From c20ad0344ac58d2939cf9bdc4cd7006156f3fc62 Mon Sep 17 00:00:00 2001
From: wayne <wayne8692wayne8692@gmail.com>
Date: 星期四, 24 二月 2022 14:41:23 +0800
Subject: [PATCH] [add] [todo 135141] (local db需跑 02/21的sql) 新增稽核紀錄表，及15個會觸發的稽核紀錄位置

---
 pamapi/src/main/java/com/pollex/pam/web/rest/OtpResource.java |    6 +++++-
 1 files changed, 5 insertions(+), 1 deletions(-)

diff --git a/pamapi/src/main/java/com/pollex/pam/web/rest/OtpResource.java b/pamapi/src/main/java/com/pollex/pam/web/rest/OtpResource.java
index dbb8c05..e0cebb7 100644
--- a/pamapi/src/main/java/com/pollex/pam/web/rest/OtpResource.java
+++ b/pamapi/src/main/java/com/pollex/pam/web/rest/OtpResource.java
@@ -3,6 +3,7 @@
 import java.util.Arrays;
 import java.util.UUID;
 
+import com.pollex.pam.aop.logging.audit.AuditLoggingInject;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 import org.springframework.beans.factory.annotation.Autowired;
@@ -30,6 +31,8 @@
 import com.pollex.pam.service.dto.OtpResponseDTO;
 import com.pollex.pam.web.rest.vm.OtpLoginVM;
 import com.pollex.pam.web.rest.vm.VerifyOtpVM;
+
+import static com.pollex.pam.aop.logging.audit.AuditLoggingType.CUSTOMER_LOGIN;
 
 @RestController
 @RequestMapping("/api/otp")
@@ -81,6 +84,7 @@
         return new ResponseEntity<>(otpResponse, HttpStatus.OK);
     }
 
+    @AuditLoggingInject(type = CUSTOMER_LOGIN)
     @PostMapping("/verify")
     public ResponseEntity<UserJWTController.JWTToken> verifyOtp(@RequestBody VerifyOtpVM verifyOtpParam) {
     	otpUtilService.verifyOtp(verifyOtpParam);
@@ -90,7 +94,7 @@
     						.orElse(null);
 
     	if (customer == null) {
-    		return ResponseEntity.status(HttpStatus.UNAUTHORIZED).build();
+    		return ResponseEntity.status(HttpStatus.FORBIDDEN).build();
     	}
 
     	String jwt = customerAuthService.authorize(customer, verifyOtpParam.getIndexKey(), verifyOtpParam.getOtpCode());

--
Gitblit v1.8.0