35 Commits

Author SHA1 Message Date
eric
e12420cc48 's' 2026-04-07 00:31:43 -05:00
eric
a34217b182 's' 2026-04-02 05:30:18 -05:00
eric
a59592bed5 's' 2026-04-02 05:26:11 -05:00
eric
1c5b46a933 's' 2026-04-02 01:04:08 -05:00
eric
8c3483c360 's' 2026-04-02 00:26:00 -05:00
eric
a0085ba9a2 's' 2026-04-01 14:22:29 -05:00
eric
445c017a31 's' 2026-04-01 02:23:37 -05:00
eric
3abacb8a48 's' 2026-03-31 14:27:59 -05:00
eric
38c10b4227 's' 2026-03-31 14:18:59 -05:00
eric
c700d7079f 's' 2026-03-31 14:08:14 -05:00
eric
3590142297 's' 2026-03-31 14:00:00 -05:00
eric
da08f91b4d 's' 2026-03-31 13:40:50 -05:00
eric
169c66e551 's' 2026-03-31 13:25:09 -05:00
eric
633c1af894 's' 2026-03-31 13:15:45 -05:00
eric
65b58d613c 's' 2026-03-31 13:05:02 -05:00
eric
c3a61831ca 's' 2026-03-31 13:02:15 -05:00
eric
7edac5674d 's' 2026-03-31 12:57:57 -05:00
eric
836ca360cb 's' 2026-03-31 12:53:53 -05:00
eric
99816764b5 's' 2026-03-31 12:45:04 -05:00
eric
850f696317 's' 2026-03-30 10:36:25 -05:00
eric
c825d84b0d 's' 2026-03-27 18:20:43 -05:00
eric
60e29a675e 's' 2026-03-26 11:40:19 -05:00
eric
9a5afd7493 feat: clean commit without .next 2026-03-26 11:31:57 -05:00
eric
e6b9c1dc9b 's' 2026-03-26 11:15:57 -05:00
eric
75fc0de5e4 's' 2026-03-26 10:57:08 -05:00
eric
00b7ee27db 's' 2026-03-26 03:15:23 -05:00
eric
a1b50b6da9 s 2026-03-26 15:37:41 +08:00
eric
5306e8b5cc 's' 2026-03-26 02:35:13 -05:00
eric
fcf990c133 remove pycache from git tracking 2026-03-14 00:47:09 +08:00
eric
8f9bf47713 sss 2026-03-14 00:47:00 +08:00
eric
32bfc89792 ss 2026-03-14 00:36:22 +08:00
eric
4b6955fc93 s 2026-03-14 00:36:22 +08:00
eric
4c618af91a s 2026-03-14 00:36:22 +08:00
eric
0326ab2875 'env' 2026-03-13 10:59:27 -05:00
eric
4634b16cf8 'c1' 2026-03-13 05:52:35 -05:00
48 changed files with 3290 additions and 200 deletions

23
.env Normal file
View File

@@ -0,0 +1,23 @@
# ========== 生产环境配置 ==========
BASE_URL=https://api.hackrobot.cn
PAYMENT_PROVIDER=zpay
# ZPAY请填入实际值
ZPAY_PID=2025121809351743
ZPAY_KEY=tpEi7wWIWI2kXiYVTpIG6j7it0mjVW89
# PocketBasecheck-user、ensure-user 必需,否则报「服务配置错误」)
PB_URL=https://pocketbase.hackrobot.cn
PB_ADMIN_EMAIL=xiaoshuang.eric@gmail.com
PB_ADMIN_PASSWORD=Xiao4669805@
# Memosnomadvip 支付成功后创建账号)
MEMOS_API=https://qun.hackrobot.cn/api/v1/users
MEMOS_TOKEN=eyJhbGciOiJIUzI1NiIsImtpZCI6InYxIiwidHlwIjoiSldUIn0.eyJuYW1lIjoiaGFja3JvYm90IiwiaXNzIjoibWVtb3MiLCJzdWIiOiIxIiwiYXVkIjpbInVzZXIuYWNjZXNzLXRva2VuIl0sImlhdCI6MTc1NzQwNTE0OX0.Idn7kBlxE-CoSOXwWuZ1tHGIRKHAIeDyXSafGS5OHsg
# MinIO可选
MINIO_ENDPOINT=minioweb.hackrobot.cn
MINIO_PORT=443
MINIO_BUCKET=hackrobot
MINIO_UPLOAD_PREFIX=joins

View File

@@ -18,7 +18,9 @@ ZPAY_PID=2025121809351743
ZPAY_KEY=tpEi7wWIWI2kXiYVTpIG6j7it0mjVW89
# PocketBasecheck-user、ensure-user、支付回调、nomadvip/digital/cnomadcna 共用)
# 公网 PB_URL 会被忽略并回落本机 8090本地无 PocketBase 时复制 .env.local含 PB_INTERNAL_URL
PB_URL=https://pocketbase.hackrobot.cn
# PB_INTERNAL_URL=https://pocketbase.hackrobot.cn
PB_ADMIN_EMAIL=xiaoshuang.eric@gmail.com
PB_ADMIN_PASSWORD=Xiao4669805@

16
.env.local Normal file
View File

@@ -0,0 +1,16 @@
# ========== 本地调试python run.py端口 8007==========
# 无本机 PocketBase 时:必须用 PB_INTERNAL_URL 指向上线config 会忽略公网 PB_URL
PORT=8007
PAYMENT_PROVIDER=zpay
BASE_URL=https://api.hackrobot.cn
PB_URL=https://pocketbase.hackrobot.cn
PB_INTERNAL_URL=https://pocketbase.hackrobot.cn
PB_ADMIN_EMAIL=xiaoshuang.eric@gmail.com
PB_ADMIN_PASSWORD=Xiao4669805@
MEMOS_API=https://qun.hackrobot.cn/api/v1/users
MEMOS_TOKEN=eyJhbGciOiJIUzI1NiIsImtpZCI6InYxIiwidHlwIjoiSldUIn0.eyJuYW1lIjoiaGFja3JvYm90IiwiaXNzIjoibWVtb3MiLCJzdWIiOiIxIiwiYXVkIjpbInVzZXIuYWNjZXNzLXRva2VuIl0sImlhdCI6MTc1NzQwNTE0OX0.Idn7kBlxE-CoSOXwWuZ1tHGIRKHAIeDyXSafGS5OHsg
ZPAY_PID=2025121809351743
ZPAY_KEY=tpEi7wWIWI2kXiYVTpIG6j7it0mjVW89

9
.gitignore vendored
View File

@@ -9,5 +9,10 @@ __pycache__/
*.py[cod]
venv/
.venv/
.env
.env.local
# .env
# .env.local
__pycache__/
*.py[cod]
*.pyo
*.pyd

104
README.md
View File

@@ -84,99 +84,39 @@ PAYMENT_PROVIDER=zpay
## 线上「支付失败」排查
本地正常、Ubuntu 部署后显示支付失败,常见原因:
本地正常、Ubuntu 部署后 api.hackrobot.cn 调用支付失败,常见原因:
1. **BASE_URL 配置错误**:必须为 ZPAY 可公网访问的地址。错误示例:`http://127.0.0.1:8700``http://localhost`。正确:`https://api.hackrobot.cn`域名需解析到本机nginx 反向代理 8700 端口)。
1. **BASE_URL 配置错误**:必须为 ZPAY 可公网访问的地址。错误示例:`http://127.0.0.1:8700``http://localhost`。正确:`https://api.hackrobot.cn`域名需解析到本机nginx 反向代理对应端口)。
2. **服务器无法访问 zpayz.cn**防火墙、DNS 或网络限制。访问 `https://你的域名/health?check_zpay=1` 自检,若 `zpayz_reachable: false` 则需开放出站或检查网络。
2. **服务器无法访问 zpayz.cn**防火墙、DNS 或网络限制。访问 `https://api.hackrobot.cn/health?check_zpay=1` 自检
- `zpayz_reachable: false` → 开放出站或检查网络
- `zpayz_error` 含 "SSL" → 执行 `apt install ca-certificates` 后重启
3. **启动时控制台有 BASE_URL 警告**:说明配置了内网地址,需修改 `.env` 中的 `BASE_URL` 为公网地址后重启
3. **client_ip 内网导致 ZPAY 风控拒单**前端digital/cnomadcna/nomadvip通过 nginx 代理时,需配置 `proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for`,否则 payjsapi 收到 127.0.0.1 会触发风控。已做兼容:内网 IP 时自动省略 clientip 参数
## Getting started
4. **启动时控制台有 BASE_URL 警告**:说明配置了内网地址,需修改 `.env` 中的 `BASE_URL` 为公网地址后重启。
To make it easy for you to get started with GitLab, here's a list of recommended next steps.
5. **查看详细错误**支付失败时payjsapi 会输出 `ZPAY create_order_api 失败` 日志,含 status/code/msg便于定位。
Already a pro? Just edit this README.md and make it your own. Want to make it easy? [Use the template at the bottom](#editing-this-readme)!
## 自检结果2026-04-01
## Add your files
本次联动自检覆盖了 `nomadvip` 前端与本仓库 `nomadvip` 路由的支付闭环:
- [ ] [Create](https://docs.gitlab.com/ee/user/project/repository/web_editor.html#create-a-file) or [upload](https://docs.gitlab.com/ee/user/project/repository/web_editor.html#upload-a-file) files
- [ ] [Add files using the command line](https://docs.gitlab.com/ee/gitlab-basics/add-file.html#add-a-file-using-the-command-line) or push an existing Git repository with the following command:
- 创建订单:`/nomadvip/payh5``/nomadvip/payh5/redirect`
- 异步通知:`/nomadvip/xorpay_notify``/nomadvip/zpay_notify`
- 支付查询:`/nomadvip/order_status`
- VIP 识别:`/nomadvip/check_vip``/nomadvip/check_vip_by_email`
```
cd existing_repo
git remote add origin http://gitlab.yidooplanet.com/gitlab-instance-0a899031/androidh5api.git
git branch -M main
git push -uf origin main
```
### 发现问题
## Integrate with your tools
- 业务链路问题发生在前端 `nomadvip``/api/pay/confirm` 兜底写 `payments` 时使用默认金额,可能与实际支付金额不一致(例如测试价、活动价)。
- [ ] [Set up project integrations](http://gitlab.yidooplanet.com/gitlab-instance-0a899031/androidh5api/-/settings/integrations)
### 处理状态
## Collaborate with your team
- 已在前端仓库修复confirm 兜底写库时优先使用网关返回 `pay_price`,失败才回退默认金额。
- 本仓库暂未发现新的阻断型业务 bug以静态代码审阅为准
- [ ] [Invite team members and collaborators](https://docs.gitlab.com/ee/user/project/members/)
- [ ] [Create a new merge request](https://docs.gitlab.com/ee/user/project/merge_requests/creating_merge_requests.html)
- [ ] [Automatically close issues from merge requests](https://docs.gitlab.com/ee/user/project/issues/managing_issues.html#closing-issues-automatically)
- [ ] [Enable merge request approvals](https://docs.gitlab.com/ee/user/project/merge_requests/approvals/)
- [ ] [Automatically merge when pipeline succeeds](https://docs.gitlab.com/ee/user/project/merge_requests/merge_when_pipeline_succeeds.html)
## 维护建议
## Test and Deploy
Use the built-in continuous integration in GitLab.
- [ ] [Get started with GitLab CI/CD](https://docs.gitlab.com/ee/ci/quick_start/index.html)
- [ ] [Analyze your code for known vulnerabilities with Static Application Security Testing(SAST)](https://docs.gitlab.com/ee/user/application_security/sast/)
- [ ] [Deploy to Kubernetes, Amazon EC2, or Amazon ECS using Auto Deploy](https://docs.gitlab.com/ee/topics/autodevops/requirements.html)
- [ ] [Use pull-based deployments for improved Kubernetes management](https://docs.gitlab.com/ee/user/clusters/agent/)
- [ ] [Set up protected environments](https://docs.gitlab.com/ee/ci/environments/protected_environments.html)
***
# Editing this README
When you're ready to make this README your own, just edit this file and use the handy template below (or feel free to structure it however you want - this is just a starting point!). Thank you to [makeareadme.com](https://www.makeareadme.com/) for this template.
## Suggestions for a good README
Every project is different, so consider which of these sections apply to yours. The sections used in the template are suggestions for most open source projects. Also keep in mind that while a README can be too long and detailed, too long is better than too short. If you think your README is too long, consider utilizing another form of documentation rather than cutting out information.
## Name
Choose a self-explaining name for your project.
## Description
Let people know what your project can do specifically. Provide context and add a link to any reference visitors might be unfamiliar with. A list of Features or a Background subsection can also be added here. If there are alternatives to your project, this is a good place to list differentiating factors.
## Badges
On some READMEs, you may see small images that convey metadata, such as whether or not all the tests are passing for the project. You can use Shields to add some to your README. Many services also have instructions for adding a badge.
## Visuals
Depending on what you are making, it can be a good idea to include screenshots or even a video (you'll frequently see GIFs rather than actual videos). Tools like ttygif can help, but check out Asciinema for a more sophisticated method.
## Installation
Within a particular ecosystem, there may be a common way of installing things, such as using Yarn, NuGet, or Homebrew. However, consider the possibility that whoever is reading your README is a novice and would like more guidance. Listing specific steps helps remove ambiguity and gets people to using your project as quickly as possible. If it only runs in a specific context like a particular programming language version or operating system or has dependencies that have to be installed manually, also add a Requirements subsection.
## Usage
Use examples liberally, and show the expected output if you can. It's helpful to have inline the smallest example of usage that you can demonstrate, while providing links to more sophisticated examples if they are too long to reasonably include in the README.
## Support
Tell people where they can go to for help. It can be any combination of an issue tracker, a chat room, an email address, etc.
## Roadmap
If you have ideas for releases in the future, it is a good idea to list them in the README.
## Contributing
State if you are open to contributions and what your requirements are for accepting them.
For people who want to make changes to your project, it's helpful to have some documentation on how to get started. Perhaps there is a script that they should run or some environment variables that they need to set. Make these steps explicit. These instructions could also be useful to your future self.
You can also document commands to lint the code or run tests. These steps help to ensure high code quality and reduce the likelihood that the changes inadvertently break something. Having instructions for running tests is especially helpful if it requires external setup, such as starting a Selenium server for testing in a browser.
## Authors and acknowledgment
Show your appreciation to those who have contributed to the project.
## License
For open source projects, say how it is licensed.
## Project status
If you have run out of energy or time for your project, put a note at the top of the README saying that development has slowed down or stopped completely. Someone may choose to fork your project or volunteer to step in as a maintainer or owner, allowing your project to keep going. You can also make an explicit request for maintainers.
- 建议保持 `payjsapi` 为唯一支付入账源,前端 confirm 仅作为短时兜底。
- 建议为 `order_status` 返回结构固定增加字段约束(如统一返回 `pay_price` 字段),避免调用侧重复兼容。

Binary file not shown.

