Upload 23 files

README.md

@@ -1,12 +1,84 @@
 ---
-title: PayHook
-emoji: 👁
-colorFrom: yellow
-colorTo: purple
+title: payHook - Payment Webhook Handler
+emoji: 🐨
+colorFrom: pink
+colorTo: pink
 sdk: gradio
-sdk_version: 5.38.1
-app_file: app.py
+sdk_version: 4.36.1
+app_file: main.py
 pinned: false
+license: mit
 ---
 
-Check out the configuration reference at https://huggingface.co/docs/hub/spaces-config-reference
+# payHook - 支付回调处理服务
+
+这是一个用于处理支付回调的Web服务，支持爱发电(Afdian)等平台的支付通知处理。
+
+## 功能特性
+
+- 支付回调处理
+- 用户账户管理
+- 余额更新
+- 订阅时间管理
+- 安全的API接口
+
+## 快速开始
+
+### 1. 环境配置
+
+在 Hugging Face Spaces 中：
+1. 进入 Space 设置页面
+2. 点击 "Settings" > "Repository secrets"
+3. 添加必要的环境变量（详见 [SECURITY.md](SECURITY.md)）
+
+### 2. 本地开发
+
+```bash
+# 克隆项目
+git clone <your-repo-url>
+cd payHook
+
+# 安装依赖
+pip install -r requirements.txt
+
+# 配置环境变量
+cp env.example .env
+# 编辑 .env 文件填入实际配置
+
+# 运行服务
+python main.py
+```
+
+## 安全说明
+
+本项目仅用于学习和演示目的，生产环境请务必：
+- 使用环境变量管理敏感信息
+- 添加适当的身份验证
+- 实施速率限制
+- 使用HTTPS
+
+## 配置
+
+请通过环境变量配置以下敏感信息：
+- `ALIYUN_ACCESS_KEY_ID` - 阿里云访问密钥ID
+- `ALIYUN_ACCESS_KEY_SECRET` - 阿里云访问密钥Secret
+- `ALIYUN_ENDPOINT` - 阿里云TableStore端点
+- `ALIYUN_INSTANCE_NAME` - 阿里云TableStore实例名
+- `MYSQL_HOST` - MySQL主机地址
+- `MYSQL_USER` - MySQL用户名
+- `MYSQL_PASSWORD` - MySQL密码
+- `MYSQL_DATABASE` - MySQL数据库名
+
+## API 文档
+
+启动服务后，访问 `http://localhost:7860/docs` 查看完整的API文档。
+
+## 安全更新
+
+- ✅ 移除硬编码的敏感信息
+- ✅ 添加环境变量支持
+- ✅ 增强错误处理和日志记录
+- ✅ 添加参数验证
+- ✅ 完善文档说明
+
+Check out the configuration reference at https://huggingface.co/docs/hub/spaces-config-reference

SECURITY.md

@@ -0,0 +1,63 @@
+# 安全配置指南
+
+## 概述
+
+本项目是一个支付回调处理服务，处理敏感信息时需要特别注意安全性。
+
+## 环境变量配置
+
+### 在 Hugging Face Spaces 中配置
+
+1. 进入你的 Space 设置页面
+2. 点击 "Settings" > "Repository secrets"
+3. 添加以下环境变量：
+
+```
+ALIYUN_ACCESS_KEY_ID=你的阿里云访问密钥ID
+ALIYUN_ACCESS_KEY_SECRET=你的阿里云访问密钥Secret
+ALIYUN_ENDPOINT=你的阿里云TableStore端点
+ALIYUN_INSTANCE_NAME=你的阿里云TableStore实例名
+MYSQL_HOST=你的MySQL主机地址
+MYSQL_USER=你的MySQL用户名
+MYSQL_PASSWORD=你的MySQL密码
+MYSQL_DATABASE=你的MySQL数据库名
+```
+
+### 本地开发配置
+
+1. 复制 `env.example` 为 `.env`
+2. 填入实际的配置值
+3. 确保 `.env` 文件已添加到 `.gitignore`
+
+## 安全最佳实践
+
+1. **永远不要在代码中硬编码敏感信息**
+2. **定期轮换访问密钥**
+3. **使用最小权限原则**
+4. **启用日志记录监控异常活动**
+5. **定期更新依赖包**
+6. **使用HTTPS进行生产环境通信**
+
+## 错误处理
+
+项目已添加完善的错误处理和日志记录，包括：
+- 参数验证
+- 异常捕获和记录
+- 用户友好的错误消息
+- 敏感信息过滤
+
+## 监控和日志
+
+所有关键操作都会记录日志，包括：
+- 用户登录/注册
+- 支付处理
+- 数据库操作
+- 错误和异常
+
+## 合规性
+
+本项目仅用于学习和演示目的。在生产环境中使用时，请确保：
+- 符合相关数据保护法规
+- 实施适当的数据加密
+- 建立数据备份和恢复机制
+- 定期进行安全审计 

