From 0632b21db7576e4a223eb4f6ca09b650616222f2 Mon Sep 17 00:00:00 2001
From: Tomas <tomasysh@gmail.com>
Date: 星期三, 17 一月 2024 09:54:09 +0800
Subject: [PATCH] Fixed: 移除 lodash, @type/lodash 導致的 side-effect

---
 pamapi/src/main/java/com/pollex/pam/web/rest/EServiceResource.java |   44 ++++++++++++++++++++++++++------------------
 1 files changed, 26 insertions(+), 18 deletions(-)

diff --git a/pamapi/src/main/java/com/pollex/pam/web/rest/EServiceResource.java b/pamapi/src/main/java/com/pollex/pam/web/rest/EServiceResource.java
index 5fe8dc6..6bb5f5e 100644
--- a/pamapi/src/main/java/com/pollex/pam/web/rest/EServiceResource.java
+++ b/pamapi/src/main/java/com/pollex/pam/web/rest/EServiceResource.java
@@ -1,15 +1,10 @@
 package com.pollex.pam.web.rest;
 
-import com.pollex.pam.business.aop.logging.audit.AuditLoggingInject;
-import com.pollex.pam.business.service.ConsultantService;
-import com.pollex.pam.security.jwt.JWTFilter;
-import com.pollex.pam.security.jwt.TokenProvider;
+import static com.pollex.pam.business.aop.logging.audit.AuditLoggingType.CONSULTANT_LOGIN;
 
-import io.undertow.util.BadRequestException;
-
-import com.pollex.pam.business.security.token.EServiceAuthenticationToken;
-import com.pollex.pam.business.web.errors.OtpLoginFailException;
-import com.pollex.pam.business.web.vm.EServiceLoginVM;
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+import javax.servlet.http.HttpSession;
 
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
@@ -27,11 +22,14 @@
 import org.springframework.web.bind.annotation.RequestMapping;
 import org.springframework.web.bind.annotation.RestController;
 
-import static com.pollex.pam.business.aop.logging.audit.AuditLoggingType.CONSULTANT_LOGIN;
-
-import javax.servlet.http.HttpServletRequest;
-import javax.servlet.http.HttpServletResponse;
-import javax.servlet.http.HttpSession;
+import com.pollex.pam.business.aop.logging.audit.AuditLoggingInject;
+import com.pollex.pam.business.security.token.EServiceAuthenticationToken;
+import com.pollex.pam.business.service.ConsultantService;
+import com.pollex.pam.business.service.util.AesUtil;
+import com.pollex.pam.business.web.errors.OtpLoginFailException;
+import com.pollex.pam.business.web.vm.EServiceLoginVM;
+import com.pollex.pam.security.jwt.JWTFilter;
+import com.pollex.pam.security.jwt.TokenProvider;
 
 @RestController
 @RequestMapping("/api/eService")
@@ -48,13 +46,23 @@
 
     @Autowired
     ConsultantService consultantService;
+    
+    @Autowired
+    AesUtil aesUtil;
 
     @AuditLoggingInject(type = CONSULTANT_LOGIN)
     @PostMapping("/authenticate/{imgCode}")
     public ResponseEntity<UserJWTController.JWTToken> authorize(
     		@RequestBody EServiceLoginVM eServiceLoginVM
     		, HttpServletResponse response, HttpServletRequest request,
-			@PathVariable String imgCode) throws BadRequestException {
+			@PathVariable String imgCode) throws Exception{
+    	
+    	
+    	String paswword = aesUtil.aesDecode(eServiceLoginVM.getPassword());
+    	if(!StringUtils.hasText(paswword)) {
+    		throw new OtpLoginFailException("撖Ⅳ閫�撖仃���");
+    	}
+    	
     	HttpSession session = request.getSession();
     	String sessionImpCode = (String) session.getAttribute("img_code");
     	
@@ -67,10 +75,10 @@
     		throw new OtpLoginFailException("撽�Ⅳ頛詨�隤�");
     	}
     	
-    	
-        EServiceAuthenticationToken authenticationToken = new EServiceAuthenticationToken(
+    	session.setAttribute("img_code", null);
+    	EServiceAuthenticationToken authenticationToken = new EServiceAuthenticationToken(
             eServiceLoginVM.getUsername(),
-            eServiceLoginVM.getPassword()
+            paswword
         );
 
         Authentication authentication = authenticationManagerBuilder.getObject().authenticate(authenticationToken);

--
Gitblit v1.8.0