From b50be4ce1a51d66a54eb3edb144f72c735171e65 Mon Sep 17 00:00:00 2001
From: jack <jack.su@pollex.com.tw>
Date: 星期二, 05 九月 2023 11:58:53 +0800
Subject: [PATCH] [UPDATE] 解決弱點掃描Use of hard-coded cryptographic key問題, 須把key參數移動到設定檔

---
 pamapi/src/main/java/com/pollex/pam/service/CustomerService.java |   33 ++++++++++++++++++++++-----------
 1 files changed, 22 insertions(+), 11 deletions(-)

diff --git a/pamapi/src/main/java/com/pollex/pam/service/CustomerService.java b/pamapi/src/main/java/com/pollex/pam/service/CustomerService.java
index 79a086d..98af88a 100644
--- a/pamapi/src/main/java/com/pollex/pam/service/CustomerService.java
+++ b/pamapi/src/main/java/com/pollex/pam/service/CustomerService.java
@@ -2,25 +2,34 @@
 
 import java.util.Optional;
 
-import com.pollex.pam.security.SecurityUtils;
-import com.pollex.pam.service.dto.CustomerDTO;
-import com.pollex.pam.service.mapper.CustomerMapper;
+import com.pollex.pam.business.security.SecurityUtils;
+import com.pollex.pam.business.service.OtpTmpService;
+import com.pollex.pam.business.service.UsernameAlreadyUsedException;
+import com.pollex.pam.business.service.dto.CustomerDTO;
+import com.pollex.pam.business.service.mapper.CustomerMapper;
+
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.security.core.userdetails.UsernameNotFoundException;
 import org.springframework.stereotype.Service;
 import org.springframework.transaction.annotation.Transactional;
 
-import com.pollex.pam.domain.Customer;
-import com.pollex.pam.domain.OtpTmp;
-import com.pollex.pam.enums.OtpLoginTypeEnum;
-import com.pollex.pam.enums.OtpTmpStatusEnum;
-import com.pollex.pam.repository.CustomerRepository;
-import com.pollex.pam.service.dto.CustomerRegisterDTO;
-import com.pollex.pam.service.mapper.CustomerDTOMapper;
+import com.pollex.pam.business.domain.Customer;
+import com.pollex.pam.business.domain.OtpTmp;
+import com.pollex.pam.business.enums.DataFromEnum;
+import com.pollex.pam.business.enums.OtpLoginTypeEnum;
+import com.pollex.pam.business.enums.OtpTmpStatusEnum;
+import com.pollex.pam.business.repository.CustomerRepository;
+import com.pollex.pam.business.service.dto.CustomerRegisterDTO;
+import com.pollex.pam.business.service.mapper.CustomerDTOMapper;
 
 @Service
 @Transactional
 public class CustomerService {
+	
+	private static final Logger log = LoggerFactory.getLogger(CustomerService.class);
+
 
 	@Autowired
 	CustomerRepository customerRepository;
@@ -42,6 +51,7 @@
 	}
 
 	public Customer registerCustomer(CustomerRegisterDTO registDTO) {
+		
 		boolean isCustomerExist = checkCustomerExist(registDTO);
 		if(isCustomerExist) {
 			throw new UsernameAlreadyUsedException();
@@ -52,6 +62,7 @@
 			OtpTmp otpTmp = otpTmpService.findByAccountAndIndexKey(account, registDTO.getIndexKey());
 	    	if(otpTmp.getStatus() == OtpTmpStatusEnum.VERRIFIED) {
 	    		Customer customer = customerDTOMapper.toCustomer(registDTO);
+	    		customer.setDataFrom(DataFromEnum.PAM);
 	        	save(customer);
 	        	return customer;
 	    	}else {
@@ -88,7 +99,7 @@
 
 	private boolean checkCustomerExist(CustomerRegisterDTO registDTO) {
 		String account = getCustomerAccount(registDTO);
-		Optional<Customer> customer = customerRepository.findOneByEmailEqualsOrPhoneEquals(account, account);
+		Optional<Customer> customer = customerRepository.findOneByEmailEqualsOrPhoneEquals(account);
 		return customer.isPresent();
 	}
 }

--
Gitblit v1.8.0