[UPDATE] 更新前端aes加密密碼的實作

jack

2023-08-08 d39218d56f5d1c96667035e969d414aa8a2fb81e

 pamapi/src/main/java/com/pollex/pam/web/rest/EServiceResource.java

@@ -25,6 +25,7 @@
import com.pollex.pam.business.aop.logging.audit.AuditLoggingInject;
import com.pollex.pam.business.security.token.EServiceAuthenticationToken;
import com.pollex.pam.business.service.ConsultantService;
import com.pollex.pam.business.service.util.AesUtil;
import com.pollex.pam.business.web.errors.OtpLoginFailException;
import com.pollex.pam.business.web.vm.EServiceLoginVM;
import com.pollex.pam.security.jwt.JWTFilter;
@@ -52,6 +53,13 @@
          @RequestBody EServiceLoginVM eServiceLoginVM
          , HttpServletResponse response, HttpServletRequest request,
         @PathVariable String imgCode){
    	
    	
       String paswword = AesUtil.aesDecode(eServiceLoginVM.getPassword());
       if(!StringUtils.hasText(paswword)) {
          throw new OtpLoginFailException("密碼解密失敗");
       }
    	
       HttpSession session = request.getSession();
       String sessionImpCode = (String) session.getAttribute("img_code");
       
@@ -63,11 +71,11 @@
       if(!imgCode.equals(sessionImpCode)) {
          throw new OtpLoginFailException("驗證碼輸入錯誤");
       }
       session.setAttribute("img_code", null);
       
        EServiceAuthenticationToken authenticationToken = new EServiceAuthenticationToken(
       session.setAttribute("img_code", null);
       EServiceAuthenticationToken authenticationToken = new EServiceAuthenticationToken(
            eServiceLoginVM.getUsername(),
            eServiceLoginVM.getPassword()
            paswword
        );

        Authentication authentication = authenticationManagerBuilder.getObject().authenticate(authenticationToken);