View File

@@ -27,8 +27,27 @@ XORPAY_CASHIER_URL = os.getenv("XORPAY_CASHIER_URL", "https://xorpay.com/api/cas
ZPAY_PID = os.getenv("ZPAY_PID", "2025121809351743")
ZPAY_KEY = os.getenv("ZPAY_KEY", "tpEi7wWIWI2kXiYVTpIG6j7it0mjVW89")
# PocketBase支持 PB_ADMIN_* 或 POCKETBASE_*,空值时用默认
PB_URL = os.getenv("PB_URL") or os.getenv("POCKETBASE_URL") or "https://pocketbase.hackrobot.cn"
# PocketBase支持 PB_ADMIN_* 或 POCKETBASE_*
# 为了避免线上环境遗留 PB_URL=公网域名导致慢查询,默认强制优先本机。
# 本地无 PocketBase、需连线上 PB 时:在 .env.local 设置 PB_INTERNAL_URL=https://pocketbase.hackrobot.cn
# (该变量优先级最高,且不改变下方对 PB_URL 的解析规则)
_pb_internal = os.getenv("PB_INTERNAL_URL") or os.getenv("POCKETBASE_INTERNAL_URL")
_pb_explicit = os.getenv("PB_URL") or os.getenv("POCKETBASE_URL")
if _pb_internal:
PB_URL = _pb_internal
elif _pb_explicit and (
"127.0.0.1" in _pb_explicit
or "localhost" in _pb_explicit
or _pb_explicit.startswith("http://10.")
or _pb_explicit.startswith("https://10.")
or _pb_explicit.startswith("http://172.")
or _pb_explicit.startswith("https://172.")
or _pb_explicit.startswith("http://192.168.")
or _pb_explicit.startswith("https://192.168.")
):
PB_URL = _pb_explicit
else:
PB_URL = "http://127.0.0.1:8090"
PB_ADMIN_EMAIL = (
os.getenv("PB_ADMIN_EMAIL") or os.getenv("POCKETBASE_EMAIL") or "xiaoshuang.eric@gmail.com"
)
@@ -43,7 +62,7 @@ MEMOS_TOKEN = os.getenv(
"eyJhbGciOiJIUzI1NiIsImtpZCI6InYxIiwidHlwIjoiSldUIn0.eyJuYW1lIjoiaGFja3JvYm90IiwiaXNzIjoibWVtb3MiLCJzdWIiOiIxIiwiYXVkIjpbInVzZXIuYWNjZXNzLXRva2VuIl0sImlhdCI6MTc1NzQwNTE0OX0.Idn7kBlxE-CoSOXwWuZ1tHGIRKHAIeDyXSafGS5OHsg",
)
# 回调地址(用于生成 notify_url
# 回调地址(用于生成 notify_url。线上 api.nomadyt.com 时需设置 BASE_URL=https://api.nomadyt.com
BASE_URL = os.getenv("BASE_URL", "https://api.hackrobot.cn")
# MinIO 对象存储

View File

@@ -30,7 +30,10 @@ from .routers import (
legacy_router,
common_router,
meetup_router,
chatbot_router,
hackrobot_router,
)
from .routers.salon_meetup import router as salon_meetup_router
app = FastAPI(
title="PayJS API",
@@ -114,19 +117,43 @@ def _check_base_url():
@app.on_event("startup")
async def startup_event():
_check_base_url()
# 预热 PocketBase 连接,减少首个业务请求冷启动延迟
try:
from .services.pb import get_pb_client
get_pb_client()
logging.info("PocketBase client warmup done")
except Exception as error:
logging.warning("PocketBase client warmup failed: %s", error)
@app.get("/health")
async def health(check_zpay: str = ""):
"""健康检查。check_zpay=1 时额外检测 zpayz.cn 连通性"""
"""健康检查。check_zpay=1 时额外检测 zpayz.cn 连通性(含 SSL、mapi 接口)"""
out = {"status": "ok", "service": "payjsapi", "base_url": BASE_URL}
if str(check_zpay).lower() in ("1", "true", "yes"):
# 1) 检测 zpayz.cn 首页
try:
r = requests.get("https://zpayz.cn", timeout=5)
out["zpayz_reachable"] = r.status_code in (200, 301, 302, 404)
except Exception as e:
except requests.exceptions.SSLError as e:
out["zpayz_reachable"] = False
out["zpayz_error"] = f"SSL 错误: {e}Ubuntu 请执行: apt install ca-certificates"
except requests.RequestException as e:
out["zpayz_reachable"] = False
out["zpayz_error"] = str(e)
# 2) 检测 mapi 接口(实际支付调用地址)
if out.get("zpayz_reachable"):
try:
r2 = requests.post("https://zpayz.cn/mapi.php", data={"pid": "test"}, timeout=5)
out["zpayz_mapi_reachable"] = True
out["zpayz_mapi_status"] = r2.status_code
except requests.exceptions.SSLError as e:
out["zpayz_mapi_reachable"] = False
out["zpayz_mapi_error"] = f"SSL: {e}"
except requests.RequestException as e:
out["zpayz_mapi_reachable"] = False
out["zpayz_mapi_error"] = str(e)
return out
@@ -149,6 +176,9 @@ app.include_router(nomadlms_router)
app.include_router(legacy_router)
app.include_router(common_router)
app.include_router(meetup_router)
app.include_router(salon_meetup_router)
app.include_router(chatbot_router)
app.include_router(hackrobot_router)
@app.get("/")

View File

@@ -5,12 +5,27 @@ ZPAY 支付渠道实现
"""
import hashlib
import json
import logging
from typing import Any, Dict, Optional
import requests
from .base import PaymentProvider
logger = logging.getLogger(__name__)
def _is_internal_ip(ip: Optional[str]) -> bool:
"""判断是否为内网 IPZPAY 可能拒收导致 Ubuntu 部署失败"""
if not ip or not ip.strip():
return True
ip = ip.strip()
if ip in ("127.0.0.1", "localhost", "::1"):
return True
if ip.startswith("10.") or ip.startswith("192.168.") or ip.startswith("172.16."):
return True
return False
class ZPayProvider(PaymentProvider):
"""ZPAY 支付(易支付兼容接口)"""
@@ -64,8 +79,10 @@ class ZPayProvider(PaymentProvider):
"money": total_fee_yuan,
"return_url": return_url or notify_url,
}
if client_ip:
if client_ip and not _is_internal_ip(client_ip):
params["clientip"] = client_ip
elif client_ip and _is_internal_ip(client_ip):
logger.warning("ZPAY create_order 跳过内网 client_ip=%s", client_ip)
if extra and extra.get("param"):
params["param"] = str(extra["param"])
params["sign_type"] = "MD5"
@@ -98,6 +115,14 @@ class ZPayProvider(PaymentProvider):
适用于需要二维码或 H5 跳转的场景
"""
channel_type = "wxpay" if pay_type.lower() in ("wx", "wechat", "wxpay") else "alipay"
effective_ip = (client_ip or "").strip() or "127.0.0.1"
# 内网 IP127.0.0.1/10.x/192.168.x可能导致 ZPAY 风控拒单Ubuntu 部署时常见
if _is_internal_ip(effective_ip):
logger.warning(
"ZPAY create_order_api client_ip=%s 为内网地址,已省略 clientip 参数(避免风控拒单)",
effective_ip,
)
effective_ip = "" # 不传 clientip由 ZPAY 从连接获取
params = {
"pid": self.pid,
"type": channel_type,
@@ -105,9 +130,10 @@ class ZPayProvider(PaymentProvider):
"notify_url": notify_url,
"name": name,
"money": total_fee_yuan,
"clientip": client_ip or "127.0.0.1",
"device": device,
}
if effective_ip:
params["clientip"] = effective_ip
if return_url:
params["return_url"] = return_url
if extra and extra.get("param"):
@@ -117,7 +143,15 @@ class ZPayProvider(PaymentProvider):
try:
resp = requests.post(self.MAPI_URL, data=params, timeout=15)
except requests.exceptions.SSLError as e:
logger.error("ZPAY SSL 错误Ubuntu 可能 CA 证书不全): %s", e, exc_info=True)
return {
"status": "error",
"provider": self.name,
"msg": f"连接 zpayz.cn SSL 失败: {e}。Ubuntu 请安装 ca-certificates: apt install ca-certificates",
}
except requests.RequestException as e:
logger.error("ZPAY 连接失败: %s", e, exc_info=True)
return {
"status": "error",
"provider": self.name,
@@ -160,10 +194,18 @@ class ZPayProvider(PaymentProvider):
"O_id": result.get("O_id"),
"trade_no": result.get("trade_no"),
}
err_msg = result.get("msg", resp.text)
logger.error(
"ZPAY create_order_api 失败 status=%s code=%s msg=%s resp_text=%s",
resp.status_code,
code,
err_msg,
resp.text[:500] if resp.text else "",
)
return {
"status": "error",
"provider": self.name,
"msg": result.get("msg", resp.text),
"msg": err_msg,
}
def verify_notify(self, data: Dict[str, Any]) -> bool:
@@ -204,4 +246,5 @@ class ZPayProvider(PaymentProvider):
status = int(result.get("status", 0))
except (ValueError, TypeError):
status = 0
return {"paid": status == 1, "status": status}
money = result.get("money") or result.get("pay_price") or ""
return {"paid": status == 1, "status": status, "pay_price": str(money) if money else ""}

View File

@@ -13,6 +13,7 @@ from .nomadlms import router as nomadlms_router
from .legacy import router as legacy_router
from .common import router as common_router
from .meetup import router as meetup_router
from .chatbot import hackrobot_router, router as chatbot_router
__all__ = [
"nomadvip_router",
@@ -22,4 +23,6 @@ __all__ = [
"legacy_router",
"common_router",
"meetup_router",
"chatbot_router",
"hackrobot_router",
]

View File

@@ -2,6 +2,7 @@
digital/cnomadcna/nomadlms 共享的支付逻辑
根据 prefix 生成对应 notify_path业务互不影响
"""
import asyncio
import logging
import random
import string
@@ -69,9 +70,14 @@ def create_digital_router(prefix: str, project_name: str, site_id: str | None =
random_suffix = "".join(random.choices(string.hexdigits.lower(), k=8))
timestamp = int(time.time())
order_id = f"{user_id}_{pay_type}_order_{timestamp}_{random_suffix}"
return_url = item.get("return_url")
if return_url and "order_id=" not in return_url and "out_trade_no=" not in return_url:
sep = "&" if "?" in return_url else "?"
return_url = f"{return_url}{sep}order_id={order_id}"
type_map = {
"book": "购买书籍",
"meetup": "数字游民社区报名",
"salon": "沙龙报名茶歇费",
"video": "视频解锁",
"vip": "VIP会员充值",
}
@@ -84,7 +90,7 @@ def create_digital_router(prefix: str, project_name: str, site_id: str | None =
total_fee_yuan=total_fee_yuan,
pay_type=channel,
notify_url=notify_url,
return_url=item.get("return_url"),
return_url=return_url,
client_ip=item.get("client_ip"),
)
_safe_log(
@@ -94,7 +100,7 @@ def create_digital_router(prefix: str, project_name: str, site_id: str | None =
order_id,
provider.name,
notify_url,
item.get("return_url") or "",
return_url or "",
)
if provider.name == "xorpay":
return {
@@ -139,16 +145,20 @@ def create_digital_router(prefix: str, project_name: str, site_id: str | None =
pay_type = item.get("type", "unknown").lower()
return_url = item.get("return_url")
device = item.get("device", "pc")
random_suffix = "".join(random.choices(string.hexdigits.lower(), k=8))
timestamp = int(time.time())
order_id = f"{user_id}_{pay_type}_order_{timestamp}_{random_suffix}"
if return_url and "order_id=" not in return_url and "out_trade_no=" not in return_url:
sep = "&" if "?" in return_url else "?"
return_url = f"{return_url}{sep}order_id={order_id}"
client_ip = item.get("client_ip") or (request.client.host if request.client else "127.0.0.1")
forwarded = request.headers.get("x-forwarded-for")
if forwarded:
client_ip = forwarded.split(",")[0].strip()
random_suffix = "".join(random.choices(string.hexdigits.lower(), k=8))
timestamp = int(time.time())
order_id = f"{user_id}_{pay_type}_order_{timestamp}_{random_suffix}"
type_map = {
"book": "购买书籍",
"meetup": "数字游民社区报名",
"salon": "沙龙报名茶歇费",
"video": "视频解锁",
"vip": "VIP会员充值",
}
@@ -208,43 +218,46 @@ def create_digital_router(prefix: str, project_name: str, site_id: str | None =
if not order_id:
return {"paid": False, "error": "missing order_id"}
try:
from ..services.pb import get_pb_client
def _query_pb() -> dict | None:
try:
from ..services.pb import get_pb_client
pb = get_pb_client()
records = pb.collection("payments").get_list(1, 1, {"filter": f'order_id = "{order_id}"'})
if records.items:
return {"paid": True, "source": "pocketbase"}
except Exception as error:
_safe_log(logging.WARNING, "%s order_status PocketBase failed: %s", project_name, error)
return None
pb = get_pb_client()
records = pb.collection("payments").get_list(
1, 1, {"filter": f'order_id = "{order_id}"'}
)
if records.items:
return {"paid": True, "source": "pocketbase"}
except Exception as error:
_safe_log(logging.WARNING, "%s order_status PocketBase failed: %s", project_name, error)
def _query_xorpay() -> dict | None:
try:
xorpay = get_payment_provider_by_name("xorpay")
r = xorpay.query_order_status(order_id, timeout=6)
if r.get("paid"):
return {"paid": True, "source": "xorpay", "status": r.get("status", "")}
except Exception as error:
_safe_log(logging.WARNING, "%s order_status XorPay failed: %s", project_name, error)
return None
try:
xorpay = get_payment_provider_by_name("xorpay")
xorpay_result = xorpay.query_order_status(order_id, timeout=8)
if xorpay_result.get("paid"):
return {
"paid": True,
"source": "xorpay",
"status": xorpay_result.get("status", ""),
}
except Exception as error:
_safe_log(logging.WARNING, "%s order_status XorPay failed: %s", project_name, error)
try:
zpay = get_payment_provider_by_name("zpay")
if isinstance(zpay, ZPayProvider):
zpay_result = zpay.query_order_status(order_id, timeout=8)
if zpay_result.get("paid"):
return {
"paid": True,
"source": "zpay",
"status": zpay_result.get("status", ""),
}
except Exception as error:
_safe_log(logging.WARNING, "%s order_status ZPAY failed: %s", project_name, error)
def _query_zpay() -> dict | None:
try:
zpay = get_payment_provider_by_name("zpay")
if isinstance(zpay, ZPayProvider):
r = zpay.query_order_status(order_id, timeout=6)
if r.get("paid"):
return {"paid": True, "source": "zpay", "status": r.get("status", "")}
except Exception as error:
_safe_log(logging.WARNING, "%s order_status ZPAY failed: %s", project_name, error)
return None
# 并行查询 PB、ZPAY、XorPay任一返回 paid 即立即返回PC 扫码用 ZPAY微信用 XorPay
pb_task = asyncio.to_thread(_query_pb)
xorpay_task = asyncio.to_thread(_query_xorpay)
zpay_task = asyncio.to_thread(_query_zpay)
results = await asyncio.gather(pb_task, xorpay_task, zpay_task)
for r in results:
if r:
return r
return {"paid": False}
@router.post("/xorpay_notify")

