[UPDATE] 客戶登入發送手機/email驗證碼的時候須加上img code驗證碼避免重複發送簡訊的問題

jack

2022-07-20 63a3c3c6b95630cce868fd193eaff1487de4ead7

[UPDATE] 客戶登入發送手機/email驗證碼的時候須加上img code驗證碼避免重複發送簡訊的問題

 pamapi/src/main/java/com/pollex/pam/web/rest/OtpResource.java

@@ -73,8 +73,23 @@
    @Autowired
    CustomerRepository customerRepository;

    @PostMapping("/sendOtp")
    public ResponseEntity<Object> sendOtp(@RequestBody OtpLoginVM login) {
    @PostMapping("/sendOtp/{imgCode}")
    public ResponseEntity<Object> sendOtp(@RequestBody OtpLoginVM login
            , @RequestBody VerifyOtpVM verifyOtpParam
            , @PathVariable String imgCode, HttpServletRequest request) {
    	
        HttpSession session = request.getSession();
        String sessionImpCode = (String) session.getAttribute("img_code");
    	
        if (!StringUtils.hasText(sessionImpCode)
                || !StringUtils.hasText(imgCode)) {
            throw new OtpLoginFailException("驗證碼輸入錯誤");
        }
    	
        if(!imgCode.equals(sessionImpCode)) {
            throw new OtpLoginFailException("驗證碼輸入錯誤");
        }
    	
        OtpResponseDTO otpResponse;
        if(applicationProperty.isMockLogin()) {
            otpResponse = getMockSendOtpResponse();
@@ -91,20 +106,10 @@
    }

    @AuditLoggingInject(type = CUSTOMER_LOGIN)
    @PostMapping("/verify/{imgCode}")
    @PostMapping("/verify")
    public ResponseEntity<UserJWTController.JWTToken> verifyOtp(@RequestBody VerifyOtpVM verifyOtpParam
            , @PathVariable String imgCode, HttpServletRequest request) {
        HttpSession session = request.getSession();
        String sessionImpCode = (String) session.getAttribute("img_code");
            ) {
        
        if (!StringUtils.hasText(sessionImpCode)
                || !StringUtils.hasText(imgCode)) {
            throw new OtpLoginFailException("驗證碼輸入錯誤");
        }
    	
        if(!imgCode.equals(sessionImpCode)) {
            throw new OtpLoginFailException("驗證碼輸入錯誤");
        }
        
        otpUtilService.verifyOtp(verifyOtpParam);