[UPDATE] 客戶登入發送手機/email驗證碼的時候須加上img code驗證碼避免重複發送簡訊的問題

jack

2022-07-20 63a3c3c6b95630cce868fd193eaff1487de4ead7

 pamapi/src/main/java/com/pollex/pam/web/rest/OtpResource.java

@@ -73,8 +73,23 @@
    @Autowired
    CustomerRepository customerRepository;

    @PostMapping("/sendOtp")
    public ResponseEntity<Object> sendOtp(@RequestBody OtpLoginVM login) {
    @PostMapping("/sendOtp/{imgCode}")
    public ResponseEntity<Object> sendOtp(@RequestBody OtpLoginVM login
          , @RequestBody VerifyOtpVM verifyOtpParam
          , @PathVariable String imgCode, HttpServletRequest request) {
    	
       HttpSession session = request.getSession();
       String sessionImpCode = (String) session.getAttribute("img_code");
    	
       if (!StringUtils.hasText(sessionImpCode)
            || !StringUtils.hasText(imgCode)) {
          throw new OtpLoginFailException("驗證碼輸入錯誤");
      }
    	
       if(!imgCode.equals(sessionImpCode)) {
          throw new OtpLoginFailException("驗證碼輸入錯誤");
       }
    	
       OtpResponseDTO otpResponse;
        if(applicationProperty.isMockLogin()) {
            otpResponse = getMockSendOtpResponse();
@@ -91,20 +106,10 @@
    }

    @AuditLoggingInject(type = CUSTOMER_LOGIN)
    @PostMapping("/verify/{imgCode}")
    @PostMapping("/verify")
    public ResponseEntity<UserJWTController.JWTToken> verifyOtp(@RequestBody VerifyOtpVM verifyOtpParam
          , @PathVariable String imgCode, HttpServletRequest request) {
       HttpSession session = request.getSession();
       String sessionImpCode = (String) session.getAttribute("img_code");
          ) {
       
       if (!StringUtils.hasText(sessionImpCode)
            || !StringUtils.hasText(imgCode)) {
          throw new OtpLoginFailException("驗證碼輸入錯誤");
      }
    	
       if(!imgCode.equals(sessionImpCode)) {
          throw new OtpLoginFailException("驗證碼輸入錯誤");
       }
       
       otpUtilService.verifyOtp(verifyOtpParam);