Optimize auth method

author: Rafi Zadanly <zadanlyr@gmail.com> 2023-03-09 06:11:55 +0700
committer: Rafi Zadanly <zadanlyr@gmail.com> 2023-03-09 06:11:55 +0700
commit: 60c166f8b4f5f9cd8d4cdf6422f53d8b5d083648 (patch)
tree: 439910148373c0b207838ec701a8bc13947b91d6 /indoteknik_api/controllers/api_v1/content.py
parent: f790892bb6cf7bd7871e841af92ce3edfc76b8c2 (diff)
1 files changed, 5 insertions, 15 deletions
diff --git a/indoteknik_api/controllers/api_v1/content.py b/indoteknik_api/controllers/api_v1/content.py
index 2d788306..99077c19 100644
--- a/indoteknik_api/controllers/api_v1/content.py
+++ b/indoteknik_api/controllers/api_v1/content.py
@@ -7,10 +7,8 @@ class WebsiteContent(controller.Controller):
     prefix = '/api/v1/'
 
     @http.route(prefix + 'coupon_program', auth='public', methods=['GET', 'OPTIONS'])
+    @controller.Controller.must_authorized()
     def get_coupon_program(self, **kw):
-        if not self.authenticate():
-            return self.response(code=401, description='Unauthorized')
-
         reward_type = str(kw.get('reward_type', ''))
         limit = int(kw.get('limit', 0))
         offset = int(kw.get('offset', 0))
@@ -26,17 +24,13 @@ class WebsiteContent(controller.Controller):
             'coupon_total': request.env['coupon.program'].search_count(query),
             'coupons': [request.env['coupon.program'].api_single_response(x) for x in coupons]
         }
-        # print (data)
+        
         return self.response(data)
 
 
-
     @http.route(prefix + 'banner/brand', auth='public', methods=['GET', 'OPTIONS'])
+    @controller.Controller.must_authorized()
     def get_banner_by_brand(self, **kw):
-        if not self.authenticate():
-            return self.response(code=401, description='Unauthorized')
-        # base_url = request.env['ir.config_parameter'].get_param('web.base.url')
-
         category_id = int(kw.get('category_id'), 0)
         query = [
             ('x_status_banner', '=', 'tayang'),
@@ -63,9 +57,8 @@ class WebsiteContent(controller.Controller):
         return self.response(data)
 
     @http.route(prefix + 'product_ads', auth='public', methods=['GET', 'OPTIONS'])
+    @controller.Controller.must_authorized()
     def get_product_ads(self, **kw):
-        if not self.authenticate():
-            return self.response(code=401, description='Unauthorized')
         base_url = request.env['ir.config_parameter'].get_param('web.base.url')
         query = [
             ('page', '=', 'product'),
@@ -83,15 +76,12 @@ class WebsiteContent(controller.Controller):
         return self.response(data)
 
     @http.route(prefix + 'video_content', auth='public', methods=['GET', 'OPTIONS'])
+    @controller.Controller.must_authorized()
     def get_video_content(self, **kw):
-        if not self.authenticate():
-            return self.response(code=401, description='Unauthorized')
-        # base_url = request.env['ir.config_parameter'].get_param('web.base.url')
         query = [('status', '=', 'tayang'), ('slide_type', '=', 'video')]
         limit = int(kw.get('limit', 0))
         offset = int(kw.get('offset', 0))
         videos = request.env['website.content'].search(query, limit=limit, offset=offset, order='sequence')
-        # data = []
         data = {
             'video_total': request.env['website.content'].search_count(query),
             'videos': [request.env['website.content'].api_single_response(x) for x in videos]
author	Rafi Zadanly <zadanlyr@gmail.com>	2023-03-09 06:11:55 +0700
committer	Rafi Zadanly <zadanlyr@gmail.com>	2023-03-09 06:11:55 +0700
commit	60c166f8b4f5f9cd8d4cdf6422f53d8b5d083648 (patch)
tree	439910148373c0b207838ec701a8bc13947b91d6 /indoteknik_api/controllers/api_v1/content.py
parent	f790892bb6cf7bd7871e841af92ce3edfc76b8c2 (diff)