env.example

@@ -0,0 +1,11 @@
+# 阿里云 TableStore 配置
+ALIYUN_ACCESS_KEY_ID=your_access_key_id
+ALIYUN_ACCESS_KEY_SECRET=your_access_key_secret
+ALIYUN_ENDPOINT=your_endpoint
+ALIYUN_INSTANCE_NAME=your_instance_name
+
+# MySQL 数据库配置
+MYSQL_HOST=your_mysql_host
+MYSQL_USER=your_mysql_user
+MYSQL_PASSWORD=your_mysql_password
+MYSQL_DATABASE=your_database_name 

main.py

@@ -0,0 +1,28 @@
+import uvicorn
+import os
+import sys
+
+def check_environment():
+    """检查必要的环境变量"""
+    required_vars = [
+        'ALIYUN_ACCESS_KEY_ID',
+        'ALIYUN_ACCESS_KEY_SECRET',
+        'ALIYUN_ENDPOINT',
+        'ALIYUN_INSTANCE_NAME'
+    ]
+    
+    missing_vars = []
+    for var in required_vars:
+        if not os.getenv(var):
+            missing_vars.append(var)
+    
+    if missing_vars:
+        print("警告: 缺少以下环境变量:")
+        for var in missing_vars:
+            print(f"  - {var}")
+        print("\n请设置这些环境变量以确保服务正常运行。")
+        print("在Hugging Face Spaces中，请在Settings > Repository secrets中添加这些变量。")
+
+if __name__ == "__main__":
+    check_environment()
+    uvicorn.run("server.api:app", host="0.0.0.0", port=7860, reload=True)

requirements.txt

@@ -0,0 +1,9 @@
+requests==2.31.0
+aiohttp==3.7.3
+fastapi==0.112.0
+urllib3==2.0.7
+tablestore==6.0.1
+pydantic==2.5.0
+uvicorn==0.27.0
+mysql-connector-python==8.2.0
+python-dotenv==1.0.0