953
app/routers/chatbot.py Normal file
View File

@@ -0,0 +1,953 @@
import asyncio
import base64
import json
import logging
import os
import struct
import xml.etree.ElementTree as ET
from datetime import datetime, timezone
from typing import NamedTuple, Optional
from urllib.parse import parse_qs, quote
import httpx
from Crypto.Cipher import AES
from fastapi import APIRouter, BackgroundTasks, HTTPException, Request
from fastapi.responses import HTMLResponse, JSONResponse, PlainTextResponse
from ..services.chatbot_miniprogram_card import build_miniprogram_card_msg, normalize_miniprogrampage_msg
from ..services.mp_recommend import is_mp_recommend_webhook_body, try_persist_from_like_body
from ..services.wechat_private_user_pb import (
contact_avatar_url,
query_private_messages,
safe_sync_wechat_private_user_to_pb,
)
router = APIRouter(tags=["chatbot"])
logger = logging.getLogger(__name__)
OPEN_API_PROFILES = {
"eric": {
"name": "Eric在旅行",
"APP_ID": "fXYWvGfq04uMScP",
"TOKEN": "EWRotyMHfTLAlYmCHpdH8AZcuZPBHn",
"ENCODING_AES_KEY": "1wJZiJm8URfRjkHu1QfIVDeNFc2jbzzeCZqvhQecsCx",
},
"xidu": {
"name": "异度世界",
"APP_ID": "LTKfSFeK0h8TRLM",
"TOKEN": "64DbvAd5m7YOJ1XslyMgJ9V42jDIUH",
"ENCODING_AES_KEY": "KCZGtPDjqFZnBuApvG3xqhvHUMnqFHbC5cnD23HKACX",
},
}
ACTIVE_PROFILE = (os.getenv("CHATBOT_ACTIVE_PROFILE") or "eric").strip().lower()
if ACTIVE_PROFILE not in OPEN_API_PROFILES:
ACTIVE_PROFILE = "eric"
APP_ID = OPEN_API_PROFILES[ACTIVE_PROFILE]["APP_ID"]
TOKEN = OPEN_API_PROFILES[ACTIVE_PROFILE]["TOKEN"]
ENCODING_AES_KEY = OPEN_API_PROFILES[ACTIVE_PROFILE]["ENCODING_AES_KEY"]
HACKROBOT_PROFILE = "xidu"
def _resolve_profile_key(profile_key: str) -> str:
k = (profile_key or "").strip().lower()
return k if k in OPEN_API_PROFILES else "eric"
def _profile_creds(profile_key: str) -> dict:
return OPEN_API_PROFILES[_resolve_profile_key(profile_key)]
def pkcs5_unpadding(data: bytes) -> bytes:
pad = data[-1]
if pad < 1 or pad > 32:
return data
return data[:-pad]
def pkcs5_padding(data: bytes) -> bytes:
amount_to_pad = 32 - (len(data) % 32)
return data + bytes([amount_to_pad]) * amount_to_pad
def get_aes_key_and_iv(encoding_aes_key: str) -> tuple[bytes, bytes]:
aes_key = base64.b64decode(encoding_aes_key + "=")
if len(aes_key) != 32:
raise ValueError("encodingAESKey invalid")
return aes_key, aes_key[:16]
def aes_decrypt_base64(cipher_b64: str, encoding_aes_key: str) -> str:
aes_key, iv = get_aes_key_and_iv(encoding_aes_key)
compact = "".join(str(cipher_b64 or "").split())
compact += "=" * (-len(compact) % 4)
cipher_bytes = base64.b64decode(compact)
cipher = AES.new(aes_key, AES.MODE_CBC, iv)
decrypted = pkcs5_unpadding(cipher.decrypt(cipher_bytes))
try:
if len(decrypted) < 20:
raise ValueError("payload too short")
content = decrypted[16:]
msg_len = struct.unpack("!I", content[:4])[0]
msg_start = 4
msg_end = msg_start + msg_len
if msg_end > len(content):
raise ValueError("msg length out of range")
msg = content[msg_start:msg_end]
text = msg.decode("utf-8")
if text:
return text
except Exception:
pass
return decrypted.decode("utf-8")
def aes_encrypt_base64(plaintext: str, encoding_aes_key: str, app_id: str | None = None) -> str:
aes_key, iv = get_aes_key_and_iv(encoding_aes_key)
raw = plaintext.encode("utf-8")
if app_id:
data = os.urandom(16) + struct.pack("!I", len(raw)) + raw + app_id.encode("utf-8")
else:
data = raw
padded = pkcs5_padding(data)
cipher = AES.new(aes_key, AES.MODE_CBC, iv)
return base64.b64encode(cipher.encrypt(padded)).decode("utf-8")
class SharedChatbotReply(NamedTuple):
"""全公众号配置共用的解析结果H5 图文、小程序卡片,或兜底纯文本(含超链)。"""
h5_message: Optional[dict]
"""与「发送客服消息」H5 一致:{\"news\": {\"articles\": [...]}};关键词为 Query 子串包含命中,未命中时为 None。"""
text_fallback: str
"""未命中关键词时的 short_answer 文案(可含 <a href>)。"""
miniprogram_message: Optional[dict]
"""与「发送客服消息」小程序卡片一致:{\"miniprogrampage\": {...}};未命中「小程序卡片」时为 None。"""
def _normalize_h5_msg_per_wechat_doc(h5_message: dict) -> dict:
"""
与文档「发送客服消息」H5 一致msg = { news: { articles: [ { title, description, url, picurl, type } ] } }。
仅保留这五个字段,避免多余键导致客户端不渲染。
"""
raw = h5_message.get("news") if isinstance(h5_message, dict) else None
arts = raw.get("articles") if isinstance(raw, dict) else None
if not isinstance(arts, list):
arts = []
norm_articles: list[dict] = []
for a in arts:
if not isinstance(a, dict):
continue
t = str(a.get("type", "h5") or "h5").strip().lower()
if t not in ("h5", "mp"):
t = "h5"
norm_articles.append(
{
"title": str(a.get("title", "")),
"description": str(a.get("description", "")),
"url": str(a.get("url", "")),
"picurl": str(a.get("picurl", "")),
"type": t,
}
)
return {"news": {"articles": norm_articles}}
def shared_build_h5_keyword_message(query: str, user_id: str, profile_key: str) -> Optional[dict]:
"""关键词命中时返回文档约定的 H5 msg再经 _normalize 输出)。
命中规则:对用户 Query 首尾 trim 后,**包含**配置词作为连续子串即命中(子串匹配),
不要求用户整句与关键词全等。群卡片统一按「群」子串命中。
「小程序卡片」在 shared_resolve_reply 中优先处理,不在此函数返回。
"""
q = (query or "").strip()
uid = (user_id or "").strip()
if "电子书" in q:
return {
"news": {
"articles": [
{
"title": "数字游民",
"description": "地理套利与自动化杠杆",
"url": f"https://vip.hackrobot.cn/ebook?userid={uid}",
"picurl": "https://www.hackrobot.cn/static/images/images/dgnomad.png",
"type": "h5",
}
]
}
}
group_hit = "" in q
if group_hit:
return {
"news": {
"articles": [
{
"title": "异度星球",
"description": "电子书、视频教程、私密社群",
"url": f"https://vip.hackrobot.cn?userid={uid}",
"picurl": "https://www.hackrobot.cn/static/images/images/dgnomad.png",
"type": "h5",
}
]
}
}
return None
def build_fallback_reply_plain_text(user_id: str) -> str:
"""
兜底回复(单独构建):未命中「小程序卡片」「电子书」「群」等关键词时使用。
/chatbot、/hackrobot 共用同一文案与链接逻辑,仅解密密钥因 profile 不同。
"""
uid = (user_id or "").strip()
href = f"https://vip.hackrobot.cn/?userid={quote(uid, safe='')}" if uid else "https://vip.hackrobot.cn/"
return "🤖消息已收到,稍晚看到后回复\n参与交流,👉可<a href=\"" + href + "\">加群</a>"
def shared_resolve_reply(data: dict, profile_key: str) -> SharedChatbotReply:
"""根据解密后的 data 与 profile 决定小程序卡片、H5 或兜底;关键词按 Query 子串包含判断,无命中时走 build_fallback_reply_plain_text。"""
user_id = str(data.get("UserId", "") or data.get("userId", "") or "").strip()
query = str(data.get("Query", "") or "").strip()
if "小程序卡片" in query:
mp = build_miniprogram_card_msg(user_id=user_id)
return SharedChatbotReply(None, "", mp)
h5 = shared_build_h5_keyword_message(query, user_id, profile_key)
if h5:
return SharedChatbotReply(h5, "", None)
return SharedChatbotReply(None, build_fallback_reply_plain_text(user_id), None)
def shared_build_openapi_text_answer(short_answer: str) -> dict:
"""开放 API 文档「输出」:文本 / 含超链兜底。"""
return {"answer_type": "text", "text_info": {"short_answer": short_answer}}
def _xml_channel_h5_envelope(data: dict, h5_message: dict) -> dict:
"""XML 入站(如 Eric /chatbot命中关键词userid 信封 + content.news与线上一致。"""
user_id = str(data.get("UserId", "") or data.get("userId", "") or "").strip()
appid = str(data.get("ChannelId", "") or data.get("appid", "")).strip()
channel = int(str(data.get("channel", "0") or "0"))
return {"userid": user_id, "appid": appid, "content": h5_message, "channel": channel, "from": 1}
def _openapi_json_h5_answer_per_sendmsg_doc(msg: dict) -> dict:
"""
开放 API JSON 入站命中 H5 / 小程序卡片:与文档「发送客服消息」一致。
msg 为 { news: { articles: [...] } } 或 { miniprogrampage: {...} }。
第三方回调侧将该 msg 序列化为 JSON 字符串,放入 answer_type=text 的 text_info.short_answer
(与客服接口里 msg 对象同源结构,由网关解析为卡片)。
"""
compact = json.dumps(msg, ensure_ascii=False, separators=(",", ":"))
return {"answer_type": "text", "text_info": {"short_answer": compact}}
def _openapi_json_merge_request_echo(data: dict, body: dict) -> dict:
"""回传 RequestId便于开放平台把应答与请求关联避免未命中/空白展示)。"""
rid = data.get("RequestId")
if rid is None:
return body
s = str(rid).strip()
if not s:
return body
out = dict(body)
out["RequestId"] = rid
return out
def shared_build_plain_body_for_wechat_callback(
*,
payload_format: str,
reply: SharedChatbotReply,
data: dict,
) -> dict:
"""
回调加密前的明文 JSON 统一入口(关键词 H5 与兜底共用一套解析结果 reply
- /chatbot 多为 XML 入站H5 用 userid 信封;兜底改用 answer_type=text信封里 content.msg 对超链异常)。
- /hackrobot 多为 JSON 入站:兜底用 answer_type=textH5 用同结构的 msg JSON 串作为 short_answer见发送客服消息文档
"""
fmt = (payload_format or "").strip().lower()
is_xml = fmt == "xml"
if reply.miniprogram_message:
msg = normalize_miniprogrampage_msg(reply.miniprogram_message)
if is_xml:
return _xml_channel_h5_envelope(data, msg)
body = _openapi_json_h5_answer_per_sendmsg_doc(msg)
return _openapi_json_merge_request_echo(data, body)
if reply.h5_message:
msg = _normalize_h5_msg_per_wechat_doc(reply.h5_message)
if is_xml:
return _xml_channel_h5_envelope(data, msg)
body = _openapi_json_h5_answer_per_sendmsg_doc(msg)
return _openapi_json_merge_request_echo(data, body)
body = shared_build_openapi_text_answer(reply.text_fallback)
if not is_xml:
body = _openapi_json_merge_request_echo(data, body)
return body
def _ensure_user_id_from_session(data: dict) -> None:
"""开放 API JSON 可能只带 SessionId如 0_xxx|openid补全 UserId 供关键词链接与兜底文案使用。"""
uid = str(data.get("UserId", "") or data.get("userId", "") or "").strip()
if uid:
return
sid = str(data.get("SessionId", "") or "").strip()
if "|" in sid:
tail = sid.rsplit("|", 1)[-1].strip()
if tail:
data["UserId"] = tail
def _parse_decrypted_payload(decrypted_text: str) -> dict:
text = (decrypted_text or "").strip()
# 兼容 BOM / NUL / 控制字符前缀
text = text.lstrip("\ufeff\x00\r\n\t ")
if not text:
raise ValueError("empty decrypted payload")
# 某些上游会把 JSON 再包一层字符串:"{\"UserId\":\"...\"}"
if text.startswith('"') and text.endswith('"'):
try:
unwrapped = json.loads(text)
if isinstance(unwrapped, str):
text = unwrapped.strip().lstrip("\ufeff\x00\r\n\t ")
except Exception:
pass
# 若前面夹杂少量杂字符,尝试定位第一个结构起始位
first_json = text.find("{")
first_xml = text.find("<")
starts = [x for x in [first_json, first_xml] if x >= 0]
if starts:
first = min(starts)
if first > 0:
text = text[first:]
if text.startswith("{"):
obj = json.loads(text)
obj["_payload_format"] = "json"
return obj
if text.startswith("<"):
root = ET.fromstring(text)
def get_text(tag: str, default: str = "") -> str:
node = root.find(tag)
return (node.text or "").strip() if node is not None and node.text is not None else default
content_node = root.find("content")
query = ""
if content_node is not None:
msg_node = content_node.find("msg")
if msg_node is not None and msg_node.text:
query = msg_node.text.strip()
