[update] 移除login_record欄位，改統一放之後 將新開的稽核欄位"audit_logging"，並在顧問欄位加開最後上線時間

wayne

2022-02-21 925f8b4ffca99f07c629660d42c48f531b4f77a0

 pamapi/src/main/java/com/pollex/pam/security/provider/EServiceAuthenticationProvider.java

@@ -6,9 +6,8 @@
import com.pollex.pam.enums.ConsultantDetailEnum;
import com.pollex.pam.repository.ConsultantRepository;
import com.pollex.pam.security.token.EServiceAuthenticationToken;
import com.pollex.pam.service.LoginRecordService;
import com.pollex.pam.service.dto.EServiceResponse;
import com.pollex.pam.service.util.HttpRequestUtil;
import com.pollex.pam.web.rest.errors.ConsultantDisableException;
import com.pollex.pam.web.rest.errors.EServiceErrorException;
import org.apache.http.conn.ssl.NoopHostnameVerifier;
import org.apache.http.conn.ssl.SSLConnectionSocketFactory;
@@ -38,12 +37,15 @@
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.cert.X509Certificate;
import java.time.Instant;
import java.util.*;

import static com.pollex.pam.enums.ConsultantStatusEnum.DISABLE;

@Component
public class EServiceAuthenticationProvider {

    private static final String E_SERVICE_LOGIN_SUCCESS_CODE = "0";
    private static final String E_SERVICE_LOGIN_SUCCESS_CODE = "true";
    private static final Logger log = LoggerFactory.getLogger(EServiceAuthenticationProvider.class);

    @Autowired
@@ -52,16 +54,12 @@
    @Autowired
    ConsultantRepository consultantRepository;

    @Autowired
    LoginRecordService loginRecordService;

    public Authentication authenticate(EServiceAuthenticationToken authenticationToken) throws AuthenticationException {
        String account = authenticationToken.getPrincipal();
        String credentials = authenticationToken.getCredentials();

        if(applicationProperty.isMockLogin()){
            loginRecordService.saveEServiceLoginSuccessRecord(account);
            return getConsultantToken(account, credentials);
            return getConsultantTokenAndRecordLoginTime(account, credentials);
        }

        try {
@@ -70,12 +68,10 @@
                EServiceResponse eServiceResponse = responseEntity.getBody();
                log.debug("eService response = {}", eServiceResponse);

                if(E_SERVICE_LOGIN_SUCCESS_CODE.equals(eServiceResponse.getCode())){
                    loginRecordService.saveEServiceLoginSuccessRecord(account);
                    return getConsultantToken(account, credentials);
                if(E_SERVICE_LOGIN_SUCCESS_CODE.equals(eServiceResponse.getIssuccess())){
                    return getConsultantTokenAndRecordLoginTime(account, credentials);
                }
                else {
                    loginRecordService.saveEServiceLoginFailRecord(account, eServiceResponse.getMsg());
                    throw new EServiceErrorException(eServiceResponse.getMsg());
                }
            }
@@ -88,9 +84,16 @@
        }
    }

    private UsernamePasswordAuthenticationToken getConsultantToken(String account, String credential) {
    private UsernamePasswordAuthenticationToken getConsultantTokenAndRecordLoginTime(String account, String credential) throws ConsultantDisableException {
        Consultant consultant = consultantRepository.findOneByAgentNo(account).orElseThrow(() -> new UsernameNotFoundException("該顧問資料並不存在於媒合平台系統中"));

        if(consultant.getStatus() == DISABLE) {
            throw new ConsultantDisableException("顧問帳號目前停用中");
        }

        consultant.setLatestLoginTime(Instant.now());
        consultantRepository.save(consultant);

        List<GrantedAuthority> grantedAuths = Arrays.asList(new SimpleGrantedAuthority("ROLE_USER"));
        UsernamePasswordAuthenticationToken authenticationToken = new UsernamePasswordAuthenticationToken(account, credential, grantedAuths);