diff options
| author | Rafi Zadanly <zadanlyr@gmail.com> | 2023-03-09 06:11:55 +0700 |
|---|---|---|
| committer | Rafi Zadanly <zadanlyr@gmail.com> | 2023-03-09 06:11:55 +0700 |
| commit | 60c166f8b4f5f9cd8d4cdf6422f53d8b5d083648 (patch) | |
| tree | 439910148373c0b207838ec701a8bc13947b91d6 /indoteknik_api/controllers/api_v1/customer.py | |
| parent | f790892bb6cf7bd7871e841af92ce3edfc76b8c2 (diff) | |
Optimize auth method
Diffstat (limited to 'indoteknik_api/controllers/api_v1/customer.py')
| -rw-r--r-- | indoteknik_api/controllers/api_v1/customer.py | 11 |
1 files changed, 3 insertions, 8 deletions
diff --git a/indoteknik_api/controllers/api_v1/customer.py b/indoteknik_api/controllers/api_v1/customer.py index 57120751..42877f49 100644 --- a/indoteknik_api/controllers/api_v1/customer.py +++ b/indoteknik_api/controllers/api_v1/customer.py @@ -8,10 +8,8 @@ class CustomerReview(controller.Controller): prefix = '/api/v1/' @http.route(prefix + 'last_seen_products', auth='public', methods=['GET', 'OPTIONS']) + @controller.Controller.must_authorized() def get_last_seen_products(self, **kw): - if not self.authenticate(): - return self.response(code=401, description='Unauthorized') - email = str(kw.get('email', '')) if not email: return self.response(code=401, description='Unauthorized') @@ -43,12 +41,9 @@ class CustomerReview(controller.Controller): }) return self.response(data) - - @http.route(prefix + 'customer_review', auth='public', methods=['GET', 'OPTIONS']) - def get_customer_review(self, **kw): - if not self.authenticate(): - return self.response(code=401, description='Unauthorized') + @controller.Controller.must_authorized() + def get_customer_review(self): base_url = request.env['ir.config_parameter'].get_param('web.base.url') query = [('status', '=', 'tayang')] reviews = request.env['customer.review'].search(query, order='sequence') |