From ae4db5435180c44b37f521c463b17f2023ac1d8c Mon Sep 17 00:00:00 2001
From: wayne <wayne8692wayne8692@gmail.com>
Date: 星期五, 18 二月 2022 09:25:50 +0800
Subject: [PATCH] [update] 若顧問停用時，將無法登入 (文案待確認)

---
 pamapi/src/main/java/com/pollex/pam/security/provider/OtpAuthenticationProvider.java |   86 ++++++++++---------------------------------
 1 files changed, 20 insertions(+), 66 deletions(-)

diff --git a/pamapi/src/main/java/com/pollex/pam/security/provider/OtpAuthenticationProvider.java b/pamapi/src/main/java/com/pollex/pam/security/provider/OtpAuthenticationProvider.java
index 43138ce..3802087 100644
--- a/pamapi/src/main/java/com/pollex/pam/security/provider/OtpAuthenticationProvider.java
+++ b/pamapi/src/main/java/com/pollex/pam/security/provider/OtpAuthenticationProvider.java
@@ -1,33 +1,20 @@
 package com.pollex.pam.security.provider;
 
-import com.pollex.pam.config.ApplicationProperties;
-import com.pollex.pam.domain.Customer;
-import com.pollex.pam.domain.OtpTmp;
-import com.pollex.pam.enums.CustomerDetailEnum;
-import com.pollex.pam.enums.OtpLoginTypeEnum;
-import com.pollex.pam.enums.OtpTmpStatusEnum;
-import com.pollex.pam.repository.CustomerRepository;
-import com.pollex.pam.security.token.OtpAuthenticationToken;
-import com.pollex.pam.service.OtpTmpService;
-import com.pollex.pam.service.OtpWebService;
-import com.pollex.pam.service.dto.OtpResponseDTO;
-import com.pollex.pam.web.rest.vm.OtpAccount;
+import com.pollex.pam.web.rest.errors.CustomerNotRegisteredException;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 import org.springframework.beans.factory.annotation.Autowired;
-import org.springframework.security.authentication.AuthenticationCredentialsNotFoundException;
-import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
 import org.springframework.security.core.Authentication;
 import org.springframework.security.core.AuthenticationException;
-import org.springframework.security.core.GrantedAuthority;
-import org.springframework.security.core.authority.SimpleGrantedAuthority;
-import org.springframework.security.core.userdetails.UsernameNotFoundException;
 import org.springframework.stereotype.Component;
 
-import java.util.Arrays;
-import java.util.HashMap;
-import java.util.List;
-import java.util.Map;
+import com.pollex.pam.domain.Customer;
+import com.pollex.pam.repository.CustomerRepository;
+import com.pollex.pam.security.token.OtpAuthenticationToken;
+import com.pollex.pam.service.CustomerAuthService;
+import com.pollex.pam.service.OtpTmpService;
+import com.pollex.pam.service.OtpUtilService;
+import com.pollex.pam.web.rest.vm.OtpAccount;
 
 @Component
 public class OtpAuthenticationProvider {
@@ -35,16 +22,16 @@
     private static final Logger log = LoggerFactory.getLogger(OtpAuthenticationProvider.class);
 
     @Autowired
-    ApplicationProperties applicationProperty;
-
-    @Autowired
-    OtpWebService otpWebService;
+    CustomerAuthService customerAuthService;
 
     @Autowired
     CustomerRepository customerRepository;
-    
+
     @Autowired
     OtpTmpService otpTmpService;
+
+    @Autowired
+    OtpUtilService otpUtilService;
 
     public Authentication authenticate(OtpAuthenticationToken otpAuthenticationToken) throws AuthenticationException {
         OtpAccount otpAccount = otpAuthenticationToken.getPrincipal();
@@ -52,48 +39,15 @@
         String indexKey = otpAccount.getIndexKey();
         String otpCode = otpAuthenticationToken.getCredentials();
 
-        if(applicationProperty.isMockLogin()){
-        	setVerrifiedOtpTmp(account, indexKey);
-            return getCustomerToken(account, otpCode, indexKey);
-        }
+        otpUtilService.verifyOtp(account, indexKey, otpCode);
+    	Customer customer = customerRepository.findOneByEmailEqualsOrPhoneEquals(account)
+    						.orElse(null);
 
-        try {
-            OtpResponseDTO otpResponseDTO = otpWebService.verifyOTP(indexKey, otpCode);
-            if(otpResponseDTO.isSuccess()) {
-            	setVerrifiedOtpTmp(account, indexKey);
-                return getCustomerToken(account, otpCode, indexKey);
-            }
-        } catch (Exception e) {
-            log.error("Exception: ", e);
-            throw new AuthenticationCredentialsNotFoundException("");
-        }
+    	if (customer == null) {
+    		throw new CustomerNotRegisteredException();
+    	}
 
-        throw new AuthenticationCredentialsNotFoundException("");
-    }
+    	return customerAuthService.buildCustomerAuthToken(customer, otpCode, indexKey);
 
-    private void setVerrifiedOtpTmp(String account, String indexKey) {
-    	OtpTmp otpTmp = otpTmpService.findByAccountAndIndexKey(account, indexKey);
-    	otpTmp.setStatus(OtpTmpStatusEnum.VERRIFIED);
-    	otpTmpService.save(otpTmp);
-	}
-
-	private UsernamePasswordAuthenticationToken getCustomerToken(String account
-    		, String otpCode, String indexKey) {
-    	
-    	
-    	// todo �摮�DB��撅祆迤撣貊鞊∴����畾essage����垢��脰�酉���
-        Customer customer = customerRepository.findOneByEmailEqualsOrPhoneEquals(account, account).orElseThrow(() -> new UsernameNotFoundException("this customer is not in register, account = " + account));
-
-        List<GrantedAuthority> grantedAuths = Arrays.asList(new SimpleGrantedAuthority("ROLE_USER"));
-        UsernamePasswordAuthenticationToken authenticationToken = new UsernamePasswordAuthenticationToken(account, otpCode, grantedAuths);
-
-        Map<String, String> details = new HashMap<>();
-        details.put(CustomerDetailEnum.ID.getValue(), customer.getId().toString());
-        details.put(CustomerDetailEnum.NAME.getValue(), customer.getName());
-        details.put(CustomerDetailEnum.ACCOUNT.getValue(), account);
-//        details.put(CustomerDetailEnum.CONTACT_TYPE.getValue(), customer.getContactType());
-        authenticationToken.setDetails(details);
-
-        return authenticationToken;
     }
 }

--
Gitblit v1.8.0