From b832880e1fcf3307387d53106078498f68a95853 Mon Sep 17 00:00:00 2001
From: jack <jack.su@pollex.com.tw>
Date: 星期二, 05 三月 2024 16:59:02 +0800
Subject: [PATCH] 移除TestLoginResource

---
 pamapi/src/main/java/com/pollex/pam/web/rest/OtpResource.java |   37 ++++++++++++++++++++++---------------
 1 files changed, 22 insertions(+), 15 deletions(-)

diff --git a/pamapi/src/main/java/com/pollex/pam/web/rest/OtpResource.java b/pamapi/src/main/java/com/pollex/pam/web/rest/OtpResource.java
index 1bc84f9..609f1f1 100644
--- a/pamapi/src/main/java/com/pollex/pam/web/rest/OtpResource.java
+++ b/pamapi/src/main/java/com/pollex/pam/web/rest/OtpResource.java
@@ -34,6 +34,7 @@
 import com.pollex.pam.service.OtpWebService;
 import com.pollex.pam.business.service.dto.CustomerRegisterDTO;
 import com.pollex.pam.business.service.dto.OtpResponseDTO;
+import com.pollex.pam.business.web.errors.OtpLoginFailException;
 import com.pollex.pam.business.web.vm.OtpLoginVM;
 import com.pollex.pam.business.web.vm.VerifyOtpVM;
 
@@ -72,8 +73,24 @@
     @Autowired
     CustomerRepository customerRepository;
 
-    @PostMapping("/sendOtp")
-    public ResponseEntity<Object> sendOtp(@RequestBody OtpLoginVM login) {
+    @PostMapping("/sendOtp/{imgCode}")
+    public ResponseEntity<Object> sendOtp(@RequestBody OtpLoginVM login
+    		, @PathVariable String imgCode, HttpServletRequest request) {
+    	
+    	HttpSession session = request.getSession();
+    	String sessionImpCode = (String) session.getAttribute("img_code");
+    	
+    	if (!StringUtils.hasText(sessionImpCode)
+				|| !StringUtils.hasText(imgCode)) {
+    		throw new OtpLoginFailException("撽�Ⅳ頛詨�隤�");
+		}
+    	
+    	if(!imgCode.equals(sessionImpCode)) {
+    		throw new OtpLoginFailException("撽�Ⅳ頛詨�隤�");
+    	}
+    	
+    	session.setAttribute("img_code", null);
+    	
     	OtpResponseDTO otpResponse;
         if(applicationProperty.isMockLogin()) {
             otpResponse = getMockSendOtpResponse();
@@ -86,24 +103,14 @@
             return ResponseEntity.status(HttpStatus.BAD_REQUEST).body("can not support this login type, loginType = " + login.getLoginType().name());
         }
         otpTmpService.createOtpTmp(login.getAccount(), otpResponse.getIndexKey());
+        
         return new ResponseEntity<>(otpResponse, HttpStatus.OK);
     }
 
     @AuditLoggingInject(type = CUSTOMER_LOGIN)
-    @PostMapping("/verify/{imgCode}")
+    @PostMapping("/verify")
     public ResponseEntity<UserJWTController.JWTToken> verifyOtp(@RequestBody VerifyOtpVM verifyOtpParam
-    		, @PathVariable String imgCode, HttpServletRequest request) {
-    	HttpSession session = request.getSession();
-    	String sessionImpCode = (String) session.getAttribute("img_code");
-    	
-    	if (!StringUtils.hasText(sessionImpCode)
-				|| !StringUtils.hasText(imgCode)) {
-    		return ResponseEntity.status(HttpStatus.UNAUTHORIZED).build();
-		}
-    	
-    	if(!imgCode.equals(sessionImpCode)) {
-    		return ResponseEntity.status(HttpStatus.BAD_REQUEST).build();
-    	}
+    		) {
     	
     	otpUtilService.verifyOtp(verifyOtpParam);
 

--
Gitblit v1.8.0