保誠-保戶業務員媒合平台
究查 | 歷程 | 原始
wayne
2022-03-02 fb89f2f58fa36b61970af65b93c292720417e753 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47

package com.pollex.pam.web.rest;


 


import com.pollex.pam.business.aop.logging.audit.AuditLoggingInject;


import com.pollex.pam.security.jwt.JWTFilter;


import com.pollex.pam.security.jwt.TokenProvider;


import com.pollex.pam.business.security.token.EServiceAuthenticationToken;


import com.pollex.pam.business.web.vm.EServiceLoginVM;


import org.springframework.beans.factory.annotation.Autowired;


import org.springframework.http.HttpHeaders;


import org.springframework.http.HttpStatus;


import org.springframework.http.ResponseEntity;


import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;


import org.springframework.security.core.Authentication;


import org.springframework.security.core.context.SecurityContextHolder;


import org.springframework.web.bind.annotation.PostMapping;


import org.springframework.web.bind.annotation.RequestBody;


import org.springframework.web.bind.annotation.RequestMapping;


import org.springframework.web.bind.annotation.RestController;


 


import static com.pollex.pam.business.aop.logging.audit.AuditLoggingType.CONSULTANT_LOGIN;


 


@RestController


@RequestMapping("/api/eService")


public class EServiceResource {


 


    @Autowired


    AuthenticationManagerBuilder authenticationManagerBuilder;


 


    @Autowired


    TokenProvider tokenProvider;


 


    @AuditLoggingInject(type = CONSULTANT_LOGIN)


    @PostMapping("/authenticate")


    public ResponseEntity<UserJWTController.JWTToken> authorize(@RequestBody EServiceLoginVM eServiceLoginVM) {


        EServiceAuthenticationToken authenticationToken = new EServiceAuthenticationToken(


            eServiceLoginVM.getUsername(),


            eServiceLoginVM.getPassword()


        );


 


        Authentication authentication = authenticationManagerBuilder.getObject().authenticate(authenticationToken);


        SecurityContextHolder.getContext().setAuthentication(authenticationToken);


        String jwt = tokenProvider.createToken(authentication, false);


        HttpHeaders httpHeaders = new HttpHeaders();


        httpHeaders.add(JWTFilter.AUTHORIZATION_HEADER, "Bearer" + jwt);


        return new ResponseEntity<>(new UserJWTController.JWTToken(jwt), httpHeaders, HttpStatus.OK);


    }


}