From bdcaac32492b5e6223fef4304f4d86403e877022 Mon Sep 17 00:00:00 2001
From: Jack <jack.su@pollex.com.tw>
Date: 星期五, 26 十一月 2021 18:33:11 +0800
Subject: [PATCH] [UPDATE] 調整註冊和OTP登入的流程

---
 pamapi/src/main/java/com/pollex/pam/security/provider/OtpAuthenticationProvider.java |   87 +++++++++++++------------------------------
 1 files changed, 27 insertions(+), 60 deletions(-)

diff --git a/pamapi/src/main/java/com/pollex/pam/security/provider/OtpAuthenticationProvider.java b/pamapi/src/main/java/com/pollex/pam/security/provider/OtpAuthenticationProvider.java
index 43138ce..100a2f8 100644
--- a/pamapi/src/main/java/com/pollex/pam/security/provider/OtpAuthenticationProvider.java
+++ b/pamapi/src/main/java/com/pollex/pam/security/provider/OtpAuthenticationProvider.java
@@ -1,33 +1,22 @@
 package com.pollex.pam.security.provider;
 
-import com.pollex.pam.config.ApplicationProperties;
-import com.pollex.pam.domain.Customer;
-import com.pollex.pam.domain.OtpTmp;
-import com.pollex.pam.enums.CustomerDetailEnum;
-import com.pollex.pam.enums.OtpLoginTypeEnum;
-import com.pollex.pam.enums.OtpTmpStatusEnum;
-import com.pollex.pam.repository.CustomerRepository;
-import com.pollex.pam.security.token.OtpAuthenticationToken;
-import com.pollex.pam.service.OtpTmpService;
-import com.pollex.pam.service.OtpWebService;
-import com.pollex.pam.service.dto.OtpResponseDTO;
-import com.pollex.pam.web.rest.vm.OtpAccount;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.security.authentication.AuthenticationCredentialsNotFoundException;
-import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
 import org.springframework.security.core.Authentication;
 import org.springframework.security.core.AuthenticationException;
-import org.springframework.security.core.GrantedAuthority;
-import org.springframework.security.core.authority.SimpleGrantedAuthority;
-import org.springframework.security.core.userdetails.UsernameNotFoundException;
 import org.springframework.stereotype.Component;
 
-import java.util.Arrays;
-import java.util.HashMap;
-import java.util.List;
-import java.util.Map;
+import com.pollex.pam.domain.Customer;
+import com.pollex.pam.domain.OtpTmp;
+import com.pollex.pam.enums.OtpTmpStatusEnum;
+import com.pollex.pam.repository.CustomerRepository;
+import com.pollex.pam.security.token.OtpAuthenticationToken;
+import com.pollex.pam.service.CustomerAuthService;
+import com.pollex.pam.service.OtpTmpService;
+import com.pollex.pam.service.OtpUtilService;
+import com.pollex.pam.web.rest.vm.OtpAccount;
 
 @Component
 public class OtpAuthenticationProvider {
@@ -35,16 +24,16 @@
     private static final Logger log = LoggerFactory.getLogger(OtpAuthenticationProvider.class);
 
     @Autowired
-    ApplicationProperties applicationProperty;
-
-    @Autowired
-    OtpWebService otpWebService;
-
+    CustomerAuthService customerAuthService;
+    
     @Autowired
     CustomerRepository customerRepository;
     
     @Autowired
     OtpTmpService otpTmpService;
+    
+    @Autowired
+    OtpUtilService otpUtilService;
 
     public Authentication authenticate(OtpAuthenticationToken otpAuthenticationToken) throws AuthenticationException {
         OtpAccount otpAccount = otpAuthenticationToken.getPrincipal();
@@ -52,23 +41,19 @@
         String indexKey = otpAccount.getIndexKey();
         String otpCode = otpAuthenticationToken.getCredentials();
 
-        if(applicationProperty.isMockLogin()){
-        	setVerrifiedOtpTmp(account, indexKey);
-            return getCustomerToken(account, otpCode, indexKey);
-        }
+        otpUtilService.verifyOtp(indexKey, otpCode);
+        
+    	setVerrifiedOtpTmp(account, indexKey);
+    	
+    	Customer customer = customerRepository.findOneByEmailEqualsOrPhoneEquals(account)
+    						.orElse(null);
+    	
+    	if (customer == null) {
+    		throw new AuthenticationCredentialsNotFoundException("");
+    	}
+    	
+    	return customerAuthService.buildCustomerAuthToken(customer, otpCode, indexKey);
 
-        try {
-            OtpResponseDTO otpResponseDTO = otpWebService.verifyOTP(indexKey, otpCode);
-            if(otpResponseDTO.isSuccess()) {
-            	setVerrifiedOtpTmp(account, indexKey);
-                return getCustomerToken(account, otpCode, indexKey);
-            }
-        } catch (Exception e) {
-            log.error("Exception: ", e);
-            throw new AuthenticationCredentialsNotFoundException("");
-        }
-
-        throw new AuthenticationCredentialsNotFoundException("");
     }
 
     private void setVerrifiedOtpTmp(String account, String indexKey) {
@@ -77,23 +62,5 @@
     	otpTmpService.save(otpTmp);
 	}
 
-	private UsernamePasswordAuthenticationToken getCustomerToken(String account
-    		, String otpCode, String indexKey) {
-    	
-    	
-    	// todo �摮�DB��撅祆迤撣貊鞊∴����畾essage����垢��脰�酉���
-        Customer customer = customerRepository.findOneByEmailEqualsOrPhoneEquals(account, account).orElseThrow(() -> new UsernameNotFoundException("this customer is not in register, account = " + account));
-
-        List<GrantedAuthority> grantedAuths = Arrays.asList(new SimpleGrantedAuthority("ROLE_USER"));
-        UsernamePasswordAuthenticationToken authenticationToken = new UsernamePasswordAuthenticationToken(account, otpCode, grantedAuths);
-
-        Map<String, String> details = new HashMap<>();
-        details.put(CustomerDetailEnum.ID.getValue(), customer.getId().toString());
-        details.put(CustomerDetailEnum.NAME.getValue(), customer.getName());
-        details.put(CustomerDetailEnum.ACCOUNT.getValue(), account);
-//        details.put(CustomerDetailEnum.CONTACT_TYPE.getValue(), customer.getContactType());
-        authenticationToken.setDetails(details);
-
-        return authenticationToken;
-    }
+		
 }

--
Gitblit v1.8.0