From db15612798841319bafcb3ed4e77c7c013b9446f Mon Sep 17 00:00:00 2001
From: jack <jack.su@pollex.com.tw>
Date: 星期三, 25 十二月 2024 15:39:30 +0800
Subject: [PATCH] [UPDATE] 新增顧問登入OTP流程和文件
---
pamapi/src/main/java/com/pollex/pam/web/rest/EServiceResource.java | 26 ++++++++++----------------
1 files changed, 10 insertions(+), 16 deletions(-)
diff --git a/pamapi/src/main/java/com/pollex/pam/web/rest/EServiceResource.java b/pamapi/src/main/java/com/pollex/pam/web/rest/EServiceResource.java
index 6bb5f5e..349af27 100644
--- a/pamapi/src/main/java/com/pollex/pam/web/rest/EServiceResource.java
+++ b/pamapi/src/main/java/com/pollex/pam/web/rest/EServiceResource.java
@@ -34,7 +34,7 @@
@RestController
@RequestMapping("/api/eService")
public class EServiceResource {
-
+
private final static Logger log = LoggerFactory.getLogger(EServiceResource.class);
@@ -46,35 +46,35 @@
@Autowired
ConsultantService consultantService;
-
+
@Autowired
AesUtil aesUtil;
@AuditLoggingInject(type = CONSULTANT_LOGIN)
@PostMapping("/authenticate/{imgCode}")
- public ResponseEntity<UserJWTController.JWTToken> authorize(
+ public void authorize(
@RequestBody EServiceLoginVM eServiceLoginVM
, HttpServletResponse response, HttpServletRequest request,
@PathVariable String imgCode) throws Exception{
-
-
+
+
String paswword = aesUtil.aesDecode(eServiceLoginVM.getPassword());
if(!StringUtils.hasText(paswword)) {
throw new OtpLoginFailException("撖Ⅳ閫�撖仃���");
}
-
+
HttpSession session = request.getSession();
String sessionImpCode = (String) session.getAttribute("img_code");
-
+
if (!StringUtils.hasText(sessionImpCode)
|| !StringUtils.hasText(imgCode)) {
throw new OtpLoginFailException("撽�Ⅳ頛詨�隤�");
}
-
+
if(!imgCode.equals(sessionImpCode)) {
throw new OtpLoginFailException("撽�Ⅳ頛詨�隤�");
}
-
+
session.setAttribute("img_code", null);
EServiceAuthenticationToken authenticationToken = new EServiceAuthenticationToken(
eServiceLoginVM.getUsername(),
@@ -82,12 +82,6 @@
);
Authentication authentication = authenticationManagerBuilder.getObject().authenticate(authenticationToken);
- consultantService.updateLoginTime(eServiceLoginVM.getUsername());
- SecurityContextHolder.getContext().setAuthentication(authenticationToken);
-
- String jwt = tokenProvider.createToken(authentication, false);
- HttpHeaders httpHeaders = new HttpHeaders();
- httpHeaders.add(JWTFilter.AUTHORIZATION_HEADER, "Bearer" + jwt);
- return new ResponseEntity<>(new UserJWTController.JWTToken(jwt), httpHeaders, HttpStatus.OK);
+ session.setAttribute("authentication", authentication);
}
}
--
Gitblit v1.8.0