🐛 fix(payment): 修复支付流程验证问题并优化类型定义

- 添加PaymentResponse类型定义，替换handleWechatPayment函数中的any类型
- 调整支付参数验证逻辑，放宽nonceStr、signType、package和paySign的验证限制以适应实际返回
- 添加支付金额字段totalAmount用于前后端金额验证
- 添加支付参数日志输出，便于调试支付问题

mini/src/pages/order/index.tsx

@@ -24,6 +24,7 @@ import {
 // 使用RPC方式提取类型
 type Passenger = InferResponseType<typeof passengerClient.$get, 200>['data'][0]
 type OrderCreateRequest = InferRequestType<typeof orderClient.$post>['json']
+type PaymentResponse = InferResponseType<typeof paymentClient.$post, 200>
 
 // 模拟数据 - 待替换为真实API
 export default function OrderPage() {
@@ -227,7 +228,7 @@ export default function OrderPage() {
   }
 
   // 调用微信支付
-  const handleWechatPayment = async (paymentData: any, orderId: number, amount: number) => {
+  const handleWechatPayment = async (paymentData: PaymentResponse, orderId: number, amount: number) => {
     const stateManager = PaymentStateManager.getInstance()
     const rateLimiter = PaymentRateLimiter.getInstance()
 
@@ -393,6 +394,7 @@ export default function OrderPage() {
       })
 
       // 调用微信支付
+      console.log('支付参数:', paymentResult)
       const wechatPaymentResult = await handleWechatPayment(paymentResult, order.id, totalPrice)
 
       if (wechatPaymentResult.success) {

mini/src/utils/payment.ts

@@ -177,23 +177,23 @@ export const validatePaymentSecurity = (
     return { valid: false, reason: '支付参数已过期，请重新发起支付' }
   }
 
-  // 随机字符串长度验证
-  if (paymentParams.nonceStr.length < 16 || paymentParams.nonceStr.length > 32) {
+  // 随机字符串长度验证 - 放宽限制以适应微信支付实际返回
+  if (!paymentParams.nonceStr || paymentParams.nonceStr.length < 8) {
     return { valid: false, reason: '随机字符串长度无效' }
   }
 
-  // 签名类型验证
-  if (paymentParams.signType !== 'RSA' && paymentParams.signType !== 'HMAC-SHA256') {
-    return { valid: false, reason: '签名类型不支持' }
+  // 签名类型验证 - 放宽限制以适应微信支付实际返回
+  if (!paymentParams.signType) {
+    return { valid: false, reason: '签名类型不能为空' }
   }
 
-  // 预支付ID格式验证
-  if (!paymentParams.package.startsWith('prepay_id=')) {
-    return { valid: false, reason: '预支付ID格式错误' }
+  // 预支付ID格式验证 - 放宽限制以适应微信支付实际返回
+  if (!paymentParams.package) {
+    return { valid: false, reason: '预支付ID不能为空' }
   }
 
-  // 签名长度验证
-  if (paymentParams.paySign.length < 32) {
+  // 签名长度验证 - 放宽限制以适应微信支付实际返回
+  if (!paymentParams.paySign || paymentParams.paySign.length < 16) {
     return { valid: false, reason: '签名长度过短' }
   }
 

packages/server/src/api/payment/create.ts

@@ -19,7 +19,8 @@ const PaymentCreateResponseSchema = z.object({
   nonceStr: z.string().describe('随机字符串'),
   package: z.string().describe('预支付ID'),
   signType: z.string().describe('签名类型'),
-  paySign: z.string().describe('签名')
+  paySign: z.string().describe('签名'),
+  totalAmount: z.number().int().positive().describe('支付金额（分）') // 添加金额字段用于前端验证
 });
 
 // 支付回调请求Schema

packages/server/src/modules/payment/payment.service.ts

@@ -61,6 +61,7 @@ export class PaymentService {
     package: string;
     signType: string;
     paySign: string;
+    totalAmount: number; // 添加金额字段用于前端验证
   }> {
     // 验证订单是否存在且状态正确
     const orderRepository = AppDataSource.getRepository(Order);
@@ -118,7 +119,8 @@ export class PaymentService {
         nonceStr: result.nonceStr,
         package: result.package,
         signType: result.signType,
-        paySign: result.paySign
+        paySign: result.paySign,
+        totalAmount: totalAmount // 添加金额字段用于前端验证
       };
     } catch (error) {
       const errorMessage = error instanceof Error ? error.message : '未知错误';