diff options
| author | Rafi Zadanly <zadanlyr@gmail.com> | 2023-04-05 09:48:18 +0700 |
|---|---|---|
| committer | Rafi Zadanly <zadanlyr@gmail.com> | 2023-04-05 09:48:18 +0700 |
| commit | 404db39b3f80c538e202e1fe728fd043cecaf7c8 (patch) | |
| tree | 1f5a8db6f609e73a32923a2998db6cb28617cacd /indoteknik_api/controllers/api_v1 | |
| parent | 51a0a2319186bf8560f36d305f8e7ee573d956ab (diff) | |
update api controller user and api model sale_order
Diffstat (limited to 'indoteknik_api/controllers/api_v1')
| -rw-r--r-- | indoteknik_api/controllers/api_v1/user.py | 73 |
1 files changed, 55 insertions, 18 deletions
diff --git a/indoteknik_api/controllers/api_v1/user.py b/indoteknik_api/controllers/api_v1/user.py index 1f1f2413..5edb208e 100644 --- a/indoteknik_api/controllers/api_v1/user.py +++ b/indoteknik_api/controllers/api_v1/user.py @@ -118,6 +118,60 @@ class User(controller.Controller): 'user': request.env['res.users'].api_single_response(user) }) + @http.route(prefix + 'user/activation', auth='public', methods=['POST'], csrf=False) + @controller.Controller.must_authorized() + def activation_user(self, **kw): + token = kw.get('token') + if not token: + return self.response(code=400, description='token is required') + + user = request.env['res.users'].search([('activation_token', '=', token), ('active', '=', False)], limit=1) + if not user: + return self.response({'activation': False, 'reason': 'INVALID_TOKEN'}) + + user.active = True + user.activation_token = '' + return self.response({ + 'activation': True, + 'user': self.response_with_token(user) + }) + + @http.route(prefix + 'user/forgot-password', auth='public', methods=['POST'], csrf=False) + @controller.Controller.must_authorized() + def forgot_password_user(self, **kw): + email = kw.get('email') + user = self.get_user_by_email(email) + if not user: + return self.response({'success': False, 'reason': 'NOT_FOUND'}) + + token_source = string.ascii_letters + string.digits + user.reset_password_token = ''.join(random.choice(token_source) for i in range(21)) + return self.response({ + 'success': True, + 'token': user.reset_password_token, + 'user': request.env['res.users'].api_single_response(user) + }) + + @http.route(prefix + 'user/reset-password', auth='public', methods=['POST', 'OPTIONS'], csrf=False) + @controller.Controller.must_authorized() + def reset_password_user(self, **kw): + token = kw.get('token') + if not token: + return self.response(code=400, description='token is required') + + user = request.env['res.users'].search([('reset_password_token', '=', token), ('active', 'in', [False, True])], limit=1) + + if not user: + return self.response({'success': False, 'reason': 'INVALID_TOKEN'}) + + password = kw.get('password', '') + user.password = password + user.reset_password_token = '' + return self.response({ + 'success': True, + 'user': request.env['res.users'].api_single_response(user) + }) + @http.route(prefix + 'user/<id>', auth='public', methods=['PUT', 'OPTIONS'], csrf=False) @controller.Controller.must_authorized() def update_user(self, **kw): @@ -151,21 +205,4 @@ class User(controller.Controller): address = [request.env['res.users'].api_address_response(x) for x in partners] return self.response(address) - - @http.route(prefix + 'user/activation', auth='public', methods=['POST'], csrf=False) - @controller.Controller.must_authorized() - def activation_user(self, **kw): - token = kw.get('token') - if not token: - return self.response(code=400, description='token is required') - - user = request.env['res.users'].search([('activation_token', '=', token), ('active', '=', False)], limit=1) - if not user: - return self.response({'activation': False, 'reason': 'INVALID_TOKEN'}) - - user.active = True - user.activation_token = '' - return self.response({ - 'activation': True, - 'user': self.response_with_token(user) - })
\ No newline at end of file +
\ No newline at end of file |