· 6 years ago · May 22, 2019, 09:08 AM
1const config = require('config')
2const md5 = require('md5')
3const qs = require('qs')
4
5const asyncMdw = require('@utils/async-mdw')
6const AppError = require('@utils/exception')
7
8const { sortObjectPropertyKey } = require('@utils/lib')
9
10module.exports = router => {
11 router.get('/result', asyncMdw(async (req, res, next) => {
12 const secretKey = config.get('vnp.secretKey')
13 let vnpParams = req.query
14 let secureHash = vnpParams.vnp_SecureHash
15
16 delete vnpParams.vnp_SecureHash
17 delete vnpParams.vnp_SecureHashType
18
19 vnpParams = sortObjectPropertyKey(vnpParams)
20 const signData = secretKey + qs.stringify(vnpParams, { encode: false })
21 const checksum = md5(signData)
22
23 if (secureHash !== checksum) {
24 throw new AppError('E_DATA_INVALID', 403)
25 }
26
27 res.json({
28 transactionCode: vnpParams.vnp_ResponseCode
29 })
30 }))
31}