From 870dcd4f537565c418458776aef70593ffa5ec19 Mon Sep 17 00:00:00 2001
From: jack <jack.su@pollex.com.tw>
Date: 星期二, 29 八月 2023 11:34:20 +0800
Subject: [PATCH] [UPDATE] 解決滲透TLS問題 [UPDATE] 解決CSRF問題

---
 pamapi/src/main/java/com/pollex/pam/service/CustomerAuthService.java |   29 +++++++++++++----------------
 1 files changed, 13 insertions(+), 16 deletions(-)

diff --git a/pamapi/src/main/java/com/pollex/pam/service/CustomerAuthService.java b/pamapi/src/main/java/com/pollex/pam/service/CustomerAuthService.java
index aa9b5b4..e7d394c 100644
--- a/pamapi/src/main/java/com/pollex/pam/service/CustomerAuthService.java
+++ b/pamapi/src/main/java/com/pollex/pam/service/CustomerAuthService.java
@@ -15,26 +15,26 @@
 import org.springframework.stereotype.Service;
 import org.springframework.transaction.annotation.Transactional;
 
-import com.pollex.pam.domain.Customer;
-import com.pollex.pam.enums.CustomerDetailEnum;
-import com.pollex.pam.repository.CustomerRepository;
+import com.pollex.pam.business.domain.Customer;
+import com.pollex.pam.business.enums.CustomerDetailEnum;
+import com.pollex.pam.business.repository.CustomerRepository;
 import com.pollex.pam.security.jwt.TokenProvider;
 import com.pollex.pam.security.token.OtpAuthenticationToken;
-import com.pollex.pam.web.rest.vm.OtpAccount;
+import com.pollex.pam.business.web.vm.OtpAccount;
 
 @Service
 @Transactional
 public class CustomerAuthService {
-	
+
 	@Autowired
     AuthenticationManagerBuilder authenticationManagerBuilder;
-	
+
 	@Autowired
     CustomerRepository customerRepository;
 
     @Autowired
     TokenProvider tokenProvider;
-    
+
 	public String authorize(Customer account, String indexKey, String otpCode) {
 		OtpAccount otpAccount = OtpAccount.createOtpAccount(account, indexKey);
         OtpAuthenticationToken authenticationToken = new OtpAuthenticationToken(
@@ -43,26 +43,23 @@
         );
 
         SecurityContextHolder.getContext().setAuthentication(authenticationToken);
-        
+
         Authentication authentication = buildCustomerAuthToken(account, otpCode, indexKey);
         String jwt = tokenProvider.createToken(authentication, false);
         return jwt;
 	}
-	
+
 	public UsernamePasswordAuthenticationToken buildCustomerAuthToken(Customer customer
     		, String otpCode, String indexKey) {
-    	
+
         List<GrantedAuthority> grantedAuths = Arrays.asList(new SimpleGrantedAuthority("ROLE_USER"));
-        
+
         final String account = customer.toAccountString();
-        UsernamePasswordAuthenticationToken authenticationToken = 
+        UsernamePasswordAuthenticationToken authenticationToken =
         		new UsernamePasswordAuthenticationToken(account, otpCode, grantedAuths);
 
         Map<String, String> details = new HashMap<>();
-        details.put(CustomerDetailEnum.ID.getValue(), customer.getId().toString());
-        details.put(CustomerDetailEnum.NAME.getValue(), customer.getName());
-        details.put(CustomerDetailEnum.ACCOUNT.getValue(), account);
-//        details.put(CustomerDetailEnum.CONTACT_TYPE.getValue(), customer.getContactType());
+        details.put(CustomerDetailEnum.DB_ID.getValue(), customer.getId().toString());
         authenticationToken.setDetails(details);
 
         return authenticationToken;

--
Gitblit v1.8.0