server/account_manager.py

@@ -0,0 +1,149 @@
+import time
+import logging
+from fastapi import  HTTPException,APIRouter
+from .pydanticModel import *
+from .dao import tableStore
+
+# 配置日志
+logging.basicConfig(level=logging.INFO)
+logger = logging.getLogger(__name__)
+
+router = APIRouter()
+
+# 定义路由和函数
+@router.post("/login")
+@router.get("/login")
+async def login(login: signIn):
+    """用户登录"""
+    # ->"user info or throw error"
+    
+    # 检查 ots_client 是否可用
+    if router.ots_client is None:
+        logger.error("OTS client not initialized")
+        raise HTTPException(status_code=500, detail="服务配置错误")
+    
+    # 检查email和password是否匹配
+    table_store = tableStore(ots_client=router.ots_client,table_name=router.table_name)
+    try:
+        login_result = table_store.login(login.email, login.password)
+        if login_result['ec']==200:
+            logger.info(f"User {login.email} logged in successfully")
+            return login_result
+        else:
+            logger.warning(f"Login failed for {login.email}")
+            raise HTTPException(status_code=400, detail="login failed in table store")
+    except Exception as e:
+        logger.error(f"Login error: {e}")
+        print(e)
+        raise HTTPException(status_code=400, detail="sign in failed")
+
+@router.get("/signUp")
+@router.post("/signUp")
+async def sign_up(signUp: signUp):
+    """用户注册"""
+    # ->"user info or throw error"
+    
+    # 检查 ots_client 是否可用
+    if router.ots_client is None:
+        logger.error("OTS client not initialized")
+        raise HTTPException(status_code=500, detail="服务配置错误")
+    
+    table_store = tableStore(ots_client=router.ots_client,table_name=router.table_name)
+    try:
+        signUp_result = table_store.userSignUp(signUp.email,signUp.password)
+        if signUp_result['ec']==200:
+            logger.info(f"User {signUp.email} registered successfully")
+            return signUp_result
+        else:
+            logger.warning(f"Sign up failed for {signUp.email}")
+            raise HTTPException(status_code=400, detail="sign up failed in table store")
+    except Exception as e:
+        logger.error(f"Sign up error: {e}")
+        raise HTTPException(status_code=400, detail="sign up failed")
+
+@router.get("/purchase")
+@router.post("/purchase")
+async def purchase(plan: userPlan):
+    """用户购买服务"""
+    #->bool or raise error
+    
+    # 检查 ots_client 是否可用
+    if router.ots_client is None:
+        logger.error("OTS client not initialized")
+        raise HTTPException(status_code=500, detail="服务配置错误")
+    
+    # 提取plan价格和时间
+    price = plan.price
+    time_to_add = plan.duration_seconds
+    email = plan.email
+    password = plan.password
+    
+    # 验证参数
+    if price <= 0 or time_to_add <= 0:
+        raise HTTPException(status_code=400, detail="Invalid price or duration")
+    
+    table_store = tableStore(ots_client=router.ots_client, table_name=router.table_name)
+    # 读取存储数据,如果存的expiredAt>now,那么从expiredAt加时间
+    # 如果存的<now ,那么从now加时间 （总之是取两者较大+time_to_add）
+
+    try:
+        table_store.getUserInfo(email=email)
+        cur_balance  = table_store.balance
+        cur_expired_at = table_store.expired_at
+        cur_time = int(time.time())
+        user_password_stored = table_store.stored_password
+
+        if cur_balance -price <0:
+            logger.warning(f"Insufficient balance for {email}")
+            raise HTTPException(status_code=400, detail="balance not enough")
+        elif password!=user_password_stored:
+            logger.warning(f"Authentication failed for {email}")
+            raise HTTPException(status_code=400, detail="auth not pass in purchase")
+        else:
+            expired_new = max(cur_expired_at, cur_time) + time_to_add
+            balance_new = cur_balance -price
+            # 更新余额和时间
+            update_balance_result = table_store.updateColumnByPrimaryKey(
+                key=router.key,
+                key_value=email,
+                update_column='balance',
+                update_column_value=balance_new
+            )
+            if not update_balance_result:
+                logger.error(f"Failed to update balance for {email}")
+                raise HTTPException(status_code=400, detail="updateBalance 结果失败")
+            update_expired_result = table_store.updateColumnByPrimaryKey(
+                key=router.key,
+                key_value=email,
+                update_column='expiredAt',
+                update_column_value=expired_new
+            )
+            if not update_expired_result:
+                logger.error(f"Failed to update expired time for {email}")
+                raise HTTPException(status_code=400, detail="update_expired_result 结果失败")
+            
+            logger.info(f"Purchase successful for {email}")
+            return True
+    except HTTPException:
+        raise
+    except Exception as e:
+        logger.error(f"Purchase error: {e}")
+        raise HTTPException(status_code=500, detail="Purchase failed")
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+

server/api.py

@@ -0,0 +1,54 @@
+from fastapi import FastAPI
+from .notify import router as NotifyRouter
+from .utils import config
+from tablestore import OTSClient
+from .account_manager import router as accountManagerRouter
+import os
+
+# 从环境变量读取敏感信息
+access_key_id = os.getenv('ALIYUN_ACCESS_KEY_ID', '')
+access_key_secret = os.getenv('ALIYUN_ACCESS_KEY_SECRET', '')
+end_point = os.getenv('ALIYUN_ENDPOINT', '')
+instance_name = os.getenv('ALIYUN_INSTANCE_NAME', '')
+table_name = 'user'
+primary_key = 'email'
+
+# 检查必要的环境变量
+if not all([access_key_id, access_key_secret, end_point, instance_name]):
+    print("警告: 缺少必要的阿里云配置环境变量")
+    # 使用默认值或抛出错误
+    ots_client = None
+else:
+    ots_client = OTSClient(
+        end_point=end_point,
+        access_key_id=access_key_id,
+        access_key_secret=access_key_secret,
+        instance_name=instance_name
+    )
+
+accountManagerRouter.key = primary_key
+accountManagerRouter.ots_client = ots_client
+accountManagerRouter.table_name = table_name
+
+#和hook.pixiv.digital/uu兼容  故分开
+NotifyRouter.key = primary_key
+NotifyRouter.ots_client = ots_client
+NotifyRouter.table_name = table_name
+
+app = FastAPI(
+    title="payHook API",
+    description="支付回调处理服务",
+    version="1.0.0"
+)
+
+@app.get("/config.json", tags=["Root"])
+async def read_root() -> dict:
+    return config
+
+# 全局路由
+app.include_router(accountManagerRouter,prefix='/accountManager')
+app.include_router(NotifyRouter, prefix=config['notify'])  # https://hook.pixiv.digital/uu接受回调
+
+if __name__ == '__main__':
+    print(config['notify'])
+

