simplify authentication

1 files changed, 3 insertions, 9 deletions

diff --git a/indoteknik_api/controllers/api_v1/user.py b/indoteknik_api/controllers/api_v1/user.py
index d71c30ea..ae04e0ff 100644
--- a/indoteknik_api/controllers/api_v1/user.py
+++ b/indoteknik_api/controllers/api_v1/user.py
@@ -109,11 +109,7 @@ class User(controller.Controller):
         
         user = request.env['res.users'].search([('id', '=', id)], limit=1)
         if not user: 
-            return self.response(code=400, description='User not found')
-        
-        is_verify = self.verify_user_token(id)
-        if not is_verify:
-            return self.response(code=401, description='Unauthorized')
+            return self.response(code=404, description='User not found')
         
         allowed_field = ['name', 'phone', 'mobile', 'password']
         for field in allowed_field:
@@ -131,15 +127,13 @@ class User(controller.Controller):
             return self.response(code=401, description='Unauthorized')
         
         id = kw.get('id')
-        is_verify = self.verify_user_token(id)
-        if not is_verify:
-            return self.response(code=401, description='Unauthorized')
         
         user = request.env['res.users'].search([('id', '=', id)], limit=1)
         if not user: 
             return self.response(code=404, description='User not found')
         
-        partners = [user.partner_id] + [x for x in user.child_ids]
+        partner_ids = [user.partner_id.id] + [x.id for x in user.child_ids]
+        partners = request.env['res.partner'].search([('id', 'in', partner_ids)], order='create_date DESC')
         address = [request.env['res.users'].api_address_response(x) for x in partners]
         
         return self.response(address)