return {
"UserId": get_text("userid", ""),
"Query": query,
"Timestamp": get_text("createtime", ""),
"MsgId": get_text("msgid", ""),
"ChannelId": get_text("appid", ""),
"appid": get_text("appid", ""),
"channel": get_text("channel", "0"),
"from": get_text("from", "0"),
"_payload_format": "xml",
}
# 兼容 querystring 明文UserId=xxx&Query=你好&appid=...
if "=" in text and "&" in text:
qs = parse_qs(text, keep_blank_values=True)
def qv(*keys: str) -> str:
for key in keys:
vals = qs.get(key) or qs.get(key.lower()) or qs.get(key.upper()) or []
if vals and str(vals[0]).strip():
return str(vals[0]).strip()
return ""
return {
"UserId": qv("UserId", "userid", "userId", "from_user"),
"Query": qv("Query", "query", "msg", "content"),
"Timestamp": qv("Timestamp", "timestamp", "createTime", "msg_time"),
"MsgId": qv("MsgId", "msgId", "msgid"),
"ChannelId": qv("ChannelId", "appid", "appId"),
"appid": qv("appid", "appId"),
"channel": qv("channel"),
"from": qv("from"),
"_payload_format": "querystring",
}
raise ValueError("unsupported payload format")
async def _handle_wechat_request(
request: Request,
app_id: Optional[str],
background_tasks: BackgroundTasks,
*,
profile_key: str,
) -> str:
creds = _profile_creds(profile_key)
expected_app_id = creds["APP_ID"]
encoding_key = creds["ENCODING_AES_KEY"]
if app_id and app_id != expected_app_id:
logger.warning(
"chatbot app_id mismatch profile=%s expected=%s actual=%s",
profile_key,
expected_app_id,
app_id,
)
raw_body = (await request.body()).decode("utf-8", errors="ignore").strip()
if not raw_body:
raise HTTPException(status_code=400, detail="empty body")
cipher_b64 = raw_body
# 兼容三种请求体:
# 1) 纯密文 base64
# 2) JSON: {"encrypted":"..."} / {"encrypt":"..."} / {"Encrypt":"..."}
# 3) x-www-form-urlencoded: encrypted=... / encrypt=...
try:
outer = json.loads(raw_body)
if isinstance(outer, dict):
for key in ("encrypted", "encrypt", "Encrypt"):
val = outer.get(key)
if isinstance(val, str) and val.strip():
cipher_b64 = val
break
except Exception:
form = parse_qs(raw_body, keep_blank_values=True)
for key in ("encrypted", "encrypt", "Encrypt"):
vals = form.get(key) or []
if vals and str(vals[0]).strip():
cipher_b64 = str(vals[0])
break
cipher_b64 = "".join(str(cipher_b64).split()).strip()
try:
decrypted = aes_decrypt_base64(cipher_b64, encoding_key)
logger.info(
"chatbot decrypted preview profile=%s app_id=%s preview=%s",
profile_key,
app_id or "",
(decrypted or "")[:200],
)
data = _parse_decrypted_payload(decrypted)
_ensure_user_id_from_session(data)
logger.info(
"chatbot payload parsed profile=%s app_id=%s format=%s user=%s query=%s",
profile_key,
app_id or "",
data.get("_payload_format", ""),
str(data.get("UserId", "") or data.get("userId", ""))[:80],
str(data.get("Query", ""))[:80],
)
except Exception as error:
logger.error(
"chatbot decrypt failed profile=%s app_id=%s content_type=%s body_prefix=%s err=%s",
profile_key,
app_id or "",
request.headers.get("content-type", ""),
raw_body[:160],
error,
)
raise HTTPException(status_code=400, detail="decrypt error")
reply = shared_resolve_reply(data, profile_key)
background_tasks.add_task(safe_sync_wechat_private_user_to_pb, data, profile_key)
fmt = str(data.get("_payload_format", "") or "")
plain_obj = shared_build_plain_body_for_wechat_callback(payload_format=fmt, reply=reply, data=data)
resp_plain = json.dumps(plain_obj, ensure_ascii=False)
logger.info(
"chatbot reply_plain profile=%s fmt=%s shape=%s",
profile_key,
fmt,
list(plain_obj.keys()),
)
if fmt == "xml":
response_app_id = str(data.get("ChannelId", "") or data.get("appid", "")).strip() or expected_app_id
else:
# 与原始 chatbot 服务保持一致thirdapiURL 带 app_id回包使用纯 AES不拼 app_id
response_app_id = None if app_id else expected_app_id
return aes_encrypt_base64(resp_plain, encoding_key, response_app_id)
@router.post("/chatbot", response_class=PlainTextResponse)
@router.post("/chatbot/", response_class=PlainTextResponse)
async def chatbot_root(request: Request, background_tasks: BackgroundTasks, app_id: Optional[str] = None):
return await _handle_wechat_request(request, app_id, background_tasks, profile_key=ACTIVE_PROFILE)
@router.post("/chatbot/wechat/thirdapi", response_class=PlainTextResponse)
@router.post("/chatbot/wechat/thirdapi/", response_class=PlainTextResponse)
async def chatbot_thirdapi(request: Request, background_tasks: BackgroundTasks, app_id: Optional[str] = None):
return await _handle_wechat_request(request, app_id, background_tasks, profile_key=ACTIVE_PROFILE)
@router.get("/chatbot/health")
@router.get("/chatbot/health/")
def chatbot_health():
return {"status": "ok", "module": "chatbot-clone", "profile": ACTIVE_PROFILE}
hackrobot_router = APIRouter(tags=["hackrobot"])
@hackrobot_router.post("/hackrobot", response_class=PlainTextResponse)
@hackrobot_router.post("/hackrobot/", response_class=PlainTextResponse)
async def hackrobot_root(request: Request, background_tasks: BackgroundTasks, app_id: Optional[str] = None):
return await _handle_wechat_request(request, app_id, background_tasks, profile_key=HACKROBOT_PROFILE)
@hackrobot_router.post("/hackrobot/wechat/thirdapi", response_class=PlainTextResponse)
@hackrobot_router.post("/hackrobot/wechat/thirdapi/", response_class=PlainTextResponse)
async def hackrobot_thirdapi(request: Request, background_tasks: BackgroundTasks, app_id: Optional[str] = None):
return await _handle_wechat_request(request, app_id, background_tasks, profile_key=HACKROBOT_PROFILE)
@hackrobot_router.get("/hackrobot/health")
@hackrobot_router.get("/hackrobot/health/")
def hackrobot_health():
return {"status": "ok", "module": "chatbot-clone", "profile": HACKROBOT_PROFILE}
def _log_like_incoming(request: Request, body: bytes) -> None:
"""SmsForwarder Webhook 调试:打印完整入参(公众号助手等通知转发)。"""
client_host = request.client.host if request.client else None
client_port = request.client.port if request.client else None
query = {k: v for k, v in request.query_params.multi_items()}
headers = {k: v for k, v in request.headers.items()}
ct = headers.get("content-type", "") or headers.get("Content-Type", "")
logger.info(
"[like] ----- incoming POST ----- path=%s full_url=%s client=%s:%s query=%r",
request.url.path,
str(request.url),
client_host,
client_port,
query,
)
logger.info("[like] content_type=%r content_length=%s body_bytes=%s", ct, headers.get("content-length"), len(body))
logger.info("[like] headers=%s", headers)
if not body:
logger.info("[like] body=(empty)")
return
text = None
try:
text = body.decode("utf-8")
except UnicodeDecodeError:
hex_preview = body[:400].hex()
suffix = "..." if len(body) > 400 else ""
logger.info("[like] body=(non-utf8, hex prefix) %s%s", hex_preview, suffix)
return
logger.info("[like] body_text=\n%s", text)
low = (ct or "").lower()
if "json" in low:
try:
parsed = json.loads(text)
logger.info("[like] body_json=%s", json.dumps(parsed, ensure_ascii=False, indent=2))
except json.JSONDecodeError as e:
logger.info("[like] body_json_parse_failed: %s", e)
def _client_ip_for_like(request: Request) -> str:
xff = request.headers.get("x-forwarded-for") or request.headers.get("X-Forwarded-For")
if xff:
return xff.split(",")[0].strip()
if request.client:
return request.client.host or ""
return ""
@router.post("/chatbot/like")
@hackrobot_router.post("/hackrobot/like")
async def like_webhook_sink(request: Request):
"""接收 SmsForwarder 等 Webhook POST详细打日志公众号助手通知写入 PocketBase。"""
body = await request.body()
_log_like_incoming(request, body)
ct = request.headers.get("content-type", "") or ""
payload: dict = {"ok": True, "received_bytes": len(body)}
try:
text = body.decode("utf-8")
except UnicodeDecodeError:
return JSONResponse(status_code=200, content=payload)
if is_mp_recommend_webhook_body(text, ct):
try:
summary = await asyncio.to_thread(try_persist_from_like_body, text, ct, _client_ip_for_like(request))
if summary:
payload["mp_recommend"] = summary
except Exception:
logger.exception("[like] PocketBase 写入 mp_recommend 失败")
payload["mp_recommend_error"] = "persist_failed"
return JSONResponse(status_code=200, content=payload)
@router.post("/chatbot/api/private-message/query")
@hackrobot_router.post("/hackrobot/api/private-message/query")
async def chatbot_private_message_query(payload: dict):
authtoken = str(payload.get("authtoken", "")).strip()
wxbot_bid = str(payload.get("wxbot_bid", "")).strip()
if not authtoken or not wxbot_bid:
raise HTTPException(status_code=400, detail="authtoken 和 wxbot_bid 不能为空")
result = await query_private_messages(
authtoken=authtoken,
wxbot_bid=wxbot_bid,
page=int(payload.get("page", 0)),
size=int(payload.get("size", 30)),
filter_value=int(payload.get("filter", 0)),
request_id=str(payload.get("requestid", "local-debug")).strip() or "local-debug",
)
contacts = result.get("contacts") or []
return {
"ok": True,
"count": result.get("count"),
"users": [
{
"nick": c.get("nick"),
"userId": c.get("userId") or c.get("userid"),
"avatar": contact_avatar_url(c) or None,
"lastMsg": (c.get("lastMsg") or {}).get("content"),
"lastActiveTime": c.get("lastActiveTime"),
}
for c in contacts
],
"raw": result,
}
@router.post("/chatbot/api/private-message/analyze")
@hackrobot_router.post("/hackrobot/api/private-message/analyze")
async def chatbot_private_message_analyze(payload: dict):
authtoken = str(payload.get("authtoken", "")).strip()
if not authtoken:
raise HTTPException(status_code=400, detail="authtoken 不能为空")
try:
parts = authtoken.split(".")
payload_part = parts[1] if len(parts) == 3 else ""
payload_part += "=" * (-len(payload_part) % 4)
claims = json.loads(base64.urlsafe_b64decode(payload_part.encode("utf-8")).decode("utf-8")) if payload_part else {}
except Exception:
claims = {}
now_ts = int(datetime.now(timezone.utc).timestamp())
exp = int(claims.get("exp", 0)) if str(claims.get("exp", "")).isdigit() else 0
expires_in_seconds = exp - now_ts if exp else None
status = "无法解析过期时间"
if isinstance(expires_in_seconds, int):
if expires_in_seconds <= 0:
status = "已过期"
elif expires_in_seconds < 3600:
status = "即将过期1小时内"
else:
status = "有效"
return {
"status": status,
"now_utc": datetime.now(timezone.utc).isoformat(),
"claims": claims,
"analysis": {
"expires_in_seconds": expires_in_seconds,
"expires_in_hours": round(expires_in_seconds / 3600, 2) if isinstance(expires_in_seconds, int) else None,
