From d33fc7f1df66c1e451c5d79ab59a5bc9dce4e496 Mon Sep 17 00:00:00 2001
From: Tomas <tomasysh@gmail.com>
Date: 星期四, 14 九月 2023 18:01:18 +0800
Subject: [PATCH] Update: http 攔截器,檢查 base url 的檢查 method
---
pamapi/src/main/java/com/pollex/pam/service/OtpUtilService.java | 19 +++++++++++++++----
1 files changed, 15 insertions(+), 4 deletions(-)
diff --git a/pamapi/src/main/java/com/pollex/pam/service/OtpUtilService.java b/pamapi/src/main/java/com/pollex/pam/service/OtpUtilService.java
index ff21125..c8dc2af 100644
--- a/pamapi/src/main/java/com/pollex/pam/service/OtpUtilService.java
+++ b/pamapi/src/main/java/com/pollex/pam/service/OtpUtilService.java
@@ -35,10 +35,18 @@
@Transactional
public void verifyOtp(String account, String indexKey, String otpCode) {
- if (applicationProperty.isMockLogin()) {
+
+ OtpTmp otpTmp = otpTmpService.findByAccountAndIndexKey(account, indexKey);
+ if(otpTmp==null) {
+ log.info("otp login fail... , account = {}, indexKey = {}, failReason = {}", account, indexKey, "Index key and account field mismatch");
+ throw new OtpLoginFailException("otp error");
+ }
+
+ if (applicationProperty.isMockLogin()) {
log.debug("Do MockLogin");
} else { // otp logon
- OtpResponseDTO otpResponseDTO = otpWebService.verifyOTP(indexKey, otpCode);
+
+ OtpResponseDTO otpResponseDTO = otpWebService.verifyOTP(indexKey, otpCode);
if (otpResponseDTO.isSuccess()) {
log.info("otp login success!, account = {}", account);
}
@@ -52,8 +60,11 @@
private void setVerrifiedOtpTmp(String account, String indexKey) {
OtpTmp otpTmp = otpTmpService.findByAccountAndIndexKey(account, indexKey);
- otpTmp.setStatus(OtpTmpStatusEnum.VERRIFIED);
- otpTmpService.save(otpTmp);
+ if(otpTmp!=null) {
+ otpTmp.setStatus(OtpTmpStatusEnum.VERRIFIED);
+ otpTmpService.save(otpTmp);
+ }
+
}
--
Gitblit v1.8.0