From 742a32ec7169db793adb1efde6e2897e514a76fc Mon Sep 17 00:00:00 2001
From: jack <jack.su@pollex.com.tw>
Date: 星期一, 06 一月 2025 17:59:49 +0800
Subject: [PATCH] [UPDATE] 更新YML
---
pamapi/src/main/java/com/pollex/pam/web/rest/OtpResource.java | 96 ++++++++++++++++++++++++++++++++++++++++--------
1 files changed, 80 insertions(+), 16 deletions(-)
diff --git a/pamapi/src/main/java/com/pollex/pam/web/rest/OtpResource.java b/pamapi/src/main/java/com/pollex/pam/web/rest/OtpResource.java
index 98625a2..1176bc0 100644
--- a/pamapi/src/main/java/com/pollex/pam/web/rest/OtpResource.java
+++ b/pamapi/src/main/java/com/pollex/pam/web/rest/OtpResource.java
@@ -4,9 +4,14 @@
import java.util.UUID;
import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
import com.pollex.pam.business.aop.logging.audit.AuditLoggingInject;
+import com.pollex.pam.business.domain.Consultant;
+import com.pollex.pam.business.security.token.EServiceAuthenticationToken;
+import com.pollex.pam.business.service.ConsultantService;
+import com.pollex.pam.business.web.vm.EServiceLoginVM;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;
@@ -14,6 +19,8 @@
import org.springframework.http.HttpStatus;
import org.springframework.http.ResponseEntity;
import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
+import org.springframework.security.core.Authentication;
+import org.springframework.security.core.context.SecurityContextHolder;
import org.springframework.util.StringUtils;
import org.springframework.web.bind.annotation.PathVariable;
import org.springframework.web.bind.annotation.PostMapping;
@@ -38,6 +45,7 @@
import com.pollex.pam.business.web.vm.OtpLoginVM;
import com.pollex.pam.business.web.vm.VerifyOtpVM;
+import static com.pollex.pam.business.aop.logging.audit.AuditLoggingType.CONSULTANT_LOGIN;
import static com.pollex.pam.business.aop.logging.audit.AuditLoggingType.CUSTOMER_LOGIN;
@RestController
@@ -73,8 +81,27 @@
@Autowired
CustomerRepository customerRepository;
- @PostMapping("/sendOtp")
- public ResponseEntity<Object> sendOtp(@RequestBody OtpLoginVM login) {
+ @Autowired
+ ConsultantService consultantService;
+
+ @PostMapping("/sendOtp/{imgCode}")
+ public ResponseEntity<Object> sendOtp(@RequestBody OtpLoginVM login
+ , @PathVariable String imgCode, HttpServletRequest request) {
+
+ HttpSession session = request.getSession();
+ String sessionImpCode = (String) session.getAttribute("img_code");
+
+ if (!StringUtils.hasText(sessionImpCode)
+ || !StringUtils.hasText(imgCode)) {
+ throw new OtpLoginFailException("撽�Ⅳ頛詨�隤�");
+ }
+
+ if(!imgCode.equals(sessionImpCode)) {
+ throw new OtpLoginFailException("撽�Ⅳ頛詨�隤�");
+ }
+
+ session.setAttribute("img_code", null);
+
OtpResponseDTO otpResponse;
if(applicationProperty.isMockLogin()) {
otpResponse = getMockSendOtpResponse();
@@ -87,25 +114,15 @@
return ResponseEntity.status(HttpStatus.BAD_REQUEST).body("can not support this login type, loginType = " + login.getLoginType().name());
}
otpTmpService.createOtpTmp(login.getAccount(), otpResponse.getIndexKey());
+
return new ResponseEntity<>(otpResponse, HttpStatus.OK);
}
@AuditLoggingInject(type = CUSTOMER_LOGIN)
- @PostMapping("/verify/{imgCode}")
+ @PostMapping("/verify")
public ResponseEntity<UserJWTController.JWTToken> verifyOtp(@RequestBody VerifyOtpVM verifyOtpParam
- , @PathVariable String imgCode, HttpServletRequest request) {
- HttpSession session = request.getSession();
- String sessionImpCode = (String) session.getAttribute("img_code");
-
- if (!StringUtils.hasText(sessionImpCode)
- || !StringUtils.hasText(imgCode)) {
- throw new OtpLoginFailException("撽�Ⅳ頛詨�隤�");
- }
-
- if(!imgCode.equals(sessionImpCode)) {
- throw new OtpLoginFailException("撽�Ⅳ頛詨�隤�");
- }
-
+ ) {
+
otpUtilService.verifyOtp(verifyOtpParam);
Customer customer = customerRepository
@@ -136,5 +153,52 @@
return new ResponseEntity<>(new UserJWTController.JWTToken(jwt), httpHeaders, HttpStatus.OK);
}
+ @PostMapping("/consultant/sendOtp/{login}")
+ public ResponseEntity<Object> consultantSendOtp(@PathVariable String login) {
+ Consultant consultant = consultantService.findByAgentNo(login);
+ OtpResponseDTO otpResponse;
+ if(applicationProperty.isMockLogin()) {
+ otpResponse = getMockSendOtpResponse();
+ }else if(StringUtils.hasText(consultant.getPhoneNumber())) {
+ otpResponse = otpWebService.sendByPhone(consultant.getPhoneNumber());
+ }else if(StringUtils.hasText(consultant.getEmail())) {
+ otpResponse = otpWebService.sendByEmail(consultant.getEmail());
+ }else {
+ return ResponseEntity.status(HttpStatus.BAD_REQUEST).body("can not find phone and email to send otp, loginType = " + login);
+ }
+ otpTmpService.createOtpTmp(login, otpResponse.getIndexKey());
+
+ return new ResponseEntity<>(otpResponse, HttpStatus.OK);
+ }
+
+ @PostMapping("/consultant/verifyOtp")
+ public ResponseEntity<UserJWTController.JWTToken> consultantVerifyOtp(@RequestBody VerifyOtpVM verifyOtpParam
+ , HttpServletRequest request) {
+
+ HttpSession session = request.getSession();
+ Authentication authentication = (Authentication) session.getAttribute("authentication");
+ String authAccount = authentication.getPrincipal().toString();
+
+ if(!authAccount.equals(verifyOtpParam.getAccount())){
+ return ResponseEntity.status(HttpStatus.UNAUTHORIZED).build();
+ }
+
+ otpUtilService.verifyOtp(verifyOtpParam);
+ Consultant consultant = consultantService.findByAgentNo(verifyOtpParam.getAccount());
+
+ if (consultant == null) {
+ return ResponseEntity.status(HttpStatus.FORBIDDEN).build();
+ }
+
+ consultantService.updateLoginTime(verifyOtpParam.getAccount());
+ SecurityContextHolder.getContext().setAuthentication(authentication);
+
+ String jwt = tokenProvider.createToken(authentication, false);
+ HttpHeaders httpHeaders = new HttpHeaders();
+ httpHeaders.add(JWTFilter.AUTHORIZATION_HEADER, "Bearer" + jwt);
+ session.setAttribute("authentication", null);
+ return new ResponseEntity<>(new UserJWTController.JWTToken(jwt), httpHeaders, HttpStatus.OK);
+
+ }
}
--
Gitblit v1.8.0