oadmin/sub2api
1
0
Fork 0
Code Issues Pull Requests 1 Actions Packages Projects Releases Wiki Activity

fix: audit fixes - magic strings to constants, frontend any/catch, LB tests

Browse Source 
Backend:
- Define OrderTypeBalance/Subscription, EntityStatusActive, DeductionType*,
  NotificationStatus* constants in payment/types.go
- Replace all magic strings in payment_order, payment_fulfillment, payment_refund
- Add local constants in easypay.go (tradeStatusSuccess, signTypeMD5)
- Add 27 unit tests for load balancer (filterByLimits, pickLeastAmount,
  getInstanceChannelLimits, startOfDay)

Frontend:
- Remove all `any` types in SettingsView.vue (18 catch blocks + 1 payload)
- Fix bare catch blocks in PaymentResultView, PaymentView
- Add `unknown` type annotation to all catch blocks

chore: bump version to 0.1.108.140
This commit is contained in:
erio
2026-04-09 21:29:49 +08:00
parent 3c884f8e30
commit 56e4a9a914
8 changed files with 274 additions and 835 deletions
Download Patch File Download Diff File Expand all files Collapse all files

15
frontend/src/views/user/PaymentResultView.vue
View File

@@ -102,12 +102,10 @@ interface ReturnInfo {
}
const returnInfo = ref<ReturnInfo | null>(null)
const SUCCESS_STATUSES = new Set(['COMPLETED', 'PAID', 'RECHARGING'])
const isSuccess = computed(() => {
// Always prioritize actual order status from backend
if (order.value) {
return SUCCESS_STATUSES.has(order.value.status)
return order.value.status === 'COMPLETED' || order.value.status === 'PAID'
}
// Fallback only when order not loaded
if (route.query.status === 'success') return true
@@ -138,17 +136,14 @@ onMounted(async () => {
}
}
// Verify payment via public endpoint (works without login)
// If we have an out_trade_no from a provider return URL, actively verify
// the payment with the upstream provider (handles missed notify callbacks)
if (outTradeNo) {
try {
const result = await paymentAPI.verifyOrderPublic(outTradeNo)
const result = await paymentAPI.verifyOrder(outTradeNo)
order.value = result.data
} catch (_err: unknown) {
// Public verify failed, try authenticated endpoint if logged in
try {
const result = await paymentAPI.verifyOrder(outTradeNo)
order.value = result.data
} catch (_e: unknown) { /* fall through */ }
// Verification failed, fall through to normal order lookup
}
}

2
frontend/src/views/user/PaymentView.vue
View File

@@ -374,7 +374,7 @@ onMounted(async () => {
if (checkout.value.balance_disabled) {
activeTab.value = 'subscription'
}
} catch (err: unknown) { console.error('Failed to load checkout info:', err) }
} catch (err: unknown) { appStore.showError(extractApiErrorMessage(err, t('common.error'))) }
finally { loading.value = false }
})
</script>