server/config.json

@@ -0,0 +1,8 @@
+
+{
+  "notify": "/uu",
+  "databaseName": "your_database_name",
+  "databaseUser": "your_database_user",
+  "password": "your_database_password",
+  "host": "your_database_host"
+}

server/dao.py

@@ -0,0 +1,180 @@
+import time
+from tablestore import *
+
+# 定义一个自定义错误类
+class customError(Exception):
+    def __init__(self, message,original_exception=None):
+        super().__init__(message)
+        self.message = message
+        self.original_expection = original_exception
+        print("original exception:",original_exception)
+
+class tableStore:
+    # 使用单例来保证new对象的时候减少负担
+    _instance = None
+
+    def __new__(cls, ots_client, table_name):
+        if cls._instance is None:
+            print('table store cls 实例为none, 创建新的')
+            cls._instance = super(tableStore, cls).__new__(cls)
+            cls._instance.ots_client = ots_client
+            cls._instance.table_name = table_name
+        
+        return cls._instance
+    
+    def __init__(self,ots_client,table_name):
+        self.ots_client = ots_client
+        self.table_name = table_name
+        self.email = None
+        self.stored_password = None
+        self.is_vip = None
+        self.expired_at = None
+        self.balance = None
+
+    def getUserInfo(self,email)->"void or throw error":
+        #通过email主键查询用户信息
+        primary_key = [
+            ['email', email],
+        ]
+        columns_to_get = ['isVip', 'expiredAt', 'password','balance']
+        try:
+            consumed, return_row, next_token = self.ots_client.get_row(
+                table_name=self.table_name,
+                primary_key=primary_key,
+                columns_to_get=columns_to_get
+            )
+            if return_row is None:
+                raise customError('email not exist')
+            else:
+                # 创建一个字典来存储键值对
+                attributes = {}
+                for key, value, _ in return_row.attribute_columns:
+                    attributes[key] = value
+
+                self.email = email
+                self.expired_at = attributes['expiredAt']
+                self.is_vip = attributes['isVip']
+                self.stored_password = attributes['password']
+                self.balance = attributes['balance']
+
+        except Exception as e:
+            raise customError("请求getUserInfo失败",e)
+    def checkInit(self)->"bool or throw error":
+        # 使用 all() 函数检查所有属性是否都存在且不为 None
+        return all([self.email is not None, self.stored_password is not None, self.is_vip is not None,
+                    self.expired_at is not None])
+
+    def login(self, email, password)-> "user info or throw error":
+        self.getUserInfo(email) #检测登录前先获取用户信息
+        if self.checkInit():
+            #都存在说明正常初始化
+            if self.email==email and self.stored_password==password:
+                return {"ec":200,"expiredAt":self.expired_at
+                    ,"balance":self.balance,"email":email,"password":password}
+            else:
+                raise customError("login验证失败-账户不匹配")
+        else:
+            raise customError("login调用时发现用户信息没有正常初始化")
+    def checkVipStatus(self)->"bool or throw error":
+        current_time = int(time.time())
+        if self.checkInit():
+            if self.expired_at > current_time:
+                #只看截止时间
+                return True
+            else:
+                return False
+        else:
+            raise customError("checkVipStatus调用时发现用户信息没有正常初始化")
+
+    def userSignUp(self,email,password)->"user info or throw error":
+        #如果收到参数不够，那么务必设置默认值 expiredAt->0  ,isVip->false
+        primary_key = [
+            ['email', email],
+        ]
+        attribute_columns = [
+            ['isVip', False],  # 注册用户不为vip
+            ['password', password],
+            ['expiredAt', int(time.time())],  # 第一次创建过期时间为当前时间
+            ['balance', int(0)],     # 第一次创建balance为0
+        ]
+        try:
+            self.ots_client.put_row(
+                table_name=self.table_name,
+                row=Row(
+                    primary_key=primary_key,
+                    attribute_columns=attribute_columns
+                ),
+                condition=Condition(RowExistenceExpectation.EXPECT_NOT_EXIST)  # 这种只要存在就不执行(多次注册只有第一次生效)
+            )
+            return {"ec":200,"expiredAt":0
+                    ,"balance":0,"email":email,"password":password}
+        except Exception as e:
+            raise customError("userSignUp 失败",e)
+
+    def updateColumnByPrimaryKey(self,key:str,key_value:'dynamic',
+                                 update_column:str,update_column_value:'dynamic')\
+            -> "bool or throw error":
+        #比如支付回调的时候没有密码，故而只根据主键email更新时间
+        primary_key = [
+            (key, key_value),
+        ]
+        update_of_attribute_columns = {
+            'PUT': [(update_column, update_column_value)]
+        }
+        updateRow = Row(
+            primary_key=primary_key,
+            attribute_columns=update_of_attribute_columns
+        )
+        try:
+            table_meta = self.ots_client.describe_table(table_name=self.table_name)
+            defined_columns = table_meta.table_meta.defined_columns  # 定义的非主键列-不受意外列添加影响
+            isColumnExist = any(column_name == update_column for column_name, _ in  defined_columns)
+            condition = Condition(RowExistenceExpectation.EXPECT_EXIST)
+
+            if isColumnExist:
+                # 执行UpdateRow操作
+                self.ots_client.update_row(
+                        table_name=self.table_name,
+                        row=updateRow,
+                        condition=condition
+                    )
+                return True
+            else:
+                raise customError("更新列名不存在")
+        except Exception as e:
+            raise customError('更新操作发生问题',e)
+
+
+
+
+if __name__ == '__main__':
+    access_key_id = 'LTAI5tNwpEHCMTupADmx6xA4'
+    access_key_secret = "vX1q5Tvj3LSsIMUXN6SPbMUBCET3qG"
+    end_point = 'https://v2b-user-table.ap-southeast-1.ots.aliyuncs.com'
+    instance_name = 'v2b-user-table'
+    table_name = 'user'
+    ots_client = OTSClient(
+        end_point=end_point,
+        access_key_id=access_key_id,
+        access_key_secret=access_key_secret,
+        instance_name=instance_name
+    )
+    tablestore = tableStore(ots_client=ots_client,table_name=table_name)
+    tablestore.updateColumnByPrimaryKey(key='email',key_value='[email protected]',
+                                        update_column='balance',update_column_value=1728877808)
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+

