Added support for checking product during authorization

This commit is contained in:
Mikhail Trofimov 2025-06-16 13:31:57 +03:00
parent 073932748f
commit 69dbb5ea6e
4 changed files with 29 additions and 8 deletions

View file

@ -134,9 +134,10 @@ public class SignalFacade {
try {
// проверка авторизации
if (!authorizationService.hasAuthorization(monitoringRequest.getUserId(), monitoringRequest.getPassword())) {
AuthorizationService.AuthResult authResult = authorizationService.findAuthInfo(monitoringRequest.getUserId(), monitoringRequest.getPassword());
if (!authResult.isSuccess()) {
signalService.rejectPackage(monitoringRequest);
return getBadResponse(SignalError.ERROR_005); // TODO расширить с возвращением отсутствия продукта
return getBadResponse(authResult.getError());
}
// проверка на уникальность пакета

View file

@ -3,9 +3,11 @@ package ru.nbch.credit_tracker.mapper.scoring;
import org.apache.ibatis.annotations.Mapper;
import org.apache.ibatis.annotations.Param;
import java.util.List;
@Mapper
public interface ModelUsersMapper {
boolean hasAuthorization(@Param("userId") String userId, @Param("password") String password, @Param("productCode") String productCode);
List<String> findUserProductCodes(@Param("userId") String userId, @Param("password") String password);
}

View file

@ -1,10 +1,14 @@
package ru.nbch.credit_tracker.service.scoring;
import jakarta.xml.bind.DatatypeConverter;
import lombok.AllArgsConstructor;
import lombok.Getter;
import org.springframework.stereotype.Service;
import ru.nbch.credit_tracker.enums.SignalError;
import ru.nbch.credit_tracker.mapper.scoring.ModelUsersMapper;
import java.security.MessageDigest;
import java.util.List;
@Service
public class AuthorizationService {
@ -17,9 +21,16 @@ public class AuthorizationService {
this.mapper = mapper;
}
public boolean hasAuthorization(String userId, String password) throws Exception {
public AuthResult findAuthInfo(String userId, String password) throws Exception {
String hashedPassword = hashPassword(password);
return mapper.hasAuthorization(userId, hashedPassword, SGNL_CODE);
List<String> productCodes = mapper.findUserProductCodes(userId, hashedPassword);
if (productCodes.isEmpty()) {
return new AuthResult(false, SignalError.ERROR_005);
}
if (productCodes.stream().noneMatch(productCode -> productCode.equals(SGNL_CODE))) {
return new AuthResult(false, SignalError.ERROR_006);
}
return new AuthResult(true, null);
}
private String hashPassword(String password) throws Exception {
@ -31,4 +42,11 @@ public class AuthorizationService {
throw new Exception("Unable to hash password", e);
}
}
@AllArgsConstructor
@Getter
public static class AuthResult {
private boolean success;
private SignalError error;
}
}

View file

@ -5,9 +5,9 @@
<mapper namespace="ru.nbch.credit_tracker.mapper.scoring.ModelUsersMapper">
<select id="hasAuthorization" resultType="boolean">
SELECT COUNT(*) > 0
<select id="findUserProductCodes" resultType="string">
SELECT PRODUCT
FROM XMODEL_USERS
WHERE USERNAME = #{userId} AND PASSWORD = #{password} AND PRODUCT = #{productCode}
WHERE USERNAME = #{userId} AND PASSWORD = #{password}
</select>
</mapper>