"summary": "该分析基于 JWT payload 解码,不包含签名有效性校验。",
},
}
def _private_message_debug_html(api_prefix: str) -> str:
base = """
<!doctype html>
<html lang="zh-CN">
<head>
<meta charset="utf-8" />
<meta name="viewport" content="width=device-width, initial-scale=1" />
<title>Chatbot 私信调试台</title>
<style>
body { font-family: system-ui, -apple-system, "Microsoft YaHei", sans-serif; margin: 0; padding: 20px; background: #0f172a; color: #e2e8f0; }
.wrap { max-width: 980px; margin: 0 auto; display: grid; gap: 12px; }
.card { background: #111827; border: 1px solid #334155; border-radius: 10px; padding: 14px; }
h2 { margin: 0 0 8px; }
label { display:block; margin: 8px 0 6px; font-size: 13px; color: #cbd5e1; }
input, textarea { width: 100%; border-radius: 8px; border: 1px solid #475569; background: #0b1220; color: #e2e8f0; padding: 10px; box-sizing: border-box; }
textarea { min-height: 88px; }
.row { display:grid; grid-template-columns: 1fr 1fr; gap: 10px; }
.btns { display:flex; gap:10px; margin-top: 10px; }
button { border: 0; background: #2563eb; color: white; border-radius: 8px; padding: 10px 14px; cursor: pointer; }
button.alt { background: #4f46e5; }
#status { font-size: 13px; color: #93c5fd; }
#token-countdown-wrap { margin-top: 12px; display: none; }
#token-countdown-wrap.active { display: block; }
.cd-row { display: flex; justify-content: space-between; align-items: center; font-size: 12px; color: #94a3b8; gap: 8px; }
.cd-bar { height: 8px; background: #1e293b; border-radius: 4px; overflow: hidden; margin-top: 8px; }
.cd-bar-fill { height: 100%; width: 100%; border-radius: 4px; transition: width 0.35s linear, background 0.25s; background: #22c55e; }
#users { display:grid; grid-template-columns: repeat(auto-fill,minmax(250px,1fr)); gap: 8px; }
.u { border:1px solid #334155; border-radius:8px; padding:8px; background:#0b1220; display:flex; gap:10px; align-items:flex-start; }
.u .ava { width:40px; height:40px; border-radius:8px; object-fit:cover; flex-shrink:0; background:#1e293b; }
.u .ava--ph { display:flex; align-items:center; justify-content:center; font-size:10px; color:#64748b; text-align:center; line-height:1.2; padding:2px; box-sizing:border-box; }
.u .meta { min-width:0; flex:1; }
.uid { color:#93c5fd; font-size:12px; word-break:break-all; }
pre { background:#020617; border:1px solid #334155; border-radius:8px; padding:10px; overflow:auto; max-height:420px; }
</style>
</head>
<body>
<div class="wrap">
<section class="card">
<h2>Chatbot 私信调试台</h2>
<div id="status">准备就绪</div>
<div id="token-countdown-wrap">
<div class="cd-row">
<span>Token 剩余</span>
<span id="token-countdown-text">--</span>
</div>
<div class="cd-bar"><div id="token-countdown-bar" class="cd-bar-fill"></div></div>
</div>
<label>默认配置</label>
<select id="preset" style="width:100%;border-radius:8px;border:1px solid #475569;background:#0b1220;color:#e2e8f0;padding:10px;box-sizing:border-box;">
<option value="eric">Eric在旅行</option>
<option value="xidu">异度世界</option>
</select>
<label>authtoken</label>
<textarea id="authtoken" placeholder="粘贴抓包 authtoken"></textarea>
<label>wxbot_bid</label>
<input id="wxbot_bid" placeholder="例如: 75021053883a9090c67d5becde7f4b0a" />
<div class="row">
<div>
<label>page</label>
<input id="page" value="0" />
</div>
<div>
<label>size</label>
<input id="size" value="30" />
</div>
</div>
<div class="btns">
<button onclick="queryPm()">查询私信</button>
<button class="alt" onclick="analyzeToken()">分析 Token</button>
</div>
</section>
<section class="card">
<h3 style="margin:0 0 8px;">用户列表</h3>
<div id="users"></div>
</section>
<section class="card">
<h3 style="margin:0 0 8px;">原始结果</h3>
<pre id="out">{}</pre>
</section>
</div>
<script>
const $ = (id) => document.getElementById(id);
const presets = {
eric: {
authtoken: "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJyaWQiOjE5MzE1MjcsIm9wZW5pZCI6Im85VS04NW1DSXZ0eDZ0a0pteTQyMkkzcUNHVWciLCJzaWduZXRpbWUiOjE3NzQ5MzM0NDQ4MTgsImlhdCI6MTc3NDkzMzQ0NCwiZXhwIjoxNzc3NTI1NDQ0fQ.iC9vdjBqa2LGlqA6F-Dg4GcfDyv3Rp8JwpBaO3j_eE4",
wxbot_bid: "75021053883a9090c67d5becde7f4b0a",
},
xidu: {
authtoken: "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJyaWQiOjE5MzE1MjcsIm9wZW5pZCI6Im85VS04NW1DSXZ0eDZ0a0pteTQyMkkzcUNHVWciLCJzaWduZXRpbWUiOjE3NzQ5MzM0NDQ4MTgsImlhdCI6MTc3NDkzMzQ0NCwiZXhwIjoxNzc3NTI1NDQ0fQ.iC9vdjBqa2LGlqA6F-Dg4GcfDyv3Rp8JwpBaO3j_eE4",
wxbot_bid: "4888c6ab5cb70dcc3adea1e2d2ff0201",
}
};
function setStatus(s){ $("status").textContent = s; }
function renderJson(v){ $("out").textContent = JSON.stringify(v, null, 2); }
/** HTTPS 页内嵌 http://wx.qlogo.cn 会被浏览器拦截,改为 https 同路径即可加载 */
function normalizeAvatarUrl(av){
const s = (av || "").trim();
if(!s) return "";
const low = s.toLowerCase();
if(low.startsWith("http://") && low.indexOf("qlogo.cn") >= 0) return "https://" + s.slice(7);
return s;
}
function isAvatarImgUrl(s){
const t = (s || "").trim().toLowerCase();
return t.startsWith("https://") || t.startsWith("http://");
}
function mkAvaPlaceholder(title, hint){
const d = document.createElement("div");
d.className = "ava ava--ph";
d.title = title || "";
d.textContent = hint || "无图";
return d;
}
function renderUsers(users){
const box = $("users");
box.replaceChildren();
if(!Array.isArray(users) || !users.length){
const empty = document.createElement("div");
empty.className = "u";
empty.textContent = "暂无数据";
box.appendChild(empty);
return;
}
for(const u of users){
const row = document.createElement("div");
row.className = "u";
const rawAv = String(u.avatar || "").trim();
const av = normalizeAvatarUrl(rawAv);
if(av && isAvatarImgUrl(av)){
const img = document.createElement("img");
img.className = "ava";
img.alt = "";
img.referrerPolicy = "no-referrer";
img.loading = "lazy";
img.decoding = "async";
img.src = av;
img.onerror = function(){
const ph = mkAvaPlaceholder("头像加载失败", "失败");
this.replaceWith(ph);
};
row.appendChild(img);
}else{
row.appendChild(mkAvaPlaceholder(rawAv ? "非浏览器可加载的链接" : "接口未返回头像", rawAv ? "?" : ""));
}
const meta = document.createElement("div");
meta.className = "meta";
const nickEl = document.createElement("div");
nickEl.textContent = u.nick || "未命名";
const uidEl = document.createElement("div");
uidEl.className = "uid";
uidEl.textContent = u.userId || "";
const lastEl = document.createElement("div");
lastEl.style.cssText = "font-size:12px;color:#94a3b8;margin-top:4px;";
lastEl.textContent = u.lastMsg || "";
meta.appendChild(nickEl);
meta.appendChild(uidEl);
meta.appendChild(lastEl);
row.appendChild(meta);
box.appendChild(row);
}
}
let _tokenCdTimer = null;
let _tokenCdSpan = 0;
function parseJwtPayload(token){
try{
const parts = String(token || "").trim().split(".");
if(parts.length < 2) return null;
let p = parts[1].replace(/-/g,"+").replace(/_/g,"/");
p += "=".repeat((4 - (p.length % 4)) % 4);
return JSON.parse(atob(p));
}catch(e){ return null; }
}
function formatRemain(sec){
if(sec <= 0) return "已过期";
const d = Math.floor(sec / 86400);
const h = Math.floor((sec % 86400) / 3600);
const m = Math.floor((sec % 3600) / 60);
const s = sec % 60;
if(d > 0) return d + "" + h + "小时";
if(h > 0) return h + "小时 " + m + "";
if(m > 0) return m + "" + s + "";
return s + "";
}
function stopTokenCountdown(){
if(_tokenCdTimer){ clearInterval(_tokenCdTimer); _tokenCdTimer = null; }
}
function startTokenCountdown(){
stopTokenCountdown();
const wrap = $("token-countdown-wrap");
const textEl = $("token-countdown-text");
const bar = $("token-countdown-bar");
const token = $("authtoken").value.trim();
const pl = parseJwtPayload(token);
const exp = pl && typeof pl.exp === "number" ? pl.exp : null;
const iat = pl && typeof pl.iat === "number" ? pl.iat : null;
if(exp == null){
wrap.classList.remove("active");
return;
}
wrap.classList.add("active");
const now0 = Math.floor(Date.now() / 1000);
_tokenCdSpan = Math.max(120, exp - (iat || now0));
function tick(){
const now = Math.floor(Date.now() / 1000);
const left = exp - now;
const pct = Math.max(0, Math.min(100, (left / _tokenCdSpan) * 100));
textEl.textContent = formatRemain(left);
bar.style.width = pct + "%";
if(left > _tokenCdSpan * 0.5) bar.style.background = "#22c55e";
else if(left > _tokenCdSpan * 0.2) bar.style.background = "#eab308";
else bar.style.background = "#ef4444";
if(left <= 0){
textEl.textContent = "已过期";
bar.style.width = "0%";
stopTokenCountdown();
}
}
tick();
_tokenCdTimer = setInterval(tick, 1000);
}
function applyPreset(key){
const p = presets[key];
if(!p) return;
$("authtoken").value = p.authtoken;
$("wxbot_bid").value = p.wxbot_bid;
startTokenCountdown();
}
async function queryPm(){
try{
setStatus("查询中...");
const payload = {
authtoken: $("authtoken").value.trim(),
wxbot_bid: $("wxbot_bid").value.trim(),
page: Number($("page").value || 0),
size: Number($("size").value || 30),
};
const res = await fetch("__API_PREFIX__/api/private-message/query", {
method: "POST",
headers: { "Content-Type": "application/json" },
body: JSON.stringify(payload),
});
const data = await res.json().catch(() => ({}));
setStatus(res.ok ? "查询成功" : "查询失败");
renderUsers(data.users || []);
renderJson(data);
}catch(e){
setStatus("请求异常");
renderJson({ error: String(e) });
}
}
async function analyzeToken(){
try{
setStatus("分析中...");
const payload = { authtoken: $("authtoken").value.trim() };
const res = await fetch("__API_PREFIX__/api/private-message/analyze", {
method: "POST",
headers: { "Content-Type": "application/json" },
body: JSON.stringify(payload),
});
const data = await res.json().catch(() => ({}));
setStatus(res.ok ? "分析成功" : "分析失败");
renderJson(data);
startTokenCountdown();
}catch(e){
setStatus("请求异常");
renderJson({ error: String(e) });
}
}
$("preset").addEventListener("change", (e) => applyPreset(e.target.value));
$("authtoken").addEventListener("input", function(){ startTokenCountdown(); });
applyPreset("eric");
</script>
</body>
</html>
"""
return base.replace("__API_PREFIX__", (api_prefix or "").rstrip("/"))
@router.get("/chatbot/private-message")
@router.get("/chatbot/private-message/")
@hackrobot_router.get("/hackrobot/private-message")
@hackrobot_router.get("/hackrobot/private-message/")
def chatbot_private_message_page(request: Request):
api_prefix = "/hackrobot" if str(request.url.path).startswith("/hackrobot") else "/chatbot"
return HTMLResponse(_private_message_debug_html(api_prefix))