server/dao_pool.py

@@ -0,0 +1,59 @@
+import mysql.connector
+from mysql.connector import pooling
+from .utils import config
+class Database:
+    __connection_pool = None
+    @classmethod
+    def init(cls):
+        try:
+            cls.__connection_pool = pooling.MySQLConnectionPool(
+                pool_name="v2boardPool",
+                pool_size=5,
+                host=config["host"],
+                database=config["databaseName"],
+                user=config["databaseUser"],
+                password=config["password"]
+            )
+        except mysql.connector.Error as e:
+            print("Error initializing connection pool: {}".format(str(e)))
+
+    @classmethod
+    def get_connection(cls):
+        if cls.__connection_pool is None:
+            cls.init()
+        conn = cls.__connection_pool.get_connection()
+        return conn
+
+    @classmethod
+    def release_connection(cls, connection):
+        connection.close()
+
+    @classmethod
+    def close_all_connections(cls):
+        cls.__connection_pool.close()
+
+    @classmethod
+    def status(cls):
+        # 获取使用了的连接状态
+        if cls.__connection_pool is None:
+            cls.init()
+        return cls.__connection_pool.get_pool_size()
+
+if __name__ == '__main__':
+    email = '[email protected]'
+    with Database.get_connection() as conn:
+        with conn.cursor() as cur:
+            print("链接数据库成功")
+            query = "SELECT balance FROM `v2_user` WHERE email = %(email)s"
+            params = {'email': email}
+            cur.execute(query, params)
+            result = cur.fetchone()
+
+            if result is not None:
+                # 如果email已经存在于数据库中，那么从数据库中获取balance
+                balance = result[0]
+                print(balance)
+            else:
+                # 如果email不存在于数据库中，提示用户未注册(没必要，因为没法通知到app),所以不做处理
+                pass
+            print("数据库操作完成")

