feat: 集成微信支付直连（Native + H5）及金融级安全修复

- 新增 wxpay provider（wechatpay-node-v3 SDK），支持 Native 扫码和 H5 跳转 - 新增 /api/wxpay/notify 回调路由，AES-256-GCM 解密 + RSA 签名验证 - 修复 confirmPayment count=0 静默成功、充值失败返回 true 等 P0 问题 - 修复 notifyUrl 硬编码 easypay、回调金额覆盖订单金额等 P1 问题 - 手续费计算改用 Prisma.Decimal 精确运算，消除浮点误差 - 支付宝 provider 移除冗余 paramsForVerify，fetch 添加超时 - 补充 .env.example 配置文档和 CLAUDE.md 支付渠道说明
2026-03-06 13:57:52 +08:00
parent e9e164babc
commit 937f54dec2
17 changed files with 728 additions and 28 deletions
--- a/src/app/api/wxpay/notify/route.ts
+++ b/src/app/api/wxpay/notify/route.ts
@@ -0,0 +1,31 @@
+import { NextRequest } from 'next/server';
+import { handlePaymentNotify } from '@/lib/order/service';
+import { WxpayProvider } from '@/lib/wxpay';
+
+const wxpayProvider = new WxpayProvider();
+
+export async function POST(request: NextRequest) {
+  try {
+    const rawBody = await request.text();
+    const headers: Record<string, string> = {};
+    request.headers.forEach((value, key) => {
+      headers[key] = value;
+    });
+
+    const notification = await wxpayProvider.verifyNotification(rawBody, headers);
+    if (!notification) {
+      return Response.json({ code: 'SUCCESS', message: '成功' });
+    }
+    const success = await handlePaymentNotify(notification, wxpayProvider.name);
+    return Response.json(
+      success ? { code: 'SUCCESS', message: '成功' } : { code: 'FAIL', message: '处理失败' },
+      { status: success ? 200 : 500 },
+    );
+  } catch (error) {
+    console.error('Wxpay notify error:', error);
+    return Response.json(
+      { code: 'FAIL', message: '处理失败' },
+      { status: 500 },
+    );
+  }
+}