Login Rest API

2 files changed, 35 insertions, 0 deletions

diff --git a/indoteknik_api/controllers/api_v1/__init__.py b/indoteknik_api/controllers/api_v1/__init__.py
index d7efb524..60436a45 100644
--- a/indoteknik_api/controllers/api_v1/__init__.py
+++ b/indoteknik_api/controllers/api_v1/__init__.py
@@ -3,6 +3,7 @@ from . import blog
 from . import cart
 from . import category
 from . import flash_sale
+from . import login
 from . import manufacture
 from . import product
 from . import promotion
diff --git a/indoteknik_api/controllers/api_v1/login.py b/indoteknik_api/controllers/api_v1/login.py
new file mode 100644
index 00000000..cc440d26
--- /dev/null
+++ b/indoteknik_api/controllers/api_v1/login.py
@@ -0,0 +1,34 @@
+from .. import controller
+from odoo import http
+from odoo.http import request
+from odoo.tools.config import config
+
+
+class Cart(controller.Controller):
+    prefix = '/api/v1/'
+    
+    @http.route(prefix + 'login', auth='public', methods=['POST'], csrf=False)
+    def login(self, **kw):
+        if not self.authenticate():
+            return self.response(code=401, description='Unauthorized')
+        
+        email = kw.get('email')
+        password = kw.get('password')
+        if not email or not password:
+            return self.response(code=400, description='username and password is required')
+        
+        try:
+            uid = request.session.authenticate(config.get('db_name'), email, password)
+            user = request.env['res.users'].browse(uid)
+            return self.response({
+                'is_auth': True, 
+                'user': {
+                    'id': user.id,
+                    'name': user.name,
+                    'email': user.login
+                }
+            })
+        except:
+            return self.response({'is_auth': False})
+        
+        
\ No newline at end of file