server/hook.py

@@ -0,0 +1,29 @@
+#notify通知到后自动写入数据库的hook操作,只添加余额就行,连月都不用管
+from .dao_pool import Database
+def updateBalance(email,amount):
+    ##通过传入用户email和回调中的金额修改balance
+    with Database.get_connection() as conn:
+        with conn.cursor() as cur:
+            print("链接数据库成功")
+            query = "SELECT balance FROM `v2_user` WHERE email = %(email)s"
+            params = {'email': email}
+            cur.execute(query, params)
+            result = cur.fetchone()
+
+            if result is not None:
+                # 如果email已经存在于数据库中，那么从数据库中获取balance,让balance加上新充值的金额就行
+                balance = result[0]
+                balance +=float(amount)*100
+                print(balance)
+                query = "UPDATE `v2_user` SET balance = %(balance)s WHERE email = %(email)s"
+                params = {'balance': str(balance), 'email': email}
+                cur.execute(query, params)
+                conn.commit()
+            else:
+                # 如果email不存在于数据库中，提示用户未注册(没必要，因为没法通知到app),所以不做处理
+                pass
+            print("数据库操作完成,当前email: ",email)
+
+
+
+

server/notify.py

@@ -0,0 +1,88 @@
+
+from fastapi import APIRouter, HTTPException, Request
+from fastapi.responses import JSONResponse
+from .hook import *
+from .pydanticModel import *
+from .dao import tableStore
+import logging
+
+# 配置日志
+logging.basicConfig(level=logging.INFO)
+logger = logging.getLogger(__name__)
+
+router = APIRouter()
+
+#afdian的回调是post  huggingfaceb不知道抽什么风只能二级路由
+@router.get('/uu',response_model=AfdianResp)
+@router.post('/uu',response_model=AfdianResp)
+async def update_balance(afdianHookjson: AfdianHookJson):
+    """处理爱发电支付回调"""
+    
+    resp = {'ec': 200}
+    
+    # 检查 ots_client 是否可用
+    if router.ots_client is None:
+        logger.error("OTS client not initialized")
+        return {'ec': "服务配置错误"}
+    
+    # 检查 ec 是否为 200
+    if afdianHookjson.ec != 200:
+        logger.warning(f"Invalid ec value: {afdianHookjson.ec}")
+        return {'ec': "afdian hook错误，ec 不是 200"}
+
+    # 提取订单详情和可选参数
+    order_details = afdianHookjson.data.order
+    custom_order_id = order_details.custom_order_id
+    total_amount = order_details.total_amount
+
+    # 验证必要参数
+    if not custom_order_id:
+        logger.warning("Missing custom_order_id")
+        return {'ec': "缺少用户标识"}
+
+    table_store = tableStore(ots_client=router.ots_client, table_name=router.table_name)
+
+    if all([custom_order_id is not None, total_amount is not None]):
+        # 说明是余额类型
+        try:
+            # 先给mysql的数据库添加 - 这个毕竟久 稳定 但是不应该影响其他数据库添加(万一不用了)--------------------
+            updateBalance(email=custom_order_id, amount=total_amount)
+            # 先给mysql的数据库添加 - 这个毕竟久 稳定 但是不应该影响其他数据库添加(万一不用了)--------------------
+        except Exception as e:
+            logger.error(f"MySQL update failed: {e}")
+            print("updateBalance v2b digitalocean mysql failed",e)
+
+        try:
+            #应该改成从原来的余额基础上加total_amount的值
+            table_store.getUserInfo(email=custom_order_id)
+            cur_balance  = table_store.balance
+            balance_new = cur_balance+ total_amount
+            # 更新余额列
+            update_balance_result = table_store.updateColumnByPrimaryKey(
+                key=router.key,
+                key_value=custom_order_id,
+                update_column='balance',
+                update_column_value=balance_new
+            )
+            if update_balance_result:
+                logger.info(f"Successfully updated balance for {custom_order_id}")
+                return resp #全部成功运行则返回爱发电要求的ec =200
+            else:
+                logger.error(f"Failed to update balance for {custom_order_id}")
+                return {'ec': "updateBalance tablestore 结果失败"}
+        except Exception as e:
+            logger.error(f"TableStore update failed: {e}")
+            print(e)
+            return {'ec': "尝试 updateBalance tablestore 失败"}
+    else:
+        #这个直接返回200吧，反正测试接口的时候需要 ，平时也不用到
+        # return {'ec': "afdian hook custom_order_id 或者 total_amount 为 None"}
+        logger.info("Test callback received")
+        return resp
+
+# test
+# @router.post('/uu')
+# async def prinf_test_json(request: Request):
+#     json_data = await request.json()
+#     print("收到afdian请求:", json_data)
+#     return {'ec': 200}

