Added support for checking product during authorization
This commit is contained in:
parent
073932748f
commit
69dbb5ea6e
4 changed files with 29 additions and 8 deletions
|
|
@ -134,9 +134,10 @@ public class SignalFacade {
|
||||||
|
|
||||||
try {
|
try {
|
||||||
// проверка авторизации
|
// проверка авторизации
|
||||||
if (!authorizationService.hasAuthorization(monitoringRequest.getUserId(), monitoringRequest.getPassword())) {
|
AuthorizationService.AuthResult authResult = authorizationService.findAuthInfo(monitoringRequest.getUserId(), monitoringRequest.getPassword());
|
||||||
|
if (!authResult.isSuccess()) {
|
||||||
signalService.rejectPackage(monitoringRequest);
|
signalService.rejectPackage(monitoringRequest);
|
||||||
return getBadResponse(SignalError.ERROR_005); // TODO расширить с возвращением отсутствия продукта
|
return getBadResponse(authResult.getError());
|
||||||
}
|
}
|
||||||
|
|
||||||
// проверка на уникальность пакета
|
// проверка на уникальность пакета
|
||||||
|
|
|
||||||
|
|
@ -3,9 +3,11 @@ package ru.nbch.credit_tracker.mapper.scoring;
|
||||||
import org.apache.ibatis.annotations.Mapper;
|
import org.apache.ibatis.annotations.Mapper;
|
||||||
import org.apache.ibatis.annotations.Param;
|
import org.apache.ibatis.annotations.Param;
|
||||||
|
|
||||||
|
import java.util.List;
|
||||||
|
|
||||||
@Mapper
|
@Mapper
|
||||||
public interface ModelUsersMapper {
|
public interface ModelUsersMapper {
|
||||||
|
|
||||||
boolean hasAuthorization(@Param("userId") String userId, @Param("password") String password, @Param("productCode") String productCode);
|
List<String> findUserProductCodes(@Param("userId") String userId, @Param("password") String password);
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|
|
||||||
|
|
@ -1,10 +1,14 @@
|
||||||
package ru.nbch.credit_tracker.service.scoring;
|
package ru.nbch.credit_tracker.service.scoring;
|
||||||
|
|
||||||
import jakarta.xml.bind.DatatypeConverter;
|
import jakarta.xml.bind.DatatypeConverter;
|
||||||
|
import lombok.AllArgsConstructor;
|
||||||
|
import lombok.Getter;
|
||||||
import org.springframework.stereotype.Service;
|
import org.springframework.stereotype.Service;
|
||||||
|
import ru.nbch.credit_tracker.enums.SignalError;
|
||||||
import ru.nbch.credit_tracker.mapper.scoring.ModelUsersMapper;
|
import ru.nbch.credit_tracker.mapper.scoring.ModelUsersMapper;
|
||||||
|
|
||||||
import java.security.MessageDigest;
|
import java.security.MessageDigest;
|
||||||
|
import java.util.List;
|
||||||
|
|
||||||
@Service
|
@Service
|
||||||
public class AuthorizationService {
|
public class AuthorizationService {
|
||||||
|
|
@ -17,9 +21,16 @@ public class AuthorizationService {
|
||||||
this.mapper = mapper;
|
this.mapper = mapper;
|
||||||
}
|
}
|
||||||
|
|
||||||
public boolean hasAuthorization(String userId, String password) throws Exception {
|
public AuthResult findAuthInfo(String userId, String password) throws Exception {
|
||||||
String hashedPassword = hashPassword(password);
|
String hashedPassword = hashPassword(password);
|
||||||
return mapper.hasAuthorization(userId, hashedPassword, SGNL_CODE);
|
List<String> productCodes = mapper.findUserProductCodes(userId, hashedPassword);
|
||||||
|
if (productCodes.isEmpty()) {
|
||||||
|
return new AuthResult(false, SignalError.ERROR_005);
|
||||||
|
}
|
||||||
|
if (productCodes.stream().noneMatch(productCode -> productCode.equals(SGNL_CODE))) {
|
||||||
|
return new AuthResult(false, SignalError.ERROR_006);
|
||||||
|
}
|
||||||
|
return new AuthResult(true, null);
|
||||||
}
|
}
|
||||||
|
|
||||||
private String hashPassword(String password) throws Exception {
|
private String hashPassword(String password) throws Exception {
|
||||||
|
|
@ -31,4 +42,11 @@ public class AuthorizationService {
|
||||||
throw new Exception("Unable to hash password", e);
|
throw new Exception("Unable to hash password", e);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@AllArgsConstructor
|
||||||
|
@Getter
|
||||||
|
public static class AuthResult {
|
||||||
|
private boolean success;
|
||||||
|
private SignalError error;
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|
|
||||||
|
|
@ -5,9 +5,9 @@
|
||||||
|
|
||||||
<mapper namespace="ru.nbch.credit_tracker.mapper.scoring.ModelUsersMapper">
|
<mapper namespace="ru.nbch.credit_tracker.mapper.scoring.ModelUsersMapper">
|
||||||
|
|
||||||
<select id="hasAuthorization" resultType="boolean">
|
<select id="findUserProductCodes" resultType="string">
|
||||||
SELECT COUNT(*) > 0
|
SELECT PRODUCT
|
||||||
FROM XMODEL_USERS
|
FROM XMODEL_USERS
|
||||||
WHERE USERNAME = #{userId} AND PASSWORD = #{password} AND PRODUCT = #{productCode}
|
WHERE USERNAME = #{userId} AND PASSWORD = #{password}
|
||||||
</select>
|
</select>
|
||||||
</mapper>
|
</mapper>
|
||||||
Loading…
Add table
Reference in a new issue