diff options
| author | IT Fixcomart <it@fixcomart.co.id> | 2023-11-25 02:42:37 +0000 |
|---|---|---|
| committer | IT Fixcomart <it@fixcomart.co.id> | 2023-11-25 02:42:37 +0000 |
| commit | 4dcd1e3e1a3e4dced5a2d0d89d2fd4ee3e1fe7d3 (patch) | |
| tree | 3e15c66065c81eead3fb40c9f87e3f2c269e20f2 /indoteknik_api/controllers/api_v1/user.py | |
| parent | 2aee5a44abbe36961dfe23cc3d656aa48e11e0f9 (diff) | |
| parent | 693e78afa8b9b4df99f417392b42bff12ea41f9e (diff) | |
Merged in production (pull request #132)
Production
Diffstat (limited to 'indoteknik_api/controllers/api_v1/user.py')
| -rw-r--r-- | indoteknik_api/controllers/api_v1/user.py | 110 |
1 files changed, 85 insertions, 25 deletions
diff --git a/indoteknik_api/controllers/api_v1/user.py b/indoteknik_api/controllers/api_v1/user.py index 7a522d0c..9b89e82c 100644 --- a/indoteknik_api/controllers/api_v1/user.py +++ b/indoteknik_api/controllers/api_v1/user.py @@ -42,9 +42,18 @@ class User(controller.Controller): uid = request.session.authenticate( config.get('db_name'), email, password) user = request.env['res.users'].browse(uid) + role = '' + + if user.is_inbound and user.is_outbound: + role = 'admin' + elif user.is_outbound: + role = 'outbound' + elif user.is_inbound: + role = 'inbound' data = { 'is_auth': True, - 'user': self.response_with_token(user) + 'role': role, + 'user': self.response_with_token(user), } return self.response(data) except: @@ -95,17 +104,29 @@ class User(controller.Controller): password = kw.get('password') if not name or not email or not password: return self.response(code=400, description='email, name and password is required') + + company = kw.get('company', False) + phone = kw.get('phone') + + response = { + 'register': False, + 'reason': None + } user = self.get_user_by_email(email) if user: - return self.response({ - 'register': False, - 'reason': 'EMAIL_USED' - }) + if user.active: + response['reason'] = 'EMAIL_USED' + else: + user.send_activation_mail() + response['reason'] = 'NOT_ACTIVE' + + return self.response(response) user_data = { 'name': name, 'login': email, + 'phone': phone, 'password': password, 'active': False, 'sel_groups_1_9_10': 9 @@ -114,18 +135,15 @@ class User(controller.Controller): user = request.env['res.users'].create(user_data) user.partner_id.email = email - company = kw.get('company', False) if company: parameter = [ ('company_type', '=', 'company'), ('name', 'ilike', company) ] - match_company = request.env['res.partner'].search( - parameter, limit=1) + match_company = request.env['res.partner'].search(parameter, limit=1) match_ratio = 0 if match_company: - match_ratio = SequenceMatcher( - None, match_company.name, company).ratio() + match_ratio = SequenceMatcher(None, match_company.name, company).ratio() if match_ratio > 0.8: request.env['user.company.request'].create({ 'user_id': user.partner_id.id, @@ -138,27 +156,33 @@ class User(controller.Controller): }) user.parent_id = new_company.id - return self.response({'register': True}) + user.send_activation_mail() + + response['register'] = True + return self.response(response) @http.route(prefix + 'user/activation-request', auth='public', methods=['POST'], csrf=False) @controller.Controller.must_authorized() def request_activation_user(self, **kw): email = kw.get('email') + response = { + 'activation_request': False, + 'reason': None + } + user = self.get_user_by_email(email) if not user: - return self.response({'activation_request': False, 'reason': 'NOT_FOUND'}) + response['reason'] = 'NOT_FOUND' + return self.response(response) if user.active: - return self.response({'activation_request': False, 'reason': 'ACTIVE'}) + response['reason'] = 'ACTIVE' + return self.response(response) - token_source = string.ascii_letters + string.digits - user.activation_token = ''.join( - random.choice(token_source) for i in range(21)) - return self.response({ - 'activation_request': True, - 'token': user.activation_token, - 'user': request.env['res.users'].api_single_response(user) - }) + user.send_activation_mail() + + response['activation_request'] = True + return self.response(response) @http.route(prefix + 'user/activation', auth='public', methods=['POST'], csrf=False) @controller.Controller.must_authorized() @@ -166,18 +190,54 @@ class User(controller.Controller): token = kw.get('token') if not token: return self.response(code=400, description='token is required') + + response = { + 'activation': False, + 'reason': None, + 'user': None + } - user = request.env['res.users'].search( - [('activation_token', '=', token), ('active', '=', False)], limit=1) + user = request.env['res.users'].search([('activation_token', '=', token), ('active', '=', False)], limit=1) if not user: - return self.response({'activation': False, 'reason': 'INVALID_TOKEN'}) + response['reason'] = 'INVALID_TOKEN' + return self.response(response) user.active = True user.activation_token = '' - return self.response({ + response.update({ + 'activation': True, + 'user': self.response_with_token(user) + }) + return self.response(response) + + @http.route(prefix + 'user/activation-token', auth='public', methods=['POST'], csrf=False) + @controller.Controller.must_authorized() + def activation_user_with_token(self, **kw): + return self.activation_user(**kw) + + @http.route(prefix + 'user/activation-otp', auth='public', methods=['POST'], csrf=False) + @controller.Controller.must_authorized() + def activation_user_with_otp(self, **kw): + email = kw.get('email') + otp = kw.get('otp') + + response = { + 'activation': False, + 'reason': None, + 'user': None + } + + user = self.get_user_by_email(email) + if user.otp_code != otp: + response['reason'] = 'INVALID_OTP' + return self.response(response) + + user.active = True + response.update({ 'activation': True, 'user': self.response_with_token(user) }) + return self.response(response) @http.route(prefix + 'user/forgot-password', auth='public', methods=['POST'], csrf=False) @controller.Controller.must_authorized() |