server/pydanticModel.py

@@ -0,0 +1,137 @@
+from pydantic import BaseModel,field_validator,Field
+from fastapi import  Query
+from typing import List, Optional, Any
+
+
+# 定义fastapi请求参数模型
+
+class signUp(BaseModel):
+    email: str
+    password: str
+    # 可选参数
+    expiredAt: int = Query(default=0, alias="expiredAt")
+    balance: int = Query(default=0, alias="balance")
+    ec: int = Query(default=200, alias="ec")
+
+
+    @field_validator('email')
+    #确保password不为''
+    def check_email(cls, v):
+        if v == '':
+            raise ValueError('email cannot be an empty string')
+        return v
+
+    @field_validator('password')
+    # 确保password不为''
+    def check_password(cls, v):
+        if v == '':
+            raise ValueError('password cannot be an empty string')
+        return v
+
+
+class signIn(BaseModel):
+    email: str
+    password: str
+    # 可选参数
+    expiredAt: int = Query(default=0, alias="expiredAt")
+    balance: int = Query(default=0, alias="balance")
+    ec: int = Query(default=200, alias="ec")
+
+
+    @field_validator('email')
+    # 确保password不为''
+    def check_email(cls, v):
+        if v == '':
+            raise ValueError('email cannot be an empty string')
+        return v
+
+    @field_validator('password')
+    # 确保password不为''
+    def check_password(cls, v):
+        if v == '':
+            raise ValueError('password cannot be an empty string')
+        return v
+
+
+class SKUDetail(BaseModel):
+    sku_id: Optional[str] = None
+    price: Optional[str] = None
+    count: Optional[int] = None
+    name: Optional[str] = None
+    album_id: Optional[str] = None
+    pic: Optional[str] = None
+    stock: Optional[str] = None
+    post_id: Optional[str] = None
+
+
+class AfdianOrderDetail(BaseModel):
+    out_trade_no: Optional[str] = Field(default=None, alias="out_trade_no")
+    user_id: Optional[str] = Field(default=None, alias="user_id")
+    plan_id: Optional[str] = Field(default=None, alias="plan_id")
+    title: Optional[str] = Field(default=None, alias="title") #just afdian test have
+    month: Optional[int] = Field(default=None, alias="month") 
+    total_amount: Optional[int] = Field(default=None, alias="total_amount")  # 这里自动转int了
+    show_amount: Optional[str] = Field(default=None, alias="show_amount")
+    status: Optional[int] = Field(default=None, alias="status")
+    remark: Optional[str] = Field(default=None, alias="remark")
+    redeem_id: Optional[str] = Field(default=None, alias="redeem_id")
+    product_type: Optional[int] = Field(default=None, alias="product_type")
+    discount: Optional[str] = Field(default=None, alias="discount")
+    sku_detail: Optional[List[SKUDetail]] = Field(default=[], alias="sku_detail") #兼容afdian test 请求
+    create_time: Optional[int] = Field(default=None, alias="create_time")
+    plan_title: Optional[str] = Field(default=None, alias="plan_title")
+    user_private_id: Optional[str] = Field(default=None, alias="user_private_id")
+    address_person: Optional[str] = Field(default=None, alias="address_person")
+    address_phone: Optional[str] = Field(default=None, alias="address_phone")
+    address_address: Optional[str] = Field(default=None, alias="address_address")
+    custom_order_id: Optional[str] = Field(default=None, alias="custom_order_id")
+
+
+class AfdianOrderData(BaseModel):
+    type: str
+    order: AfdianOrderDetail
+
+
+class AfdianHookJson(BaseModel):
+    ec: int
+    em: str
+    data: AfdianOrderData
+
+
+class AfdianResp(BaseModel):
+    ec: Any
+
+
+
+#根据plan中的价格和时间相应减少balance和增加expiredAt
+class userPlan(BaseModel):
+    price: int
+    duration_seconds: int
+    email: str #订阅plan的用户
+    password: str #请求purchase接口用户的password,保证只有用户本身可以请求这个接口防止滥用
+
+    @field_validator('price')
+    # 确保password不为''
+    def check_price(cls, v):
+        if v < 0:
+            raise ValueError('price can not < 0')
+        return v
+
+    @field_validator('duration_seconds')
+    # 确保password不为''
+    def check_duration_seconds(cls, v):
+        if v < 0:
+            raise ValueError('duration_seconds can not < 0')
+        return v
+
+    @field_validator('email')
+    # 确保password不为''
+    def check_email(cls, v):
+        if v == '':
+            raise ValueError('email cannot be an empty string')
+        return v
+
+
+
+
+