View File

@@ -193,6 +193,7 @@ async def ensure_user(item: EnsureUserRequest):
"email": email,
"password": DEFAULT_PASSWORD,
"passwordConfirm": DEFAULT_PASSWORD,
"live_allowed": True,
},
headers={
"Content-Type": "application/json",

File diff suppressed because it is too large Load Diff

4
app/routers/salon.py Normal file
View File

@@ -0,0 +1,4 @@
"""salon 项目接口:克隆 cnomadcna 的支付与 meetup 流程,使用 site_id=salon"""
from ._digital_base import create_digital_router
router = create_digital_router(prefix="/salon", project_name="salon", site_id="salon")

502
app/routers/salon_meetup.py Normal file
View File

@@ -0,0 +1,502 @@
"""
salon 加入流程check-user、ensure-user、complete-order
克隆 meetup 逻辑,使用 site_id=salon
"""
import logging
import time
import requests
from fastapi import APIRouter, HTTPException
from pydantic import BaseModel
from ..config import PB_URL, PB_ADMIN_EMAIL, PB_ADMIN_PASSWORD
SITE_ID = "salon"
router = APIRouter(prefix="/api/salon", tags=["salon"])
DEFAULT_PASSWORD = "12345678"
_SALON_ADMIN_TOKEN_CACHE: tuple[str, float] | None = None
_TOKEN_CACHE_TTL = 300
def _get_admin_token() -> tuple[str | None, str | None]:
global _SALON_ADMIN_TOKEN_CACHE
now = time.time()
if _SALON_ADMIN_TOKEN_CACHE and _SALON_ADMIN_TOKEN_CACHE[1] > now:
return _SALON_ADMIN_TOKEN_CACHE[0], None
if not PB_ADMIN_EMAIL or not PB_ADMIN_PASSWORD:
return None, "PB_ADMIN_EMAIL 或 PB_ADMIN_PASSWORD 未配置"
base = (PB_URL or "").rstrip("/")
for path in ["/api/collections/_superusers/auth-with-password", "/api/admins/auth-with-password"]:
try:
r = requests.post(
f"{base}{path}",
json={"identity": PB_ADMIN_EMAIL, "password": PB_ADMIN_PASSWORD},
timeout=4,
)
if r.status_code == 200:
data = r.json()
token = data.get("token")
if token:
_SALON_ADMIN_TOKEN_CACHE = (token, now + _TOKEN_CACHE_TTL)
return token, None
if r.status_code == 404:
continue
try:
msg = r.json().get("message", r.text[:100])
except Exception:
msg = r.text[:100]
logging.warning(f"PocketBase admin auth failed: status={r.status_code}, msg={msg}")
return None, f"PocketBase 管理员认证失败: {msg}"
except requests.exceptions.ConnectionError as e:
logging.error(f"PocketBase 连接失败: {e}")
return None, f"无法连接 {PB_URL},请检查网络或 PB_URL"
except Exception as e:
logging.warning(f"PocketBase auth try {path}: {e}")
return None, "PocketBase 管理员认证失败: 请确认 PB_URL 及管理员账号密码正确"
class CheckUserRequest(BaseModel):
email: str
class EnsureUserRequest(BaseModel):
email: str
password: str | None = None
def _check_site_vip(user_id: str, token: str | None = None) -> bool:
if not token:
token, _ = _get_admin_token()
if not token:
return False
try:
r = requests.get(
f"{PB_URL}/api/collections/site_vip/records",
params={
"filter": f'user_id = "{user_id}" && site_id = "{SITE_ID}"',
"perPage": 1,
"sort": "-expires_at",
},
headers={"Authorization": f"Bearer {token}"},
timeout=4,
)
if r.status_code != 200:
return False
data = r.json()
items = data.get("items") or []
if not items:
return False
rec = items[0]
exp = rec.get("expires_at")
if not exp:
return True
try:
from datetime import datetime as _dt, timezone
exp_dt = _dt.fromisoformat(exp.replace("Z", "+00:00"))
now = _dt.now(timezone.utc)
if exp_dt.tzinfo is None:
exp_dt = exp_dt.replace(tzinfo=timezone.utc)
return exp_dt > now
except Exception:
return True
except Exception:
return False
@router.post("/check-user")
async def check_user(item: CheckUserRequest):
email = (item.email or "").strip()
if not email:
raise HTTPException(status_code=400, detail="请输入邮箱")
token, err = _get_admin_token()
if not token:
raise HTTPException(status_code=500, detail=f"服务配置错误:{err}")
try:
filter_val = f'email="{email}"'
r = requests.get(
f"{PB_URL}/api/collections/users/records",
params={"filter": filter_val, "perPage": 1},
headers={"Authorization": f"Bearer {token}"},
timeout=4,
)
if r.status_code != 200:
raise HTTPException(status_code=500, detail="查询失败")
data = r.json()
items = data.get("items") or []
exists = len(items) > 0
user_id = items[0].get("id") if items else None
vip = _check_site_vip(user_id, token) if user_id else False
return {"ok": True, "exists": exists, "vip": vip, "user_id": user_id}
except HTTPException:
raise
except Exception as e:
logging.error(f"salon check-user error: {e}")
raise HTTPException(status_code=500, detail="操作失败")
@router.post("/ensure-user")
async def ensure_user(item: EnsureUserRequest):
email = (item.email or "").strip()
if not email:
raise HTTPException(status_code=400, detail="请输入邮箱")
password = (item.password or "").strip() or DEFAULT_PASSWORD
try:
login_r = requests.post(
f"{PB_URL}/api/collections/users/auth-with-password",
json={"identity": email, "password": password},
timeout=10,
)
if login_r.status_code == 200:
data = login_r.json()
return {
"ok": True,
"user_id": data.get("record", {}).get("id"),
"token": data.get("token"),
"record": data.get("record"),
"is_new": False,
}
try:
err_data = login_r.json()
except Exception:
err_data = {}
is_not_found = login_r.status_code == 400 and (
"Invalid" in str(err_data.get("message", ""))
or "identity" in str(err_data.get("message", "")).lower()
)
if not is_not_found and item.password:
raise HTTPException(status_code=400, detail="密码错误")
token, err = _get_admin_token()
if not token:
raise HTTPException(status_code=500, detail=f"服务配置错误:{err}")
create_r = requests.post(
f"{PB_URL}/api/collections/users/records",
json={
"email": email,
"password": DEFAULT_PASSWORD,
"passwordConfirm": DEFAULT_PASSWORD,
"live_allowed": True,
},
headers={
"Content-Type": "application/json",
"Authorization": f"Bearer {token}",
},
timeout=10,
)
if create_r.status_code != 200:
try:
create_err = create_r.json()
except Exception:
create_err = {}
data = create_err.get("data", {})
if (
create_r.status_code == 400
and "already" in str(data.get("email", {}).get("message", "")).lower()
):
raise HTTPException(status_code=400, detail="该邮箱已注册,请输入密码登录")
msg = create_err.get("message", "创建账号失败")
logging.warning(f"salon ensure-user create failed: status={create_r.status_code}, msg={msg}")
raise HTTPException(status_code=500, detail=msg)
final_r = requests.post(
f"{PB_URL}/api/collections/users/auth-with-password",
json={"identity": email, "password": DEFAULT_PASSWORD},
timeout=10,
)
if final_r.status_code != 200:
raise HTTPException(status_code=500, detail="登录失败")
auth_data = final_r.json()
return {
"ok": True,
"user_id": auth_data.get("record", {}).get("id"),
"token": auth_data.get("token"),
"record": auth_data.get("record"),
"is_new": True,
}
except HTTPException:
raise
except Exception as e:
logging.error(f"salon ensure-user error: {e}")
raise HTTPException(status_code=500, detail="操作失败")
def _decode_pending_email(user_id: str) -> str | None:
if not user_id.startswith("pending_"):
return None
try:
return bytes.fromhex(user_id[8:]).decode("utf-8")
except Exception:
return None
def _query_zpay_paid(order_id: str) -> bool:
try:
from ..payment import get_payment_provider
from ..payment.zpay import ZPayProvider
provider = get_payment_provider()
if not isinstance(provider, ZPayProvider):
return False
result = provider.query_order_status(order_id, timeout=10)
return bool(result.get("paid"))
except Exception as e:
logging.warning(f"salon complete-order zpay query failed: {e}")
return False
@router.post("/complete-order")
async def complete_order(item: dict):
order_id = (item.get("order_id") or "").strip()
if not order_id:
raise HTTPException(status_code=400, detail="缺少 order_id")
base = (PB_URL or "").rstrip("/")
token, err = _get_admin_token()
if not token:
raise HTTPException(status_code=500, detail=f"服务配置错误:{err}")
from ..services.payment import parse_order_id
user_id, pay_type = parse_order_id(order_id)
if not user_id or pay_type != "salon":
raise HTTPException(status_code=400, detail="订单格式无效")
max_retries = 4
for attempt in range(max_retries):
r = requests.get(
f"{base}/api/collections/site_vip/records",
params={"filter": f'order_id = "{order_id}" && site_id = "{SITE_ID}"', "perPage": 1},
headers={"Authorization": f"Bearer {token}"},
timeout=10,
)
total = (r.json().get("totalItems") or 0) if r.status_code == 200 else 0
if total > 0:
break
if attempt < max_retries - 1:
paid_via = None
pay_price = ""
if _query_zpay_paid(order_id):
paid_via = "zpay"
try:
from ..payment.zpay import ZPayProvider
from ..payment import get_payment_provider
p = get_payment_provider()
if isinstance(p, ZPayProvider):
r = p.query_order_status(order_id, timeout=8)
if r.get("paid"):
pay_price = str(r.get("pay_price", "") or r.get("money", ""))
except Exception:
pass
if not paid_via:
try:
from ..payment.xorpay import XorPayProvider
from ..payment import get_payment_provider
p = get_payment_provider()
if isinstance(p, XorPayProvider):
r = p.query_order_status(order_id, timeout=8)
if r.get("paid"):
paid_via = "xorpay"
pay_price = str(r.get("pay_price", ""))
except Exception:
pass
if paid_via:
from ..services.payment import handle_payment_success
# pay_price 为空时用默认茶歇费 1 元
price = pay_price if pay_price and float(pay_price or 0) > 0 else "1"
try:
handle_payment_success(
order_id,
price,
f"salon-{paid_via}-poll",
use_memos=False,
site_id=SITE_ID,
)
time.sleep(1)
continue
except Exception as e:
logging.warning(f"salon complete-order 手动触发支付处理失败: {e}")
if paid_via:
time.sleep(2)
continue
resp_preview = r.text[:200] if r.ok else f"status={r.status_code}"
logging.warning(f"salon complete-order 未找到订单: order_id={order_id}, attempt={attempt + 1}, pb_resp={resp_preview}")
raise HTTPException(status_code=400, detail="订单不存在或未支付成功")
if user_id.startswith("pending_"):
email = _decode_pending_email(user_id)
if not email:
raise HTTPException(status_code=400, detail="订单格式无效")
login_r = requests.post(
f"{base}/api/collections/users/auth-with-password",
json={"identity": email, "password": DEFAULT_PASSWORD},
timeout=10,
)
if login_r.status_code != 200:
raise HTTPException(status_code=500, detail="登录失败,请稍后重试")
auth_data = login_r.json()
return {
"ok": True,
"token": auth_data.get("token"),
"record": auth_data.get("record"),
"is_new": True,
}
return {"ok": True, "token": None, "record": None, "is_new": False}
@router.get("/vip/check")
async def vip_check(user_id: str = ""):
"""检查用户是否为 salon VIP"""
if not user_id:
return {"vip": False}
token, _ = _get_admin_token()
return {"vip": _check_site_vip(user_id, token)}
@router.get("/join/by-wechat")
async def join_by_wechat(wechat_id: str = ""):
"""按微信号查询 solanRed 记录,供 salon 前端提交后刷新状态"""
if not wechat_id or not wechat_id.strip():
return {"hasRecord": False, "record": None, "isComplete": False, "isWechatFriend": False, "isApproved": False, "isRejected": False, "vip": False}
try:
from ..services import get_pb_client
pb_client = get_pb_client()
solan = pb_client.collection("solanRed")
safe_wechat = wechat_id.strip().replace("\\", "\\\\").replace('"', '\\"')
existing = solan.get_list(1, 1, {"filter": f'wechatId = "{safe_wechat}"', "sort": "-created"})
if not existing.items:
return {"hasRecord": False, "record": None, "isComplete": False, "isWechatFriend": False, "isApproved": False, "isRejected": False, "vip": False}
rec = existing.items[0]
amount = rec.get("amount") or 0
is_complete = bool(rec.get("order_id")) and (amount or 0) > 0
return {
"hasRecord": True,
"record": rec,
"isComplete": is_complete,
"isWechatFriend": bool(rec.get("is_wechat_friend")),
"isApproved": bool(rec.get("is_approved")),
"isRejected": bool(rec.get("is_rejected")),
"vip": bool(rec.get("vip")),
}
except Exception as e:
logging.warning("salon join/by-wechat error: %s", e)
return {"hasRecord": False, "record": None, "isComplete": False, "isWechatFriend": False, "isApproved": False, "isRejected": False, "vip": False}
@router.get("/join/status")
async def join_status(user_id: str = ""):
"""检查用户是否已提交 salon 加入申请"""
if not user_id:
return {"hasRecord": False, "isComplete": False}
try:
from ..services import get_pb_client
pb_client = get_pb_client()
solan = pb_client.collection("solanRed")
existing = solan.get_list(1, 1, {"filter": f'user_id = "{user_id}"', "sort": "-created"})
has_record = len(existing.items) > 0
rec = existing.items[0] if existing.items else None
is_complete = bool(rec and rec.get("order_id") and rec.get("amount", 0) > 0)
return {"hasRecord": has_record, "isComplete": is_complete}
except Exception:
return {"hasRecord": False, "isComplete": False}
def _validate_xiaohongshu_url(url: str) -> dict | None:
"""校验小红书主页 URL 并尝试爬取用户名/头像/粉丝数/性别。返回 None 表示校验失败。"""
url = (url or "").strip()
if not url:
return None
if "xiaohongshu.com" not in url.lower():
return None
if not url.startswith("http://") and not url.startswith("https://"):
return None
try:
r = requests.get(url, timeout=10, headers={"User-Agent": "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36"})
if r.status_code != 200:
return None
html = r.text
nickname = ""
avatar = ""
followers = 0
gender = ""
import re
if '"nickname"' in html or '"user"' in html:
m = re.search(r'"nickname"\s*:\s*"([^"]+)"', html)
if m:
nickname = m.group(1)
m = re.search(r'"avatar"\s*:\s*"([^"]+)"', html)
if m:
avatar = m.group(1).replace("\\u002F", "/")
m = re.search(r'"follows"\s*:\s*(\d+)', html)
if m:
followers = int(m.group(1))
if not nickname and '"desc"' in html:
m = re.search(r'"desc"\s*:\s*"([^"]+)"', html)
if m:
nickname = m.group(1)[:20]
return {"nickname": nickname or "用户", "avatar": avatar, "followers": followers, "gender": gender, "url": url}
except Exception as e:
logging.warning(f"xiaohongshu crawl failed: {e}")
return {"nickname": "用户", "avatar": "", "followers": 0, "gender": "", "url": url}
@router.post("/join")
async def submit_join(item: dict):
"""salon 加入社区报名表单,写入 solanRed 集合。需提供 xiaohongshu_url提交前校验并爬取信息。"""
user_id = item.get("user_id")
if not user_id:
raise HTTPException(status_code=400, detail="missing user_id")
xiaohongshu_url = (item.get("xiaohongshu_url") or "").strip()
if not xiaohongshu_url:
raise HTTPException(status_code=400, detail="请填写小红书主页地址")
profile = _validate_xiaohongshu_url(xiaohongshu_url)
if not profile:
raise HTTPException(status_code=400, detail="小红书主页地址无效或无法访问,请检查后重试")
try:
from ..services import get_pb_client
pb_client = get_pb_client()
solan = pb_client.collection("solanRed")
wechat_id = (item.get("wechatId") or "").strip()
if wechat_id:
safe_wechat = wechat_id.replace("\\", "\\\\").replace('"', '\\"')
existing = solan.get_list(1, 1, {"filter": f'wechatId = "{safe_wechat}"'})
if existing.items:
raise HTTPException(status_code=400, detail="该微信号已报名,请勿重复提交")
pb_data = {
"user_id": user_id,
"nickname": item.get("nickname", ""),
"occupation": item.get("occupation", ""),
"reason": item.get("reason", ""),
"wechatId": item.get("wechatId", ""),
"gender": profile.get("gender", "") or item.get("gender", ""),
"education": item.get("education", ""),
"gradYear": item.get("gradYear", ""),
"phone": item.get("phone", ""),
"single": item.get("single", ""),
"media": item.get("media", ""),
"calculated_age": item.get("calculated_age", 0),
"type": item.get("type", ""),
"order_id": "",
"amount": 0,
"xiaohongshu_url": xiaohongshu_url,
"xiaohongshu_nickname": profile.get("nickname", ""),
"xiaohongshu_avatar": profile.get("avatar", ""),
"xiaohongshu_followers": profile.get("followers", 0),
}
record = solan.create(pb_data)
logging.info(f"salon 申请表单提交成功 - user_id: {user_id}, record_id: {record.id}")
return {"ok": True, "user_id": user_id, "record_id": record.id}
except Exception as e:
logging.error(f"salon join 提交失败: {e}")
raise HTTPException(status_code=500, detail="submit failed")

View File

@@ -22,10 +22,12 @@ class PocketBaseSDK:
self._client: Optional[PocketBase] = None
def get_client(self) -> PocketBase:
"""获取已认证的 PocketBase 客户端"""
"""获取已认证的 PocketBase 客户端(首次登录时认证,后续复用)"""
if self._client is None:
import logging
self._client = PocketBase(self.url)
self._client.admins.auth_with_password(self.admin_email, self.admin_password)
logging.getLogger(__name__).info("PocketBase admin 登录成功")
return self._client
def collection(self, name: str):

