| | |
|---|
| | | import java.util.Arrays; |
|---|
| | | import java.util.UUID; |
|---|
| | | |
|---|
| | | import com.pollex.pam.aop.logging.audit.AuditLoggingInject; |
|---|
| | | import javax.servlet.http.HttpServletRequest; |
|---|
| | | import javax.servlet.http.HttpSession; |
|---|
| | | |
|---|
| | | import com.pollex.pam.business.aop.logging.audit.AuditLoggingInject; |
|---|
| | | import org.slf4j.Logger; |
|---|
| | | import org.slf4j.LoggerFactory; |
|---|
| | | import org.springframework.beans.factory.annotation.Autowired; |
|---|
| | |
|---|
| | | import org.springframework.http.HttpStatus; |
|---|
| | | import org.springframework.http.ResponseEntity; |
|---|
| | | import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder; |
|---|
| | | import org.springframework.util.StringUtils; |
|---|
| | | import org.springframework.web.bind.annotation.PathVariable; |
|---|
| | | import org.springframework.web.bind.annotation.PostMapping; |
|---|
| | | import org.springframework.web.bind.annotation.RequestBody; |
|---|
| | | import org.springframework.web.bind.annotation.RequestMapping; |
|---|
| | | import org.springframework.web.bind.annotation.RestController; |
|---|
| | | |
|---|
| | | import com.pollex.pam.config.ApplicationProperties; |
|---|
| | | import com.pollex.pam.domain.Customer; |
|---|
| | | import com.pollex.pam.enums.OtpLoginTypeEnum; |
|---|
| | | import com.pollex.pam.repository.CustomerRepository; |
|---|
| | | import com.pollex.pam.business.domain.Customer; |
|---|
| | | import com.pollex.pam.business.enums.OtpLoginTypeEnum; |
|---|
| | | import com.pollex.pam.business.repository.CustomerRepository; |
|---|
| | | import com.pollex.pam.security.jwt.JWTFilter; |
|---|
| | | import com.pollex.pam.security.jwt.TokenProvider; |
|---|
| | | import com.pollex.pam.service.CustomerAuthService; |
|---|
| | | import com.pollex.pam.service.CustomerService; |
|---|
| | | import com.pollex.pam.service.OtpTmpService; |
|---|
| | | import com.pollex.pam.business.service.OtpTmpService; |
|---|
| | | import com.pollex.pam.service.OtpUtilService; |
|---|
| | | import com.pollex.pam.service.OtpWebService; |
|---|
| | | import com.pollex.pam.service.dto.CustomerRegisterDTO; |
|---|
| | | import com.pollex.pam.service.dto.OtpResponseDTO; |
|---|
| | | import com.pollex.pam.web.rest.vm.OtpLoginVM; |
|---|
| | | import com.pollex.pam.web.rest.vm.VerifyOtpVM; |
|---|
| | | import com.pollex.pam.business.service.dto.CustomerRegisterDTO; |
|---|
| | | import com.pollex.pam.business.service.dto.OtpResponseDTO; |
|---|
| | | import com.pollex.pam.business.web.errors.OtpLoginFailException; |
|---|
| | | import com.pollex.pam.business.web.vm.OtpLoginVM; |
|---|
| | | import com.pollex.pam.business.web.vm.VerifyOtpVM; |
|---|
| | | |
|---|
| | | import static com.pollex.pam.aop.logging.audit.AuditLoggingType.CUSTOMER_LOGIN; |
|---|
| | | import static com.pollex.pam.business.aop.logging.audit.AuditLoggingType.CUSTOMER_LOGIN; |
|---|
| | | |
|---|
| | | @RestController |
|---|
| | | @RequestMapping("/api/otp") |
|---|
| | |
|---|
| | | @Autowired |
|---|
| | | CustomerRepository customerRepository; |
|---|
| | | |
|---|
| | | @PostMapping("/sendOtp") |
|---|
| | | public ResponseEntity<Object> sendOtp(@RequestBody OtpLoginVM login) { |
|---|
| | | @PostMapping("/sendOtp/{imgCode}") |
|---|
| | | public ResponseEntity<Object> sendOtp(@RequestBody OtpLoginVM login |
|---|
| | | , @PathVariable String imgCode, HttpServletRequest request) { |
|---|
| | | |
|---|
| | | HttpSession session = request.getSession(); |
|---|
| | | String sessionImpCode = (String) session.getAttribute("img_code"); |
|---|
| | | |
|---|
| | | if (!StringUtils.hasText(sessionImpCode) |
|---|
| | | || !StringUtils.hasText(imgCode)) { |
|---|
| | | throw new OtpLoginFailException("驗證碼輸入錯誤"); |
|---|
| | | } |
|---|
| | | |
|---|
| | | if(!imgCode.equals(sessionImpCode)) { |
|---|
| | | throw new OtpLoginFailException("驗證碼輸入錯誤"); |
|---|
| | | } |
|---|
| | | |
|---|
| | | session.setAttribute("img_code", null); |
|---|
| | | |
|---|
| | | OtpResponseDTO otpResponse; |
|---|
| | | if(applicationProperty.isMockLogin()) { |
|---|
| | | otpResponse = getMockSendOtpResponse(); |
|---|
| | |
|---|
| | | return ResponseEntity.status(HttpStatus.BAD_REQUEST).body("can not support this login type, loginType = " + login.getLoginType().name()); |
|---|
| | | } |
|---|
| | | otpTmpService.createOtpTmp(login.getAccount(), otpResponse.getIndexKey()); |
|---|
| | | |
|---|
| | | return new ResponseEntity<>(otpResponse, HttpStatus.OK); |
|---|
| | | } |
|---|
| | | |
|---|
| | | @AuditLoggingInject(type = CUSTOMER_LOGIN) |
|---|
| | | @PostMapping("/verify") |
|---|
| | | public ResponseEntity<UserJWTController.JWTToken> verifyOtp(@RequestBody VerifyOtpVM verifyOtpParam) { |
|---|
| | | public ResponseEntity<UserJWTController.JWTToken> verifyOtp(@RequestBody VerifyOtpVM verifyOtpParam |
|---|
| | | ) { |
|---|
| | | |
|---|
| | | otpUtilService.verifyOtp(verifyOtpParam); |
|---|
| | | |
|---|
| | | Customer customer = customerRepository |
|---|
