public IHttpActionResult Prepay(string token)
{
UserInfo user = dbContext.UserInfos.FirstOrDefault(t => t.Token == token);
user.Balance += 300m;
dbContext.SaveChanges();
return(Json(VMUserInfo.GetVMUserInfo(user)));
}
public IHttpActionResult BuyBook(string token, int bookId)
{
UserInfo user = dbContext.UserInfos.FirstOrDefault(t => t.Token == token);
Book book = dbContext.Books.FirstOrDefault(t => t.Id == bookId);
Order order = new Order();
order.UserId = user.Id;
order.BookId = book.Id;
order.Price = book.Price;
order.OrderTime = DateTime.Now;
dbContext.Orders.Add(order);
user.Balance -= order.Price;
dbContext.SaveChanges();
return(Json(VMUserInfo.GetVMUserInfo(user)));
}
public IHttpActionResult Login(string code, string rawData, string signature, string encryptedData, string iv)
{
VMUserInfo vmUserInfo = new VMUserInfo();
WXOpenId wxOpenId = JsonConvert.DeserializeObject <WXOpenId>(HttpHelper.HttpGet("https://api.weixin.qq.com/sns/jscode2session?appid=" + HttpHelper.AppId + "&secret=" + HttpHelper.AppSecret + "&js_code=" + code + "&grant_type=authorization_code"));
//通过签名验证数据是否有效
SHA1 sha1 = new SHA1CryptoServiceProvider();
byte[] source = Encoding.UTF8.GetBytes(rawData + wxOpenId.session_key);
byte[] target = sha1.ComputeHash(source);
if (BitConverter.ToString(target).Replace("-", "").ToLower() == signature)
{
//解密数据
AesCryptoServiceProvider aes = new AesCryptoServiceProvider();
aes.Mode = CipherMode.CBC;
aes.BlockSize = 128;
aes.Padding = PaddingMode.PKCS7;
byte[] byte_encryptedData = Convert.FromBase64String(encryptedData);
byte[] byte_iv = Convert.FromBase64String(iv);
byte[] byte_sessionKey = Convert.FromBase64String(wxOpenId.session_key);
aes.IV = byte_iv;
aes.Key = byte_sessionKey;
ICryptoTransform transform = aes.CreateDecryptor();
byte[] final = transform.TransformFinalBlock(byte_encryptedData, 0, byte_encryptedData.Length);
WXUserInfo wxUserInfo = JsonConvert.DeserializeObject <WXUserInfo>(Encoding.UTF8.GetString(final));
UserInfo userInfo = dbContext.UserInfos.FirstOrDefault(t => t.OpenId == wxOpenId.openid);
if (userInfo == null)
{
userInfo = new UserInfo();
userInfo.Token = Convert.ToBase64String(Guid.NewGuid().ToByteArray());
userInfo.OpenId = wxOpenId.openid;
userInfo.SessionKey = wxOpenId.session_key;
userInfo.Unionid = wxOpenId.unionid;
userInfo.NickName = wxUserInfo.nickName;
userInfo.Gender = (gender)wxUserInfo.gender;
userInfo.City = wxUserInfo.city;
userInfo.Province = wxUserInfo.province;
userInfo.Country = wxUserInfo.country;
userInfo.AvatarUrl = wxUserInfo.avatarUrl;
userInfo.AppId = wxUserInfo.watermark.appid;
userInfo.TimeStamp = wxUserInfo.watermark.timestamp;
userInfo.Balance = 299m;
dbContext.UserInfos.Add(userInfo);
}
else
{
userInfo.SessionKey = wxOpenId.session_key;
userInfo.Unionid = wxOpenId.unionid;
userInfo.NickName = wxUserInfo.nickName;
userInfo.Gender = (gender)wxUserInfo.gender;
userInfo.City = wxUserInfo.city;
userInfo.Province = wxUserInfo.province;
userInfo.Country = wxUserInfo.country;
userInfo.AvatarUrl = wxUserInfo.avatarUrl;
userInfo.AppId = wxUserInfo.watermark.appid;
userInfo.TimeStamp = wxUserInfo.watermark.timestamp;
}
dbContext.SaveChanges();
vmUserInfo = VMUserInfo.GetVMUserInfo(userInfo);
}
return(Json(vmUserInfo));
}