server/utils.py

@@ -0,0 +1,23 @@
+import json
+import os
+
+def load_config():
+    """从配置文件和环境变量加载配置"""
+    config_path = os.path.join(os.path.dirname(__file__), 'config.json')
+    
+    # 读取基础配置
+    with open(config_path, 'r', encoding='utf-8') as f:
+        config = json.load(f)
+    
+    # 从环境变量覆盖敏感信息
+    config['databaseName'] = os.getenv('MYSQL_DATABASE', config['databaseName'])
+    config['databaseUser'] = os.getenv('MYSQL_USER', config['databaseUser'])
+    config['password'] = os.getenv('MYSQL_PASSWORD', config['password'])
+    config['host'] = os.getenv('MYSQL_HOST', config['host'])
+    
+    return config
+
+config = load_config()
+
+if __name__ == '__main__':
+    print(config['notify'])

test.py

@@ -0,0 +1,76 @@
+import requests
+# port = 7860
+port= 3000
+
+# url = "http://localhost:{p}/accountManager/login".format(p=port)
+url = "http://localhost:{p}/accountManager/signUp".format(p=port)
+data = {
+    "email": '[email protected]',
+    "password": '[email protected]'
+}
+response = requests.get(url, json=data)
+print(response.status_code)
+print(response.json())
+
+
+# #hook模拟
+# # port = 7860
+# # url = "http://localhost:{p}/uu".format(p=port)
+# url = 'https://hook.pixiv.digital/uu'
+# data = {
+#     "ec": 200,
+#     "em": "ok",
+#     "data": {
+#         "type": "order",
+#         "order": {
+#             "out_trade_no": "20241014133823102101567665",
+#             "user_id": "f05ca070734c11efa78052540025c377",
+#             "plan_id": "ef3c43c6daa411ee965e5254001e7c00",
+#             "month": 1,
+#             "total_amount": "10.00",
+#             "show_amount": "10.00",
+#             "status": 2,
+#             "remark": "",
+#             "redeem_id": "",
+#             "product_type": 1,
+#             "discount": "0.00",
+#             "sku_detail": [
+#                 {
+#                     "sku_id": "ef440afcdaa411ee9e165254001e7c00",
+#                     "price": "1.00",
+#                     "count": 10,
+#                     "name": "\u4f59\u989d\u6570\u91cf",
+#                     "album_id": "",
+#                     "pic": "",
+#                     "stock": "",
+#                     "post_id": ""
+#                 }
+#             ],
+#             "create_time": 1728884303,
+#             "plan_title": "\u4f59\u989d",
+#             "user_private_id": "f14e880d78ac9d5c623b677c6e0c7122f1158bf0",
+#             "address_person": "",
+#             "address_phone": "",
+#             "address_address": "",
+#             "custom_order_id": "[email protected]"
+#         }
+#     }
+# }
+# response = requests.get(url, json=data)
+# print(response.status_code)
+# print(response.text)
+
+
+
+# # purchase 模拟
+# url = "http://localhost:{p}/accountManager/purchase".format(p=port)
+# data = {
+#     "price":10,
+#     "duration_seconds":2592000,
+#     "email":'[email protected]',
+#     "password":"[email protected]"
+# }
+#
+# response = requests.get(url, json=data)
+# print(response.status_code)
+# print(response.json())