diff options
| author | IT Fixcomart <it@fixcomart.co.id> | 2023-11-21 06:06:39 +0000 |
|---|---|---|
| committer | IT Fixcomart <it@fixcomart.co.id> | 2023-11-21 06:06:39 +0000 |
| commit | 866a2f8dfc5b6628a5ddc5ed88de2a0586ba4761 (patch) | |
| tree | f05202c538dc56d6d09cf84ad2fbd8addae635e9 | |
| parent | 7ba598c8ac2a707e93134e97f34b8668a530fd17 (diff) | |
| parent | cc9c34431ec16a493808a307405b772d83f4edc8 (diff) | |
Merged in cr/auth (pull request #130)
Cr/auth
| -rw-r--r-- | indoteknik_api/controllers/api_v1/user.py | 99 | ||||
| -rwxr-xr-x | indoteknik_custom/__manifest__.py | 1 | ||||
| -rwxr-xr-x | indoteknik_custom/models/res_users.py | 33 | ||||
| -rw-r--r-- | indoteknik_custom/models/voucher.py | 3 | ||||
| -rw-r--r-- | indoteknik_custom/views/res_users.xml | 63 | ||||
| -rwxr-xr-x | indoteknik_custom/views/voucher.xml | 1 |
6 files changed, 176 insertions, 24 deletions
diff --git a/indoteknik_api/controllers/api_v1/user.py b/indoteknik_api/controllers/api_v1/user.py index 2848f347..9b89e82c 100644 --- a/indoteknik_api/controllers/api_v1/user.py +++ b/indoteknik_api/controllers/api_v1/user.py @@ -104,17 +104,29 @@ class User(controller.Controller): password = kw.get('password') if not name or not email or not password: return self.response(code=400, description='email, name and password is required') + + company = kw.get('company', False) + phone = kw.get('phone') + + response = { + 'register': False, + 'reason': None + } user = self.get_user_by_email(email) if user: - return self.response({ - 'register': False, - 'reason': 'EMAIL_USED' - }) + if user.active: + response['reason'] = 'EMAIL_USED' + else: + user.send_activation_mail() + response['reason'] = 'NOT_ACTIVE' + + return self.response(response) user_data = { 'name': name, 'login': email, + 'phone': phone, 'password': password, 'active': False, 'sel_groups_1_9_10': 9 @@ -123,18 +135,15 @@ class User(controller.Controller): user = request.env['res.users'].create(user_data) user.partner_id.email = email - company = kw.get('company', False) if company: parameter = [ ('company_type', '=', 'company'), ('name', 'ilike', company) ] - match_company = request.env['res.partner'].search( - parameter, limit=1) + match_company = request.env['res.partner'].search(parameter, limit=1) match_ratio = 0 if match_company: - match_ratio = SequenceMatcher( - None, match_company.name, company).ratio() + match_ratio = SequenceMatcher(None, match_company.name, company).ratio() if match_ratio > 0.8: request.env['user.company.request'].create({ 'user_id': user.partner_id.id, @@ -147,27 +156,33 @@ class User(controller.Controller): }) user.parent_id = new_company.id - return self.response({'register': True}) + user.send_activation_mail() + + response['register'] = True + return self.response(response) @http.route(prefix + 'user/activation-request', auth='public', methods=['POST'], csrf=False) @controller.Controller.must_authorized() def request_activation_user(self, **kw): email = kw.get('email') + response = { + 'activation_request': False, + 'reason': None + } + user = self.get_user_by_email(email) if not user: - return self.response({'activation_request': False, 'reason': 'NOT_FOUND'}) + response['reason'] = 'NOT_FOUND' + return self.response(response) if user.active: - return self.response({'activation_request': False, 'reason': 'ACTIVE'}) + response['reason'] = 'ACTIVE' + return self.response(response) - token_source = string.ascii_letters + string.digits - user.activation_token = ''.join( - random.choice(token_source) for i in range(21)) - return self.response({ - 'activation_request': True, - 'token': user.activation_token, - 'user': request.env['res.users'].api_single_response(user) - }) + user.send_activation_mail() + + response['activation_request'] = True + return self.response(response) @http.route(prefix + 'user/activation', auth='public', methods=['POST'], csrf=False) @controller.Controller.must_authorized() @@ -175,18 +190,54 @@ class User(controller.Controller): token = kw.get('token') if not token: return self.response(code=400, description='token is required') + + response = { + 