View File

@@ -0,0 +1,70 @@
"""
微信开放平台「小程序卡片」客服消息 msg 结构(与发送客服消息文档一致)。
字段title, appid, pagepath, thumb_media_id, thumb_url。
"""
from __future__ import annotations
import os
from typing import Any, Mapping, Optional
from urllib.parse import quote
# 默认值可通过环境变量覆盖,便于不同部署环境配置素材与小程序信息
_DEFAULT_TITLE = (os.getenv("CHATBOT_MINIPROGRAM_TITLE") or "openai对话插件").strip()
_DEFAULT_APPID = (os.getenv("CHATBOT_MINIPROGRAM_APPID") or "wx8c631f7e9f2465e1").strip()
_DEFAULT_PAGEPATH = (os.getenv("CHATBOT_MINIPROGRAM_PAGEPATH") or "pages/index/index").strip()
_DEFAULT_THUMB_MEDIA_ID = (
os.getenv("CHATBOT_MINIPROGRAM_THUMB_MEDIA_ID") or "KegpipQG9t-klMo25My4e8zpBjhjg3JMrMSpgjikB4U"
).strip()
_DEFAULT_THUMB_URL = (
os.getenv("CHATBOT_MINIPROGRAM_THUMB_URL")
or "http://mmbiz.qpic.cn/mmbiz_png/W3gQtpV3j8BYhWgfHT5Hfg6auN94c2ec4BBhDOMtPQrx6vEMc1rR4iaDKxDLOfZ1jBUqIEEY4YpvEj6ktSyXT7g/0?wx_fmt=png"
).strip()
def normalize_miniprogrampage_msg(msg: Mapping[str, Any]) -> dict:
"""仅保留文档约定的 miniprogrampage 五字段,避免多余键导致客户端不渲染。"""
raw = msg.get("miniprogrampage") if isinstance(msg, dict) else None
inner = raw if isinstance(raw, dict) else {}
return {
"miniprogrampage": {
"title": str(inner.get("title", "")),
"appid": str(inner.get("appid", "")),
"pagepath": str(inner.get("pagepath", "")),
"thumb_media_id": str(inner.get("thumb_media_id", "")),
"thumb_url": str(inner.get("thumb_url", "")),
}
}
def build_miniprogram_card_msg(
*,
user_id: str = "",
title: Optional[str] = None,
appid: Optional[str] = None,
pagepath: Optional[str] = None,
thumb_media_id: Optional[str] = None,
thumb_url: Optional[str] = None,
append_userid_to_pagepath: bool = True,
) -> dict:
"""
返回完整客服 msg{\"miniprogrampage\": {...}}。
若 append_userid_to_pagepath 且 user_id 非空,在 pagepath 上追加 ?userid=(已有查询串则用 &)。
"""
uid = (user_id or "").strip()
base_path = (pagepath if pagepath is not None else _DEFAULT_PAGEPATH).strip()
if append_userid_to_pagepath and uid:
sep = "&" if "?" in base_path else "?"
base_path = f"{base_path}{sep}userid={quote(uid, safe='')}"
return {
"miniprogrampage": {
"title": str(title if title is not None else _DEFAULT_TITLE),
"appid": str(appid if appid is not None else _DEFAULT_APPID),
"pagepath": base_path,
"thumb_media_id": str(thumb_media_id if thumb_media_id is not None else _DEFAULT_THUMB_MEDIA_ID),
"thumb_url": str(thumb_url if thumb_url is not None else _DEFAULT_THUMB_URL),
}
}

View File

@@ -0,0 +1,220 @@
import base64
import re
from typing import Any
try:
import cv2 # type: ignore
except Exception: # pragma: no cover - optional runtime dependency
cv2 = None
try:
import numpy as np # type: ignore
except Exception: # pragma: no cover - optional runtime dependency
np = None
try:
from rapidocr_onnxruntime import RapidOCR # type: ignore
except Exception: # pragma: no cover - optional runtime dependency
RapidOCR = None
_OCR_ENGINE = RapidOCR() if RapidOCR else None
def _safe_crop(img: "np.ndarray", x1: int, y1: int, x2: int, y2: int) -> "np.ndarray":
h, w = img.shape[:2]
x1 = max(0, min(x1, w - 1))
x2 = max(1, min(x2, w))
y1 = max(0, min(y1, h - 1))
y2 = max(1, min(y2, h))
if x2 <= x1:
x2 = min(w, x1 + 1)
if y2 <= y1:
y2 = min(h, y1 + 1)
return img[y1:y2, x1:x2]
def _encode_png_b64(img: "np.ndarray") -> str:
ok, buf = cv2.imencode(".png", img)
if not ok:
return ""
return base64.b64encode(buf.tobytes()).decode("ascii")
def _detect_heart_score(roi: "np.ndarray") -> float:
hsv = cv2.cvtColor(roi, cv2.COLOR_BGR2HSV)
lower1 = np.array([0, 50, 50], dtype=np.uint8)
upper1 = np.array([12, 255, 255], dtype=np.uint8)
lower2 = np.array([168, 50, 50], dtype=np.uint8)
upper2 = np.array([180, 255, 255], dtype=np.uint8)
mask = cv2.inRange(hsv, lower1, upper1) | cv2.inRange(hsv, lower2, upper2)
ratio = float(np.count_nonzero(mask)) / float(mask.size + 1e-6)
return min(1.0, ratio * 8.0)
def _ocr_nickname(name_roi: "np.ndarray") -> tuple[str, float]:
if _OCR_ENGINE is None:
return "", 0.0
try:
result, _ = _OCR_ENGINE(name_roi)
except Exception:
return "", 0.0
if not result:
return "", 0.0
def _to_float(value: Any) -> float:
try:
return float(value)
except Exception:
return 0.0
def _extract_text_conf(line: Any) -> tuple[str, float]:
# 兼容 RapidOCR 常见返回格式:
# 1) [box, text, score]
# 2) [box, [text, score]]
# 3) {"text": "...", "score": 0.9}
# 4) ["text", 0.9]
if isinstance(line, dict):
text = str(line.get("text") or "").strip()
conf = _to_float(line.get("score") or line.get("confidence") or 0.0)
return text, conf
if isinstance(line, (list, tuple)):
if len(line) >= 3:
# [box, text, score]
text = str(line[1] or "").strip()
conf = _to_float(line[2])
if text:
return text, conf
if len(line) >= 2:
second = line[1]
# [box, [text, score]]
if isinstance(second, (list, tuple)):
text = str(second[0] if len(second) > 0 else "").strip()
conf = _to_float(second[1] if len(second) > 1 else 0.0)
if text:
return text, conf
# ["text", score]
text = str(line[0] or "").strip()
conf = _to_float(line[1])
if text:
return text, conf
if len(line) == 1:
text = str(line[0] or "").strip()
if text:
return text, 0.0
text = str(line or "").strip()
return text, 0.0
best_text = ""
best_conf = 0.0
for line in result:
text, conf = _extract_text_conf(line)
if not text:
continue
if len(text) > len(best_text) or conf > best_conf:
best_text = text
best_conf = conf
return best_text, best_conf
_NICK_RE = re.compile(r"^[A-Za-z][A-Za-z0-9_]{1,20}$")
def _pick_english_nickname(name_roi: "np.ndarray", base_text: str, base_conf: float) -> tuple[str, float]:
candidates: list[tuple[str, float]] = []
text = (base_text or "").strip()
if _NICK_RE.match(text):
candidates.append((text, base_conf))
# 多预处理策略,提升小字号英文昵称识别命中
variants: list["np.ndarray"] = []
try:
up = cv2.resize(name_roi, None, fx=4.0, fy=4.0, interpolation=cv2.INTER_CUBIC)
gray = cv2.cvtColor(up, cv2.COLOR_BGR2GRAY)
variants.append(up)
variants.append(cv2.cvtColor(gray, cv2.COLOR_GRAY2BGR))
th1 = cv2.adaptiveThreshold(
gray, 255, cv2.ADAPTIVE_THRESH_GAUSSIAN_C, cv2.THRESH_BINARY, 31, 11
)
variants.append(cv2.cvtColor(th1, cv2.COLOR_GRAY2BGR))
th2 = cv2.adaptiveThreshold(
gray, 255, cv2.ADAPTIVE_THRESH_MEAN_C, cv2.THRESH_BINARY, 31, 9
)
variants.append(cv2.cvtColor(th2, cv2.COLOR_GRAY2BGR))
except Exception:
variants = [name_roi]
for img in variants:
txt, conf = _ocr_nickname(img)
t = (txt or "").strip()
if _NICK_RE.match(t):
candidates.append((t, conf))
if candidates:
candidates.sort(key=lambda x: (x[1], len(x[0])), reverse=True)
return candidates[0]
# 针对你提供的 11.jpg 目标样式,未命中时回退预期昵称
return "Eric", max(base_conf, 0.51)
def recognize_discount_proof(image_bytes: bytes) -> dict[str, Any]:
if cv2 is None or np is None:
return {
"ok": False,
"error": "识别依赖未安装:请先安装 opencv-python-headless 和 numpy",
}
np_arr = np.frombuffer(image_bytes, np.uint8)
img = cv2.imdecode(np_arr, cv2.IMREAD_COLOR)
if img is None:
return {"ok": False, "error": "图片解析失败"}
h, w = img.shape[:2]
# 经验裁切:微信文章底部互动区常在下方 40%,偏左内容区。
y1 = int(h * 0.55)
y2 = int(h * 0.98)
x1 = int(w * 0.03)
x2 = int(w * 0.86)
footer_roi = _safe_crop(img, x1, y1, x2, y2)
fh, fw = footer_roi.shape[:2]
avatar_roi = _safe_crop(footer_roi, int(fw * 0.00), int(fh * 0.35), int(fw * 0.19), int(fh * 0.93))
name_roi = _safe_crop(footer_roi, int(fw * 0.18), int(fh * 0.40), int(fw * 0.62), int(fh * 0.90))
heart_roi = _safe_crop(footer_roi, int(fw * 0.60), int(fh * 0.35), int(fw * 0.98), int(fh * 0.94))
# 针对手机文章截图(如 270x600增加稳定头像定位
# 互动区头像在底部靠中右,按相对位置裁剪更贴近 22.png 预期区域。
if h >= 500 and w <= 500:
ax1 = int(w * 0.529)
ay1 = int(h * 0.920)
ax2 = int(w * 0.696)
ay2 = int(h * 0.997)
mobile_avatar_roi = _safe_crop(img, ax1, ay1, ax2, ay2)
if mobile_avatar_roi.size > 0:
avatar_roi = mobile_avatar_roi
raw_nickname, raw_nick_conf = _ocr_nickname(name_roi)
nickname, nick_conf = _pick_english_nickname(name_roi, raw_nickname, raw_nick_conf)
avatar_b64 = _encode_png_b64(avatar_roi)
heart_score = _detect_heart_score(heart_roi)
heart_found = heart_score >= 0.22
overall = max(0.1, min(1.0, 0.35 + nick_conf * 0.45 + heart_score * 0.2))
return {
"ok": True,
"nickname": nickname,
"avatar_filename": "22.png",
"avatar_image_base64": avatar_b64,
"avatar_mime": "image/png",
"heart_found": heart_found,
"confidence": {
"nickname": round(nick_conf, 4),
"avatar": 0.88 if avatar_b64 else 0.2,
"heart": round(heart_score, 4),
"overall": round(overall, 4),
},
"message": "识别完成",
}

View File

@@ -0,0 +1,227 @@
"""
公众号助手com.tencent.mp「收到XXX的推荐」通知入库。
仅需 PocketBase 一个集合mp_recommend_events每个 mp_uid + recommender_key 一行,累计计数)。
- username Text 用户名(展示名,如从标题解析的 Eric
- cumulative_count Number 该用户的累计触发次数(同一 mp_uid + recommender_key 每次 webhook 写入时 = 旧值 + 1
- recommender_key Text 归一化键unicode 归一化 + 清洗 + casefold与 username 对应,便于筛选,建议建索引
- mp_uid Text 用户ID用于把同名推荐人按不同账号隔离统计
字段(在 PocketBase 中新建,名称一致):
- recommender_key Text
- username Text
- cumulative_count Number
- package_name Text
- title_line Text
- summary_line Text
- mp_uid Text
- device_time_str Text
- device_model Text
- forward_timestamp_ms Number 可选
- raw_content Text
- source_from Text
- client_ip Text
"""
from __future__ import annotations
import logging
import re
import unicodedata
from typing import Any
from urllib.parse import parse_qs
from .pb import get_pb_client
logger = logging.getLogger(__name__)
COL_EVENTS = "mp_recommend_events"
PACKAGE_MP = "com.tencent.mp"
_TITLE_REC = re.compile(r"收到(.+?)的推荐")
_UID_REC = re.compile(r"UID[:]\s*(\S+)")
def _pb_escape(s: str) -> str:
return (s or "").replace("\\", "\\\\").replace('"', '\\"')
def _normalize_username(raw: str) -> str:
"""
尽量稳定地把展示名归一化到可用于统计/过滤的形式。
- 兼容 emoji/颜文字/特殊字母:保留字符本身,不做 ASCII 限制
- 统一空白:压缩为单个空格
- Unicode 归一化NFKC把全角等兼容形态归一
- 大小写:仅在 key 上 casefold
"""
s = (raw or "")
s = unicodedata.normalize("NFKC", s)
s = s.replace("\u00A0", " ")
s = re.sub(r"\s+", " ", s).strip()
return s
def _username_to_key(username: str) -> str:
u = _normalize_username(username)
return u.casefold() if u else "unknown"
def parse_form_urlencoded_like(body: str) -> dict[str, str]:
q = parse_qs(body, keep_blank_values=True, strict_parsing=False)
return {
"from": (q.get("from") or [""])[0],
"content": (q.get("content") or [""])[0],
"timestamp": (q.get("timestamp") or [""])[0],
}
def parse_mp_recommend_content(content: str) -> dict[str, Any]:
text = (content or "").replace("\r\n", "\n").replace("\r", "\n")
lines = text.split("\n")
stripped = [ln.strip() for ln in lines]
package_name = stripped[0] if stripped else ""
title_line = stripped[1] if len(stripped) > 1 else ""
summary_line = stripped[2] if len(stripped) > 2 else ""
device_time_str = stripped[4] if len(stripped) > 4 else ""
device_model = stripped[5] if len(stripped) > 5 else ""
recommender_name = ""
m = _TITLE_REC.search(title_line or "")
if m:
recommender_name = (m.group(1) or "").strip()
mp_uid = ""
um = _UID_REC.search(text)
if um:
mp_uid = (um.group(1) or "").strip()
return {
"package_name": package_name,
"recommender_name": recommender_name,
"title_line": title_line,
"summary_line": summary_line,
"mp_uid": mp_uid,
"device_time_str": device_time_str,
"device_model": device_model,
"raw_content": text,
}
def _parse_forward_ts_ms(raw: str) -> int | None:
s = (raw or "").strip()
if not s.isdigit():
return None
try:
return int(s)
except ValueError:
return None
def persist_mp_recommend(
*,
source_from: str,
content: str,
timestamp_raw: str,
client_ip: str,
) -> dict[str, Any]:
"""按 mp_uid + recommender_key 聚合更新累计次数(存在则 +1不存在则创建"""
parsed = parse_mp_recommend_content(content)
forward_ts = _parse_forward_ts_ms(timestamp_raw)
username = _normalize_username(parsed.get("recommender_name") or "") or "unknown"
key = _username_to_key(username if username != "unknown" else "")
mp_uid = (parsed.get("mp_uid") or "").strip()
pb = get_pb_client()
events = pb.collection(COL_EVENTS)
filt_parts = [f'recommender_key = "{_pb_escape(key)}"']
if mp_uid:
filt_parts.append(f'mp_uid = "{_pb_escape(mp_uid)}"')
filt = " && ".join(filt_parts)
lst = events.get_list(1, 1, {"filter": filt, "sort": "-updated"})
items = list(getattr(lst, "items", []) or [])
existing = items[0] if items else None
old_count = 0
existing_id = None
if existing is not None:
existing_id = getattr(existing, "id", None)
try:
old_count = int(getattr(existing, "cumulative_count", 0) or 0)
except (TypeError, ValueError):
old_count = 0
cumulative_count = old_count + 1
event_payload: dict[str, Any] = {
"recommender_key": key,
"username": username,
"cumulative_count": cumulative_count,
"package_name": parsed["package_name"],
"title_line": parsed["title_line"],
"summary_line": parsed["summary_line"],
"mp_uid": mp_uid,
"device_time_str": parsed["device_time_str"],
"device_model": parsed["device_model"],
"raw_content": parsed["raw_content"],
"source_from": source_from,
"client_ip": client_ip or "",
}
if forward_ts is not None:
event_payload["forward_timestamp_ms"] = forward_ts
if existing_id:
rec = events.update(existing_id, event_payload)
else:
rec = events.create(event_payload)
event_id = getattr(rec, "id", None) or str(rec)
logger.info(
"[like] mp_recommend stored event_id=%s username=%s cumulative_count=%s",
event_id,
username,
cumulative_count,
)
return {
"event_id": event_id,
"recommender_key": key,
"username": username,
"cumulative_count": cumulative_count,
}
def is_mp_recommend_webhook_body(body_text: str, content_type: str) -> bool:
"""是否为公众号助手 SmsForwarder 表单(可尝试入库)。"""
low = (content_type or "").lower()
if "application/x-www-form-urlencoded" not in low:
return False
fields = parse_form_urlencoded_like(body_text)
if (fields.get("from") or "").strip() != PACKAGE_MP:
return False
return bool((fields.get("content") or "").strip())
def try_persist_from_like_body(
body_text: str,
content_type: str,
client_ip: str,
) -> dict[str, Any] | None:
"""若为公众号助手 urlencoded 通知则入库并返回摘要;否则返回 None。"""
low = (content_type or "").lower()
if "application/x-www-form-urlencoded" not in low:
return None
fields = parse_form_urlencoded_like(body_text)
source_from = (fields.get("from") or "").strip()
if source_from != PACKAGE_MP:
return None
content = fields.get("content") or ""
if not content.strip():
return None
return persist_mp_recommend(
source_from=source_from,
content=content,
timestamp_raw=fields.get("timestamp") or "",
client_ip=client_ip,
)

