4 Commits

Author	SHA1	Message	Date
erio	f50a180ec4	fix: 微信支付回调验签 PEM 格式自动补全，Stripe webhook 失败重试 ... - wxpay client: 添加 formatPublicKey() 自动包裹 PEM 头尾，修复裸 base64 公钥导致的 DECODER routines::unsupported 错误 - stripe webhook: 处理失败时返回 500 让 Stripe 重试 - 修正支付宝测试用例与实际代码对齐 Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>	2026-03-07 04:27:38 +08:00
erio	ac0772b0f4	fix: API 路由安全加固与架构优化 — 认证、错误处理、Registry 统一 ... - /api/user 添加 token 认证，防止用户枚举 - Admin token 支持 Authorization header - /api/orders/my 区分认证失败和服务端错误 - Admin orders userId/date 参数校验 - Decimal 字段统一 Number() 转换 - 抽取 handleApiError/extractHeaders 工具函数 - Webhook 路由改用 Registry 获取 Provider - PaymentRegistry lazy init 自动初始化 Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>	2026-03-07 04:15:54 +08:00
erio	0a35ba9002	style: 全量 prettier 格式化	2026-03-05 23:10:44 +08:00
erio	d9ab65ecf2	feat: integrate Stripe payment with bugfixes and active timeout cancellation ... - Add Stripe payment provider with Checkout Session flow - Payment provider abstraction layer (EasyPay + Stripe unified interface) - Stripe webhook with proper raw body handling and signature verification - Frontend: Stripe button with URL validation, anti-duplicate click, noopener - Active timeout cancellation: query platform before expiring, recover paid orders - Singleton Stripe client, idempotency keys, Math.round for amounts - Handle async_payment events, return null for unknown webhook events - Set Checkout Session expires_at aligned with order timeout - Add cancelPayment to provider interface (Stripe: sessions.expire, EasyPay: no-op) - Enable stripe in frontend payment type list	2026-03-01 17:58:08 +08:00