From ae4db5435180c44b37f521c463b17f2023ac1d8c Mon Sep 17 00:00:00 2001
From: wayne <wayne8692wayne8692@gmail.com>
Date: 星期五, 18 二月 2022 09:25:50 +0800
Subject: [PATCH] [update] 若顧問停用時,將無法登入 (文案待確認)
---
pamapi/src/main/java/com/pollex/pam/web/rest/OtpResource.java | 128 ++++++++++++++++++++++++------------------
1 files changed, 73 insertions(+), 55 deletions(-)
diff --git a/pamapi/src/main/java/com/pollex/pam/web/rest/OtpResource.java b/pamapi/src/main/java/com/pollex/pam/web/rest/OtpResource.java
index bb55739..883c80a 100644
--- a/pamapi/src/main/java/com/pollex/pam/web/rest/OtpResource.java
+++ b/pamapi/src/main/java/com/pollex/pam/web/rest/OtpResource.java
@@ -1,15 +1,9 @@
package com.pollex.pam.web.rest;
-import com.pollex.pam.config.ApplicationProperties;
-import com.pollex.pam.security.jwt.JWTFilter;
-import com.pollex.pam.security.jwt.TokenProvider;
-import com.pollex.pam.security.token.OtpAuthenticationToken;
-import com.pollex.pam.service.OtpWebService;
-import com.pollex.pam.service.dto.OtpResponseDTO;
-import com.pollex.pam.web.rest.vm.OtpAccount;
-import com.pollex.pam.web.rest.vm.OtpEmailLoginVM;
-import com.pollex.pam.web.rest.vm.OtpSMSLoginVM;
-import com.pollex.pam.web.rest.vm.VerifyOtpVM;
+import java.util.Arrays;
+import java.util.UUID;
+
+import com.pollex.pam.web.rest.errors.CustomerNotRegisteredException;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;
@@ -17,19 +11,26 @@
import org.springframework.http.HttpStatus;
import org.springframework.http.ResponseEntity;
import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
-import org.springframework.security.core.Authentication;
-import org.springframework.security.core.context.SecurityContextHolder;
-import org.springframework.web.bind.annotation.*;
+import org.springframework.web.bind.annotation.PostMapping;
+import org.springframework.web.bind.annotation.RequestBody;
+import org.springframework.web.bind.annotation.RequestMapping;
+import org.springframework.web.bind.annotation.RestController;
-import javax.xml.rpc.ServiceException;
-import java.nio.charset.Charset;
-import java.nio.charset.StandardCharsets;
-import java.rmi.RemoteException;
-import java.util.Arrays;
-import java.util.Random;
-import java.util.UUID;
-
-import static java.nio.charset.StandardCharsets.UTF_8;
+import com.pollex.pam.config.ApplicationProperties;
+import com.pollex.pam.domain.Customer;
+import com.pollex.pam.enums.OtpLoginTypeEnum;
+import com.pollex.pam.repository.CustomerRepository;
+import com.pollex.pam.security.jwt.JWTFilter;
+import com.pollex.pam.security.jwt.TokenProvider;
+import com.pollex.pam.service.CustomerAuthService;
+import com.pollex.pam.service.CustomerService;
+import com.pollex.pam.service.OtpTmpService;
+import com.pollex.pam.service.OtpUtilService;
+import com.pollex.pam.service.OtpWebService;
+import com.pollex.pam.service.dto.CustomerRegisterDTO;
+import com.pollex.pam.service.dto.OtpResponseDTO;
+import com.pollex.pam.web.rest.vm.OtpLoginVM;
+import com.pollex.pam.web.rest.vm.VerifyOtpVM;
@RestController
@RequestMapping("/api/otp")
@@ -49,52 +50,69 @@
@Autowired
TokenProvider tokenProvider;
- @PostMapping("/byPhone")
- public ResponseEntity<Object> sendOtpByPhone(@RequestBody OtpSMSLoginVM login) {
- try {
- if(applicationProperty.isMockLogin()) {
- return new ResponseEntity<>(getMockOtpResponse(), HttpStatus.OK);
- }
+ @Autowired
+ CustomerAuthService customerAuthService;
- OtpResponseDTO otpResponseDTO = otpWebService.sendByPhone(login.getPhone());
- return new ResponseEntity<>(otpResponseDTO, HttpStatus.OK);
- } catch (ServiceException | RemoteException e) {
