| | |
|---|
| | | public ResponseEntity<UserJWTController.JWTToken> authorize( |
|---|
| | | @RequestBody EServiceLoginVM eServiceLoginVM |
|---|
| | | , HttpServletResponse response, HttpServletRequest request, |
|---|
| | | @PathVariable String imgCode){ |
|---|
| | | @PathVariable String imgCode) throws Exception{ |
|---|
| | | |
|---|
| | | |
|---|
| | | String paswword = AesUtil.aesDecode(eServiceLoginVM.getPassword()); |
|---|
| | | if(!StringUtils.hasText(paswword)) { |
|---|
| | | throw new OtpLoginFailException("密碼解密失敗"); |
|---|
| | | } |
|---|
| | | |
|---|
| | | HttpSession session = request.getSession(); |
|---|
| | | String sessionImpCode = (String) session.getAttribute("img_code"); |
|---|
| | |
|---|
| | | if(!imgCode.equals(sessionImpCode)) { |
|---|
| | | throw new OtpLoginFailException("驗證碼輸入錯誤"); |
|---|
| | | } |
|---|
| | | |
|---|
| | | session.setAttribute("img_code", null); |
|---|
| | | EServiceAuthenticationToken authenticationToken = new EServiceAuthenticationToken( |
|---|
| | | eServiceLoginVM.getUsername(), |
|---|
| | | AesUtil.aesDecode(eServiceLoginVM.getPassword()) |
|---|
| | | paswword |
|---|
| | | ); |
|---|
| | | |
|---|
| | | Authentication authentication = authenticationManagerBuilder.getObject().authenticate(authenticationToken); |
|---|