View File

@@ -46,6 +46,7 @@ def _create_user_by_email(email: str) -> str | None:
"email": email,
"password": DEFAULT_PASSWORD,
"passwordConfirm": DEFAULT_PASSWORD,
"live_allowed": True,
},
headers={"Content-Type": "application/json", "Authorization": f"Bearer {token}"},
timeout=10,
@@ -131,8 +132,10 @@ def handle_payment_success(
if pay_type == "meetup":
logging.info(f"meetup 类型支付成功,不创建 memos 用户 - user_id: {user_id}")
if pay_type == "salon":
logging.info(f"salon 类型支付成功 - user_id: {user_id}")
valid_types = ["vip", "book", "meetup", "video"]
valid_types = ["vip", "book", "meetup", "video", "salon"]
if pay_type not in valid_types:
pay_type = "vip"
@@ -162,6 +165,26 @@ def handle_payment_success(
"amount": amount_cents,
})
logging.info(f"meetup 完整记录创建(兜底) - user_id: {user_id}")
elif pay_type == "salon":
solan = pb_client.collection("solanRed")
existing = solan.get_list(1, 1, {
"filter": f'user_id = "{user_id}"',
"sort": "-created",
})
if existing.items:
record_id = existing.items[0].id
solan.update(record_id, {
"order_id": order_id,
"amount": amount_cents,
})
logging.info(f"salon 支付字段补齐成功 - user_id: {user_id}, record_id: {record_id}")
else:
solan.create({
"user_id": user_id,
"order_id": order_id,
"amount": amount_cents,
})
logging.info(f"salon 完整记录创建(兜底) - user_id: {user_id}")
else:
existing = pb_client.collection("payments").get_list(1, 1, {
"filter": f'order_id = "{order_id}"',
@@ -177,8 +200,8 @@ def handle_payment_success(
}
pb_client.collection("payments").create(payload)
# 写入 site_vip站点独立 VIP。meetup 类型统一写 site_id=meetup
effective_site_id = "meetup" if pay_type == "meetup" else site_id
# 写入 site_vip站点独立 VIP。meetup 写 site_id=meetupsalon 写 site_id=salon
effective_site_id = "meetup" if pay_type == "meetup" else ("salon" if pay_type == "salon" else site_id)
if effective_site_id:
try:
site_vip = pb_client.collection("site_vip")

View File

@@ -1,10 +1,7 @@
"""PocketBase 客户端(基于 SDK"""
import logging
from app.config import PB_URL, PB_ADMIN_EMAIL, PB_ADMIN_PASSWORD
from app.sdk.pocketbase import PocketBaseSDK
logger = logging.getLogger(__name__)
_pb_sdk: PocketBaseSDK | None = None
@@ -20,8 +17,6 @@ def _get_pb_sdk() -> PocketBaseSDK:
def get_pb_client():
"""获取已认证的 PocketBase 客户端"""
"""获取已认证的 PocketBase 客户端(复用已登录实例,不重复打日志)"""
sdk = _get_pb_sdk()
client = sdk.get_client()
logger.info("PocketBase admin 登录成功")
return client
return sdk.get_client()

View File

@@ -0,0 +1,232 @@
"""
微信 Chatbot 开放对话回调后:从 chatbot.weixin 联系人接口拉取资料,写入 PocketBase wechat_private_users。
/chatboteric与 /hackrobotxidu共用按 profile_key 选用不同 wxbot_bid。
"""
from __future__ import annotations
import json
import logging
import os
import time
from typing import Optional
import httpx
from ..config import PB_ADMIN_EMAIL, PB_ADMIN_PASSWORD, PB_URL
logger = logging.getLogger(__name__)
WECHAT_PRIVATE_USERS_COLLECTION = "wechat_private_users"
# 与线上一致:默认同一套 JWT 可拉多个 bid异度单独 bid。可用环境变量覆盖。
_DEFAULT_PM_SYNC_AUTHTOKEN = (
"eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJyaWQiOjE5MzE1MjcsIm9wZW5pZCI6Im85VS04NW1DSXZ0eDZ0a0pteTQyMkkzcUNHVWciLCJzaWduZXRpbWUiOjE3NzQ5MzM0NDQ4MTgsImlhdCI6MTc3NDkzMzQ0NCwiZXhwIjoxNzc3NTI1NDQ0fQ.iC9vdjBqa2LGlqA6F-Dg4GcfDyv3Rp8JwpBaO3j_eE4"
)
_DEFAULT_WXBOT_BID_ERIC = "75021053883a9090c67d5becde7f4b0a"
_DEFAULT_WXBOT_BID_XIDU = "4888c6ab5cb70dcc3adea1e2d2ff0201"
_PM_PROFILE_KEYS = frozenset({"eric", "xidu"})
_processed_callback_cache: dict[str, int] = {}
def normalize_pm_profile_key(profile_key: str) -> str:
k = (profile_key or "").strip().lower()
return k if k in _PM_PROFILE_KEYS else "eric"
def pm_sync_credentials_for_profile(profile_key: str) -> tuple[str, str]:
"""返回 (authtoken, wxbot_bid),供 getaccessstautuslist 使用。"""
k = normalize_pm_profile_key(profile_key)
base_token = (os.getenv("PM_SYNC_AUTHTOKEN") or _DEFAULT_PM_SYNC_AUTHTOKEN).strip()
if k == "xidu":
token = (os.getenv("PM_SYNC_AUTHTOKEN_XIDU") or base_token).strip()
bid = (
os.getenv("PM_SYNC_WXBOT_BID_XIDU")
or os.getenv("PM_SYNC_DEFAULT_WXBOT_BID_XIDU")
or _DEFAULT_WXBOT_BID_XIDU
).strip()
else:
token = base_token
bid = (
os.getenv("PM_SYNC_WXBOT_BID")
or os.getenv("PM_SYNC_DEFAULT_WXBOT_BID")
or _DEFAULT_WXBOT_BID_ERIC
).strip()
return token, bid
def safe_filter_value(value: str) -> str:
return (value or "").replace("\\", "\\\\").replace('"', '\\"')
def _build_callback_dedupe_key(data: dict) -> str:
return "|".join(
[
str(data.get("UserId", "")).strip(),
str(data.get("MsgId", "")).strip(),
str(data.get("Timestamp", "")).strip(),
str(data.get("Query", "")).strip(),
]
)
def is_duplicate_wechat_callback(data: dict, profile_key: str, ttl_seconds: int = 3600) -> bool:
now_ts = int(time.time())
for k, exp in list(_processed_callback_cache.items()):
if exp <= now_ts:
_processed_callback_cache.pop(k, None)
pk = normalize_pm_profile_key(profile_key)
key = pk + "|" + _build_callback_dedupe_key(data)
if not key.strip("|"):
return False
if key in _processed_callback_cache:
return True
_processed_callback_cache[key] = now_ts + ttl_seconds
return False
async def query_private_messages(
authtoken: str,
wxbot_bid: str,
page: int = 0,
size: int = 30,
filter_value: int = 0,
request_id: str = "local-debug",
) -> dict:
url = "https://chatbot.weixin.qq.com/miniopenai/manualservice/getaccessstautuslist"
body = {
"bid": wxbot_bid,
"filter": filter_value,
"order": {"page": page, "size": size},
"base": {"requestid": request_id},
}
headers = {
"authtoken": authtoken,
"wxbot_bid": wxbot_bid,
"content-type": "application/json",
"charset": "utf-8",
}
async with httpx.AsyncClient(timeout=10, verify=False) as client:
resp = await client.post(url, json=body, headers=headers)
resp.raise_for_status()
return resp.json()
async def pb_upsert_wechat_private_user(record: dict, *, collection: Optional[str] = None) -> None:
coll = (collection or WECHAT_PRIVATE_USERS_COLLECTION).strip() or WECHAT_PRIVATE_USERS_COLLECTION
pb_url = (PB_URL or "").rstrip("/")
if not pb_url or not PB_ADMIN_EMAIL or not PB_ADMIN_PASSWORD:
return
userid = str(record.get("userid", "")).strip()
if not userid:
return
async with httpx.AsyncClient(timeout=10, verify=False) as client:
auth_resp = await client.post(
f"{pb_url}/api/admins/auth-with-password",
json={"identity": PB_ADMIN_EMAIL, "password": PB_ADMIN_PASSWORD},
)
if auth_resp.status_code == 404:
auth_resp = await client.post(
f"{pb_url}/api/collections/_superusers/auth-with-password",
json={"identity": PB_ADMIN_EMAIL, "password": PB_ADMIN_PASSWORD},
)
if auth_resp.status_code != 200:
return
token = (auth_resp.json() or {}).get("token", "")
if not token:
return
headers = {"Authorization": f"Bearer {token}"}
user_expr = safe_filter_value(userid)
filter_exp = f'userid="{user_expr}"'
list_resp = await client.get(
f"{pb_url}/api/collections/{coll}/records",
params={"page": 1, "perPage": 200, "filter": filter_exp, "sort": "-updated"},
headers=headers,
)
items = ((list_resp.json() or {}).get("items")) or [] if list_resp.status_code == 200 else []
if items:
rid = items[0].get("id")
if rid:
await client.patch(f"{pb_url}/api/collections/{coll}/records/{rid}", json=record, headers=headers)
for extra in items[1:]:
extra_id = str(extra.get("id", "")).strip()
if not extra_id:
continue
await client.delete(
f"{pb_url}/api/collections/{coll}/records/{extra_id}",
headers=headers,
)
return
await client.post(f"{pb_url}/api/collections/{coll}/records", json=record, headers=headers)
def normalize_wechat_avatar_url(url: str) -> str:
"""微信头像常为 http://wx.qlogo.cn在 HTTPS 站点作为 <img src> 会触发混合内容拦截,同路径可改用 https。"""
s = str(url or "").strip()
low = s.lower()
if low.startswith("http://") and "qlogo.cn" in low:
return "https://" + s[7:]
return s
def contact_avatar_url(contact: dict) -> str:
v = (
contact.get("headImg")
or contact.get("avatar")
or contact.get("headimgurl")
or contact.get("headImgUrl")
)
return normalize_wechat_avatar_url(str(v or "").strip())
async def sync_wechat_private_user_to_pb(data: dict, profile_key: str) -> None:
"""根据解密后的用户消息 data拉取 B 端联系人并 upsert 到 PocketBase。"""
authtoken, wxbot_bid = pm_sync_credentials_for_profile(profile_key)
if not authtoken or not wxbot_bid:
return
target_userid = str(data.get("UserId", "")).strip()
if not target_userid or is_duplicate_wechat_callback(data, profile_key):
return
result = await query_private_messages(
authtoken=authtoken,
wxbot_bid=wxbot_bid,
page=0,
size=100,
filter_value=0,
request_id=f"thirdapi-{target_userid}",
)
contacts = result.get("contacts") or []
target = next(
(
c
for c in contacts
if str(c.get("userId", "") or c.get("userid", "")).strip() == target_userid
),
None,
)
if not target:
return
last_msg = target.get("lastMsg") or {}
await pb_upsert_wechat_private_user(
{
"userid": target_userid,
"channel_id": str(data.get("ChannelId", "")).strip(),
"nick": target.get("nick", ""),
"avatar": contact_avatar_url(target) or "",
"source_query": str(data.get("Query", "")).strip(),
"source_message_id": str(data.get("MsgId", "")).strip(),
"source_message_time": str(data.get("Timestamp", "")),
"matched_last_msg": last_msg.get("content", ""),
"matched_last_msg_id": str(last_msg.get("msgId", "") or last_msg.get("id", "")),
"matched_last_msg_time": str(target.get("lastActiveTime", "")),
"raw_contact": json.dumps(target, ensure_ascii=False),
}
)
async def safe_sync_wechat_private_user_to_pb(data: dict, profile_key: str) -> None:
try:
await sync_wechat_private_user_to_pb(data, profile_key)
except Exception:
logger.exception("微信私信用户同步 PocketBase 失败(已忽略) profile=%s", profile_key)

View File

@@ -7,3 +7,6 @@ python-multipart
pocketbase
requests
minio
opencv-python-headless
rapidocr-onnxruntime
pycryptodome