From 194b7ba68bcb9502c5e3a4d8ffd5fbe39c7e18aa Mon Sep 17 00:00:00 2001 From: Rafi Zadanly Date: Wed, 16 Nov 2022 11:53:54 +0700 Subject: improve token odoo security --- next.config.js | 1 + src/helpers/apiOdoo.js | 7 ++++--- src/pages/api/token.js | 10 ++++++++++ 3 files changed, 15 insertions(+), 3 deletions(-) create mode 100644 src/pages/api/token.js diff --git a/next.config.js b/next.config.js index 8c6659b9..4435ccba 100644 --- a/next.config.js +++ b/next.config.js @@ -12,6 +12,7 @@ const nextConfig = { return config }, env: { + SELF_HOST: 'http://localhost:3000', ODOO_HOST: 'https://erp.indoteknik.com', SOLR_HOST: 'http://34.101.189.218:8983' }, diff --git a/src/helpers/apiOdoo.js b/src/helpers/apiOdoo.js index b1e4ce6b..357f93eb 100644 --- a/src/helpers/apiOdoo.js +++ b/src/helpers/apiOdoo.js @@ -3,9 +3,9 @@ import { getCookie, setCookie } from 'cookies-next'; const axios = require('axios'); const renewToken = async () => { - let res = await axios.get(process.env.ODOO_HOST + '/api/token'); - setCookie('token', res.data.result); - return res.data.result; + let token = await axios.get(process.env.SELF_HOST + '/api/token'); + setCookie('token', token.data); + return token.data; }; const getToken = async () => { @@ -18,6 +18,7 @@ const getOdoo = async (url) => { try { let token = await getToken(); let res = await axios.get(process.env.ODOO_HOST + url, {headers: {Authorization: token}}); + if (res.data.status.code == 401) { await renewToken(); return getOdoo(url); diff --git a/src/pages/api/token.js b/src/pages/api/token.js new file mode 100644 index 00000000..ec048158 --- /dev/null +++ b/src/pages/api/token.js @@ -0,0 +1,10 @@ +import axios from "axios"; + +export default async function handler(req, res) { + try { + let result = await axios.get(process.env.ODOO_HOST + '/api/token'); + res.status(200).json(result.data.result); + } catch (error) { + res.status(400).json({ error: error.message }); + } +} \ No newline at end of file -- cgit v1.2.3