Added support for checking product during authorization
This commit is contained in:
parent
073932748f
commit
69dbb5ea6e
4 changed files with 29 additions and 8 deletions
|
|
@ -134,9 +134,10 @@ public class SignalFacade {
|
|||
|
||||
try {
|
||||
// проверка авторизации
|
||||
if (!authorizationService.hasAuthorization(monitoringRequest.getUserId(), monitoringRequest.getPassword())) {
|
||||
AuthorizationService.AuthResult authResult = authorizationService.findAuthInfo(monitoringRequest.getUserId(), monitoringRequest.getPassword());
|
||||
if (!authResult.isSuccess()) {
|
||||
signalService.rejectPackage(monitoringRequest);
|
||||
return getBadResponse(SignalError.ERROR_005); // TODO расширить с возвращением отсутствия продукта
|
||||
return getBadResponse(authResult.getError());
|
||||
}
|
||||
|
||||
// проверка на уникальность пакета
|
||||
|
|
|
|||
|
|
@ -3,9 +3,11 @@ package ru.nbch.credit_tracker.mapper.scoring;
|
|||
import org.apache.ibatis.annotations.Mapper;
|
||||
import org.apache.ibatis.annotations.Param;
|
||||
|
||||
import java.util.List;
|
||||
|
||||
@Mapper
|
||||
public interface ModelUsersMapper {
|
||||
|
||||
boolean hasAuthorization(@Param("userId") String userId, @Param("password") String password, @Param("productCode") String productCode);
|
||||
List<String> findUserProductCodes(@Param("userId") String userId, @Param("password") String password);
|
||||
|
||||
}
|
||||
|
|
|
|||
|
|
@ -1,10 +1,14 @@
|
|||
package ru.nbch.credit_tracker.service.scoring;
|
||||
|
||||
import jakarta.xml.bind.DatatypeConverter;
|
||||
import lombok.AllArgsConstructor;
|
||||
import lombok.Getter;
|
||||
import org.springframework.stereotype.Service;
|
||||
import ru.nbch.credit_tracker.enums.SignalError;
|
||||
import ru.nbch.credit_tracker.mapper.scoring.ModelUsersMapper;
|
||||
|
||||
import java.security.MessageDigest;
|
||||
import java.util.List;
|
||||
|
||||
@Service
|
||||
public class AuthorizationService {
|
||||
|
|
@ -17,9 +21,16 @@ public class AuthorizationService {
|
|||
this.mapper = mapper;
|
||||
}
|
||||
|
||||
public boolean hasAuthorization(String userId, String password) throws Exception {
|
||||
public AuthResult findAuthInfo(String userId, String password) throws Exception {
|
||||
String hashedPassword = hashPassword(password);
|
||||
return mapper.hasAuthorization(userId, hashedPassword, SGNL_CODE);
|
||||
List<String> productCodes = mapper.findUserProductCodes(userId, hashedPassword);
|
||||
if (productCodes.isEmpty()) {
|
||||
return new AuthResult(false, SignalError.ERROR_005);
|
||||
}
|
||||
if (productCodes.stream().noneMatch(productCode -> productCode.equals(SGNL_CODE))) {
|
||||
return new AuthResult(false, SignalError.ERROR_006);
|
||||
}
|
||||
return new AuthResult(true, null);
|
||||
}
|
||||
|
||||
private String hashPassword(String password) throws Exception {
|
||||
|
|
@ -31,4 +42,11 @@ public class AuthorizationService {
|
|||
throw new Exception("Unable to hash password", e);
|
||||
}
|
||||
}
|
||||
|
||||
@AllArgsConstructor
|
||||
@Getter
|
||||
public static class AuthResult {
|
||||
private boolean success;
|
||||
private SignalError error;
|
||||
}
|
||||
}
|
||||
|
|
|
|||
|
|
@ -5,9 +5,9 @@
|
|||
|
||||
<mapper namespace="ru.nbch.credit_tracker.mapper.scoring.ModelUsersMapper">
|
||||
|
||||
<select id="hasAuthorization" resultType="boolean">
|
||||
SELECT COUNT(*) > 0
|
||||
<select id="findUserProductCodes" resultType="string">
|
||||
SELECT PRODUCT
|
||||
FROM XMODEL_USERS
|
||||
WHERE USERNAME = #{userId} AND PASSWORD = #{password} AND PRODUCT = #{productCode}
|
||||
WHERE USERNAME = #{userId} AND PASSWORD = #{password}
|
||||
</select>
|
||||
</mapper>
|
||||
Loading…
Add table
Reference in a new issue