diff options
| author | IT Fixcomart <it@fixcomart.co.id> | 2022-11-18 11:14:04 +0700 |
|---|---|---|
| committer | IT Fixcomart <it@fixcomart.co.id> | 2022-11-18 11:14:04 +0700 |
| commit | 5d1d53268d836c0b650654e8fc6934fbebd2f6e5 (patch) | |
| tree | d515c2875d8a5a99f9f0b6aa1fc07854ebb5e003 /indoteknik_api/controllers/api_v1/auth.py | |
| parent | f168734f000ea34fc3a15bdf4b6af9f4fe797d06 (diff) | |
Rest api register & Rest api banner by manufacture_id
Diffstat (limited to 'indoteknik_api/controllers/api_v1/auth.py')
| -rw-r--r-- | indoteknik_api/controllers/api_v1/auth.py | 75 |
1 files changed, 75 insertions, 0 deletions
diff --git a/indoteknik_api/controllers/api_v1/auth.py b/indoteknik_api/controllers/api_v1/auth.py new file mode 100644 index 00000000..e51431b1 --- /dev/null +++ b/indoteknik_api/controllers/api_v1/auth.py @@ -0,0 +1,75 @@ +from .. import controller +from odoo import http +from odoo.http import request +from odoo.tools.config import config + + +class Auth(controller.Controller): + prefix = '/api/v1/' + + @http.route(prefix + 'auth/login', auth='public', methods=['POST'], csrf=False) + def login(self, **kw): + if not self.authenticate(): + return self.response(code=401, description='Unauthorized') + + email = kw.get('email') + password = kw.get('password') + if not email or not password: + return self.response(code=400, description='email and password is required') + + user = self.get_user(email) + if user and not user.active: + return self.response({ + 'is_auth': False, + 'reason': 'NOT_ACTIVE' + }) + + try: + uid = request.session.authenticate(config.get('db_name'), email, password) + user = request.env['res.users'].browse(uid) + return self.response({ + 'is_auth': True, + 'user': { + 'id': user.id, + 'name': user.name, + 'email': user.login, + 'external': user.share + } + }) + except: + return self.response({ + 'is_auth': False, + 'reason': 'NOT_FOUND' + }) + + @http.route(prefix + 'auth/register', auth='public', methods=['POST'], csrf=False) + def register(self, **kw): + if not self.authenticate(): + return self.response(code=401, description='Unauthorized') + + name = kw.get('name') + email = kw.get('email') + password = kw.get('password') + if not name or not email or not password: + return self.response(code=400, description='email and password is required') + + user = self.get_user(email) + + if user: + return self.response({ + 'register': False, + 'reason': 'EMAIL_USED' + }) + + user = request.env['res.users'].create({ + 'name': name, + 'login': email, + 'password': password, + 'active': False, + 'sel_groups_1_9_10': 9 + }) + + return self.response({'register': True}) + + def get_user(self, email): + return request.env['res.users'].search([('login', '=', email), ('active', 'in', [True, False])]) |