'activation': False, + 'reason': None, + 'user': None + } - user = request.env['res.users'].search( - [('activation_token', '=', token), ('active', '=', False)], limit=1) + user = request.env['res.users'].search([('activation_token', '=', token), ('active', '=', False)], limit=1) if not user: - return self.response({'activation': False, 'reason': 'INVALID_TOKEN'}) + response['reason'] = 'INVALID_TOKEN' + return self.response(response) user.active = True user.activation_token = '' - return self.response({ + response.update({ + 'activation': True, + 'user': self.response_with_token(user) + }) + return self.response(response) + + @http.route(prefix + 'user/activation-token', auth='public', methods=['POST'], csrf=False) + @controller.Controller.must_authorized() + def activation_user_with_token(self, **kw): + return self.activation_user(**kw) + + @http.route(prefix + 'user/activation-otp', auth='public', methods=['POST'], csrf=False) + @controller.Controller.must_authorized() + def activation_user_with_otp(self, **kw): + email = kw.get('email') + otp = kw.get('otp') + + response = { + 'activation': False, + 'reason': None, + 'user': None + } + + user = self.get_user_by_email(email) + if user.otp_code != otp: + response['reason'] = 'INVALID_OTP' + return self.response(response) + + user.active = True + response.update({ 'activation': True, 'user': self.response_with_token(user) }) + return self.response(response) @http.route(prefix + 'user/forgot-password', auth='public', methods=['POST'], csrf=False) @controller.Controller.must_authorized() diff --git a/indoteknik_custom/__manifest__.py b/indoteknik_custom/__manifest__.py index bab86aab..bc11b346 100755 --- a/indoteknik_custom/__manifest__.py +++ b/indoteknik_custom/__manifest__.py @@ -99,6 +99,7 @@ 'views/quotation_so_multi_update.xml', 'views/stock_move_line.xml', 'views/product_monitoring.xml', + 'views/res_users.xml', 'views/account_bank_statement.xml', 'views/stock_warehouse_orderpoint.xml', 'views/customer_commision.xml', diff --git a/indoteknik_custom/models/res_users.py b/indoteknik_custom/models/res_users.py index 7f94771f..09321fc6 100755 --- a/indoteknik_custom/models/res_users.py +++ b/indoteknik_custom/models/res_users.py @@ -1,4 +1,7 @@ from odoo import models, fields +from datetime import datetime +from pytz import UTC +import random, string class ResUsers(models.Model): @@ -6,3 +9,33 @@ class ResUsers(models.Model): reset_password_token = fields.Char(string="Reset Password Token") activation_token = fields.Char(string="Activation Token") + otp_code = fields.Char(string='OTP Code') + otp_create_date = fields.Datetime(string='OTP Create Date') + + def _generate_otp(self): + for user in self: + user.otp_code = '{:04d}'.format(random.randint(0, 9999)) + user.otp_create_date = fields.Datetime.now() + + def _generate_activation_token(self): + for user in self: + token_source = string.ascii_letters + string.digits + user.activation_token = ''.join(random.choice(token_source) for i in range(21)) + + def send_activation_mail(self): + template = self.env.ref('indoteknik_custom.mail_template_res_user_activation_request') + for user in self: + user._generate_otp() + user._generate_activation_token() + template.send_mail(user.id, force_send=True) + + def get_activation_token_url(self): + base_url = self.env['ir.config_parameter'].get_param('site.base.url') + return f'{base_url}/register?activation=token&token={self.activation_token}' + + def get_voucher_code(self, type): + if type == 'activation': + vouchers = self.env['voucher'].get_active_voucher([('show_on_email', '=', 'user_activation')]) + if not vouchers: return None + return ', '.join(x.code for x in vouchers) + return None diff --git a/indoteknik_custom/models/voucher.py b/indoteknik_custom/models/voucher.py index 2eedc861..588e9ac5 100644 --- a/indoteknik_custom/models/voucher.py +++ b/indoteknik_custom/models/voucher.py @@ -55,6 +55,9 @@ class Voucher(models.Model): ('brand', "Selected product brand"), ]) count_order = fields.Integer(string='Count Order', compute='_compute_count_order') + show_on_email = fields.Selection([ + ('user_activation', 'User Activation') + ], 'Show on Email') @api.constrains('description') def _check_description_length(self): diff --git a/indoteknik_custom/views/res_users.xml b/indoteknik_custom/views/res_users.xml new file mode 100644 index 00000000..976f46c9 --- /dev/null +++ b/indoteknik_custom/views/res_users.xml @@ -0,0 +1,63 @@ +<odoo> + <data> + <record id="mail_template_res_user_activation_request" model="mail.template"> + <field name="name">Users: Activation Request</field> + <field name="model_id" ref="base.model_res_users"/> + <field name="subject">Aktivasi Akun - Indoteknik.com</field> + <field name="email_from">sales@indoteknik.com</field> + <field name="email_to">${object.login | safe}</field> + <field name="body_html" type="html"> + <table border="0" cellpadding="0" cellspacing="0" style="padding-top: 16px; background-color: #F1F1F1; font-family:Inter, Helvetica, Verdana, Arial,sans-serif; line-height: 24px; color: #454748; width: 100%; border-collapse:separate;"> + <tr><td align="center"> + <table border="0" cellpadding="0" cellspacing="0" width="590" style="font-size: 13px; padding: 16px; background-color: white; color: #454748; border-collapse:separate;"> + <!-- HEADER --> + <tbody> + <tr> + <td align="center" style="min-width: 590px;"> + <table border="0" cellpadding="0" cellspacing="0" width="590" style="min-width: 590px; background-color: white; padding: 0px 8px 0px 8px; border-collapse:separate;"> + <tr> + <td valign="middle"> + <span></span> + </td> + </tr> + + <tr> + <td colspan="2" style="text-align:center;"> + <hr width="100%" style="background-color:rgb(204,204,204);border:medium none;clear:both;display:block;font-size:0px;min-height:1px;line-height:0; margin: 16px 0px 16px 0px;" /> + </td> + </tr> + </table> + </td> + </tr> + <!-- CONTENT --> + <tr> + <td align="center" style="min-width: 590px;"> + <table border="0" cellpadding="0" cellspacing="0" width="590" style="min-width: 590px; background-color: white; padding: 0px 8px 0px 8px; border-collapse:separate;"> + <tr><td style="padding-bottom: 24px;">Dear ${object.name},</td></tr> + + <tr><td style="padding-bottom: 16px;">Kami senang Anda bergabung dengan Indoteknik.</td></tr> + <tr><td style="padding-bottom: 16px;">Untuk mengaktifkan akun anda salin kode OTP berikut <strong>${object.otp_code}</strong>, lalu masukan pada kolom yang disediakan pada website Indoteknik.com</td></tr> + <tr><td style="padding-bottom: 16px;">Atau anda dapat klik tautan berikut: <a href="${object.get_activation_token_url() | safe}">Aktivasi akun</a></td></tr> + <tr><td style="padding-bottom: 16px;">Jika anda mengalami kesulitan atau memiliki pertanyaan, hubungi tim dukungan kami melalui email <a href="mailto:sales@indoteknik.com">sales@indoteknik.com</a></td></tr> + <tr><td style="padding-bottom: 16px;">Gunakan kode voucher berikut untuk mendapatkan diskon belanja hingga 10 juta: <strong>${object.get_voucher_code('activation')}</strong></td></tr> + + <tr><td style="padding-bottom: 2px;">Hormat kami,</td></tr> + <tr><td style="padding-bottom: 2px;">PT. Indoteknik Dotcom Gemilang</td></tr> + <tr> + <td style="text-align:center;"> + <hr width="100%" + style="background-color:rgb(204,204,204);border:medium none;clear:both;display:block;font-size:0px;min-height:1px;line-height:0; margin: 16px 0px 16px 0px;" /> + </td> + </tr> + </table> + </td> + </tr> + <!-- CONTENT --> + </tbody> + </table> + </td></tr> + </table> + </field> + </record> + </data> +</odoo>
\ No newline at end of file diff --git a/indoteknik_custom/views/voucher.xml b/indoteknik_custom/views/voucher.xml index b8489942..71c0df0b 100755 --- a/indoteknik_custom/views/voucher.xml +++ b/indoteknik_custom/views/voucher.xml @@ -35,6 +35,7 @@ <field name="limit" required="1"/> <field name="limit_user" required="1"/> <field name="apply_type" required="1" /> + <field name="show_on_email" /> <field name="excl_pricelist_ids" widget="many2many_tags" domain="[('id', 'in', [4, 15037, 15038, 15039, 17023, 17024, 17025, 17026,17027])]"/> </group> <group string="Discount Settings" attrs="{'invisible': [('apply_type', '!=', 'all')]}"> |