- return ResponseEntity.status(HttpStatus.INTERNAL_SERVER_ERROR).body("connecting otp web service error");
+ @Autowired
+ OtpTmpService otpTmpService;
+
+ @Autowired
+ CustomerService customerService;
+
+ @Autowired
+ OtpUtilService otpUtilService;
+
+ @Autowired
+ CustomerRepository customerRepository;
+
+ @PostMapping("/sendOtp")
+ public ResponseEntity<Object> sendOtp(@RequestBody OtpLoginVM login) {
+ OtpResponseDTO otpResponse;
+ if(applicationProperty.isMockLogin()) {
+ otpResponse = getMockSendOtpResponse();
+ }else if(login.getLoginType() == OtpLoginTypeEnum.SMS) {
+ otpResponse = otpWebService.sendByPhone(login.getAccount());
}
- }
-
- @PostMapping("/byEmail")
- public ResponseEntity<Object> sendOtpByEmail(@RequestBody OtpEmailLoginVM login) {
- try {
- if(applicationProperty.isMockLogin()) {
- return new ResponseEntity<>(getMockOtpResponse(), HttpStatus.OK);
- }
-
- OtpResponseDTO otpResponseDTO = otpWebService.sendByEmail(login.getEmail());
- return new ResponseEntity<>(otpResponseDTO, HttpStatus.OK);
- } catch (ServiceException | RemoteException e) {
- return ResponseEntity.status(HttpStatus.INTERNAL_SERVER_ERROR).body("connecting otp web service error");
+ else if(login.getLoginType() == OtpLoginTypeEnum.EMAIL) {
+ otpResponse = otpWebService.sendByEmail(login.getAccount());
+ }else {
+ return ResponseEntity.status(HttpStatus.BAD_REQUEST).body("can not support this login type, loginType = " + login.getLoginType().name());
}
+ otpTmpService.createOtpTmp(login.getAccount(), otpResponse.getIndexKey());
+ return new ResponseEntity<>(otpResponse, HttpStatus.OK);
}
@PostMapping("/verify")
public ResponseEntity<UserJWTController.JWTToken> verifyOtp(@RequestBody VerifyOtpVM verifyOtpParam) {
- OtpAccount otpAccount = new OtpAccount(verifyOtpParam.getAccount(), verifyOtpParam.getIndexKey());
- OtpAuthenticationToken authenticationToken = new OtpAuthenticationToken(
- otpAccount,
- verifyOtpParam.getOtpCode()
- );
+ otpUtilService.verifyOtp(verifyOtpParam);
- Authentication authentication = authenticationManagerBuilder.getObject().authenticate(authenticationToken);
- SecurityContextHolder.getContext().setAuthentication(authenticationToken);
- String jwt = tokenProvider.createToken(authentication, false);
+ Customer customer = customerRepository
+ .findOneByEmailEqualsOrPhoneEquals(verifyOtpParam.getAccount())
+ .orElse(null);
+
+ if (customer == null) {
+ return ResponseEntity.status(HttpStatus.FORBIDDEN).build();
+ }
+
+ String jwt = customerAuthService.authorize(customer, verifyOtpParam.getIndexKey(), verifyOtpParam.getOtpCode());
HttpHeaders httpHeaders = new HttpHeaders();
httpHeaders.add(JWTFilter.AUTHORIZATION_HEADER, "Bearer" + jwt);
return new ResponseEntity<>(new UserJWTController.JWTToken(jwt), httpHeaders, HttpStatus.OK);
}
- private OtpResponseDTO getMockOtpResponse() {
+ private OtpResponseDTO getMockSendOtpResponse() {
String indexKey = UUID.randomUUID().toString().substring(0, 8);
- return new OtpResponseDTO(new String[]{indexKey, "0", "", ""});
+ return new OtpResponseDTO(Arrays.asList(indexKey, "0", "", ""));
}
+
+ @PostMapping("/register")
+ public ResponseEntity<UserJWTController.JWTToken> registerAccount(@RequestBody CustomerRegisterDTO registDTO) {
+ Customer account = customerService.registerCustomer(registDTO);
+ String jwt = customerAuthService.authorize(account, registDTO.getIndexKey(), registDTO.getOtpCode());
+ HttpHeaders httpHeaders = new HttpHeaders();
+ httpHeaders.add(JWTFilter.AUTHORIZATION_HEADER, "Bearer" + jwt);
+ return new ResponseEntity<>(new UserJWTController.JWTToken(jwt), httpHeaders, HttpStatus.OK);
+ }
+
+
}
--
Gitblit v1.8.0