere/Wallet/PaymentHandlers/AfdianPaymentHandler.cs index 13d96fc..eb5d0e9 100644 --- a/DysonNetwork.Sphere/Wallet/PaymentHandlers/AfdianPaymentHandler.cs +++ b/DysonNetwork.Sphere/Wallet/PaymentHandlers/AfdianPaymentHandler.cs @@ -2,11 +2,13 @@ using System.Security.Cryptography; using System.Text; using System.Text.Json; using System.Text.Json.Serialization; +using Microsoft.EntityFrameworkCore; using NodaTime; namespace DysonNetwork.Sphere.Wallet.PaymentHandlers; public class AfdianPaymentHandler( + AppDatabase db, IHttpClientFactory httpClientFactory, ILogger logger, IConfiguration configuration @@ -86,7 +88,7 @@ public class AfdianPaymentHandler( /// /// The order ID to query /// The order item if found, otherwise null - public async Task GetOrderAsync(string orderId) + public async Task GetOrderAsync(string orderId, Guid accountId) { if (string.IsNullOrEmpty(orderId)) { @@ -94,11 +96,16 @@ public class AfdianPaymentHandler( return null; } + var connection = await db.AccountConnections + .Where(c => c.AccountId == accountId && c.Provider == "afdian") + .FirstOrDefaultAsync(); + if (connection is null) throw new InvalidOperationException("Account need to link an afdian account first."); + try { var token = _configuration["Payment:Auth:Afdian"] ?? "_:_"; var tokenParts = token.Split(':'); - var userId = tokenParts[0]; + var userId = connection.ProvidedIdentifier; token = tokenParts[1]; var paramsJson = JsonSerializer.Serialize(new { out_trade_no = orderId }, JsonOptions); var ts = (long)(DateTime.UtcNow - new DateTime(1970, 1, 1)) @@ -442,4 +449,4 @@ public class SkuDetailItem [JsonPropertyName("album_id")] public string AlbumId { get; set; } = null!; [JsonPropertyName("pic")] public string Picture { get; set; } = null!; -} \ No newline at end of file +} diff --git a/DysonNetwork.Sphere/Wallet/SubscriptionController.cs b/DysonNetwork.Sphere/Wallet/SubscriptionController.cs index c37c5a3..3892779 100644 --- a/DysonNetwork.Sphere/Wallet/SubscriptionController.cs +++ b/DysonNetwork.Sphere/Wallet/SubscriptionController.cs @@ -180,11 +180,14 @@ public class SubscriptionController(SubscriptionService subscriptions, AfdianPay } [HttpPost("order/restore/afdian")] + [Authorize] public async Task RestorePurchaseFromAfdian([FromBody] RestorePurchaseRequest request) { - var order = await afdian.GetOrderAsync(request.OrderId); + if (HttpContext.Items["CurrentUser"] is not Account.Account currentUser) return Unauthorized(); + + var order = await afdian.GetOrderAsync(request.OrderId, currentUser.Id); if (order is null) return NotFound($"Order with ID {request.OrderId} was not found."); - + var subscription = await subscriptions.CreateSubscriptionFromOrder(order); return Ok(subscription); } @@ -200,4 +203,4 @@ public class SubscriptionController(SubscriptionService subscriptions, AfdianPay return Ok(response); } -} \ No newline at end of file +}