diff --git a/src/main/java/com/ffii/tsms/config/security/jwt/web/JwtAuthenticationController.java b/src/main/java/com/ffii/tsms/config/security/jwt/web/JwtAuthenticationController.java index 04e052a..ec08c8a 100644 --- a/src/main/java/com/ffii/tsms/config/security/jwt/web/JwtAuthenticationController.java +++ b/src/main/java/com/ffii/tsms/config/security/jwt/web/JwtAuthenticationController.java @@ -1,6 +1,7 @@ package com.ffii.tsms.config.security.jwt.web; import java.time.Instant; +import java.time.LocalDate; import java.util.HashSet; import java.util.Map; import java.util.Objects; @@ -78,8 +79,22 @@ public class JwtAuthenticationController { @PostMapping("/login") public ResponseEntity login(@RequestBody JwtRequest authenticationRequest, HttpServletRequest request) throws Exception { String username = authenticationRequest.getUsername(); + boolean success; try { - boolean success = authenticate(authenticationRequest.getUsername(), authenticationRequest.getPassword()); + success = authenticate(authenticationRequest.getUsername(), authenticationRequest.getPassword()); + final User user = userDetailsService.loadUserByUsername(authenticationRequest.getUsername()); + final Staff staff = staffRepository.findByUserId(user.getId()).orElse(null); + if (staff != null && staff.getDepartDate() != null) { + System.out.println(staff.getDepartDate()); + int checkDates = LocalDate.now().compareTo(staff.getDepartDate()); + System.out.println(checkDates); + success = checkDates <= 0; + if (!success) { + loginLogService.createLoginLog(username, request.getRemoteAddr(), success); + return ResponseEntity.status(HttpStatus.UNAUTHORIZED) + .body(new ExceptionResponse("Unauthorized","departed")); + } + } loginLogService.createLoginLog(username, request.getRemoteAddr(), success); } catch (Exception e) { if (username != null) {