保誠-保戶業務員媒合平台
究查 | 歷程 | 原始
Jack
2021-11-26 bdcaac32492b5e6223fef4304f4d86403e877022 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117

package com.pollex.pam.web.rest;


 


import java.util.Arrays;


import java.util.UUID;


 


import org.slf4j.Logger;


import org.slf4j.LoggerFactory;


import org.springframework.beans.factory.annotation.Autowired;


import org.springframework.http.HttpHeaders;


import org.springframework.http.HttpStatus;


import org.springframework.http.ResponseEntity;


import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;


import org.springframework.web.bind.annotation.PostMapping;


import org.springframework.web.bind.annotation.RequestBody;


import org.springframework.web.bind.annotation.RequestMapping;


import org.springframework.web.bind.annotation.RestController;


 


import com.pollex.pam.config.ApplicationProperties;


import com.pollex.pam.domain.Customer;


import com.pollex.pam.enums.OtpLoginTypeEnum;


import com.pollex.pam.repository.CustomerRepository;


import com.pollex.pam.security.jwt.JWTFilter;


import com.pollex.pam.security.jwt.TokenProvider;


import com.pollex.pam.service.CustomerAuthService;


import com.pollex.pam.service.CustomerService;


import com.pollex.pam.service.OtpTmpService;


import com.pollex.pam.service.OtpUtilService;


import com.pollex.pam.service.OtpWebService;


import com.pollex.pam.service.dto.CustomerRegisterDTO;


import com.pollex.pam.service.dto.OtpResponseDTO;


import com.pollex.pam.web.rest.vm.OtpLoginVM;


import com.pollex.pam.web.rest.vm.VerifyOtpVM;


 


@RestController


@RequestMapping("/api/otp")


public class OtpResource {


 


    private final static Logger log = LoggerFactory.getLogger(OtpResource.class);


 


    @Autowired


    ApplicationProperties applicationProperty;


 


    @Autowired


    OtpWebService otpWebService;


 


    @Autowired


    AuthenticationManagerBuilder authenticationManagerBuilder;


 


    @Autowired


    TokenProvider tokenProvider;


 


    @Autowired


    CustomerAuthService customerAuthService;


 


    @Autowired


    OtpTmpService otpTmpService;


 


    @Autowired


    CustomerService customerService;


    


    @Autowired


    OtpUtilService otpUtilService;


    


    @Autowired


    CustomerRepository customerRepository;


 


    @PostMapping("/sendOtp")


    public ResponseEntity<Object> sendOtp(@RequestBody OtpLoginVM login) {


        OtpResponseDTO otpResponse;


        if(applicationProperty.isMockLogin()) {


            otpResponse = getMockSendOtpResponse();


        }else if(login.getLoginType() == OtpLoginTypeEnum.SMS) {


            otpResponse = otpWebService.sendByPhone(login.getAccount());


        }


        else if(login.getLoginType() == OtpLoginTypeEnum.EMAIL) {


            otpResponse = otpWebService.sendByEmail(login.getAccount());


        }else {


            return ResponseEntity.status(HttpStatus.BAD_REQUEST).body("can not support this login type, loginType = " + login.getLoginType().name());


        }


        otpTmpService.createOtpTmp(login.getAccount(), otpResponse.getIndexKey());


        return new ResponseEntity<>(otpResponse, HttpStatus.OK);


    }


 


    @PostMapping("/verify")


    public ResponseEntity<UserJWTController.JWTToken> verifyOtp(@RequestBody VerifyOtpVM verifyOtpParam) {


        otpUtilService.verifyOtp(verifyOtpParam.getIndexKey(), verifyOtpParam.getOtpCode());


        


        Customer customer = customerRepository


                            .findOneByEmailEqualsOrPhoneEquals(verifyOtpParam.getAccount())


                            .orElse(null);


        


        if (customer == null) {


            return ResponseEntity.status(HttpStatus.UNAUTHORIZED).build();


        }


        


        String jwt = customerAuthService.authorize(customer, verifyOtpParam.getIndexKey(), verifyOtpParam.getOtpCode());


        HttpHeaders httpHeaders = new HttpHeaders();


        httpHeaders.add(JWTFilter.AUTHORIZATION_HEADER, "Bearer" + jwt);


        return new ResponseEntity<>(new UserJWTController.JWTToken(jwt), httpHeaders, HttpStatus.OK);


    }


 


    private OtpResponseDTO getMockSendOtpResponse() {


        String indexKey = UUID.randomUUID().toString().substring(0, 8);


        return new OtpResponseDTO(Arrays.asList(indexKey, "0", "", ""));


    }


 


    @PostMapping("/register")


    public ResponseEntity<UserJWTController.JWTToken> registerAccount(@RequestBody CustomerRegisterDTO registDTO) {


        Customer account = customerService.registerCustomer(registDTO);


        String jwt = customerAuthService.authorize(account, registDTO.getIndexKey(), registDTO.getOtpCode());


        HttpHeaders httpHeaders = new HttpHeaders();


        httpHeaders.add(JWTFilter.AUTHORIZATION_HEADER, "Bearer" + jwt);


        return new ResponseEntity<>(new UserJWTController.JWTToken(jwt), httpHeaders, HttpStatus.OK);


    }


    


    


}