diff options
| author | IT Fixcomart <it@fixcomart.co.id> | 2023-08-16 09:04:39 +0000 |
|---|---|---|
| committer | IT Fixcomart <it@fixcomart.co.id> | 2023-08-16 09:04:39 +0000 |
| commit | 7bbabfe4f79c2128a389890f4be593b98df7a44a (patch) | |
| tree | 3ca60b79b7b6229306a20184022f8fcd95c4021c /indoteknik_api/controllers/api_v1 | |
| parent | 1409057eb5e784c9a3ad852faf6df512740fcab9 (diff) | |
| parent | 317967d6ab733065d98c08e678ac82f89b0d08c4 (diff) | |
Merged in development (pull request #106)
Development
Diffstat (limited to 'indoteknik_api/controllers/api_v1')
| -rw-r--r-- | indoteknik_api/controllers/api_v1/user.py | 131 |
1 files changed, 88 insertions, 43 deletions
diff --git a/indoteknik_api/controllers/api_v1/user.py b/indoteknik_api/controllers/api_v1/user.py index 8ccdf824..7a522d0c 100644 --- a/indoteknik_api/controllers/api_v1/user.py +++ b/indoteknik_api/controllers/api_v1/user.py @@ -2,24 +2,27 @@ from .. import controller from odoo import http from odoo.http import request from odoo.tools.config import config -import random, string +import random +import string +import requests +import json from difflib import SequenceMatcher class User(controller.Controller): prefix = '/api/v1/' - + def get_user_by_email(self, email): return request.env['res.users'].search([ - ('login', '=', email), + ('login', '=', email), ('active', 'in', [True, False]) ]) - + def response_with_token(self, user): data = request.env['res.users'].sudo().api_single_response(user) data['token'] = self.create_user_token(user) return data - + @http.route(prefix + 'user/login', auth='public', methods=['POST'], csrf=False) @controller.Controller.must_authorized() def login(self, **kw): @@ -27,19 +30,20 @@ class User(controller.Controller): password = kw.get('password') if not email or not password: return self.response(code=400, description='email and password is required') - + user = self.get_user_by_email(email) if user and not user.active: return self.response({ 'is_auth': False, 'reason': 'NOT_ACTIVE' }) - + try: - uid = request.session.authenticate(config.get('db_name'), email, password) + uid = request.session.authenticate( + config.get('db_name'), email, password) user = request.env['res.users'].browse(uid) data = { - 'is_auth': True, + 'is_auth': True, 'user': self.response_with_token(user) } return self.response(data) @@ -48,7 +52,41 @@ class User(controller.Controller): 'is_auth': False, 'reason': 'NOT_FOUND' }) - + + @http.route(prefix + 'user/validate-sso', auth='public', methods=['POST'], csrf=False) + @controller.Controller.must_authorized() + def user_validate_sso(self, **kw): + access_token = kw.get('access_token') + + try: + userinfo_url = 'https://www.googleapis.com/oauth2/v3/userinfo?access_token=' + access_token + res_userinfo = requests.get(userinfo_url) + userinfo = json.loads(res_userinfo.text) + name = userinfo['name'] + email = userinfo['email'] + except: + return self.response({ + 'is_auth': False, + 'reason': 'INVALID_TOKEN' + }) + + user = self.get_user_by_email(email) + if not user: + user_data = { + 'name': name, + 'login': email, + 'oauth_provider_id': request.env.ref('auth_oauth.provider_google').id, + 'sel_groups_1_9_10': 9 + } + + user = request.env['res.users'].create(user_data) + + data = { + 'is_auth': True, + 'user': self.response_with_token(user) + } + return self.response(data) + @http.route(prefix + 'user/register', auth='public', methods=['POST'], csrf=False) @controller.Controller.must_authorized() def register(self, **kw): @@ -57,7 +95,7 @@ class User(controller.Controller): password = kw.get('password') if not name or not email or not password: return self.response(code=400, description='email, name and password is required') - + user = self.get_user_by_email(email) if user: return self.response({ @@ -72,7 +110,7 @@ class User(controller.Controller): 'active': False, 'sel_groups_1_9_10': 9 } - + user = request.env['res.users'].create(user_data) user.partner_id.email = email @@ -82,10 +120,12 @@ class User(controller.Controller): ('company_type', '=', 'company'), ('name', 'ilike', company) ] - match_company = request.env['res.partner'].search(parameter, limit=1) + match_company = request.env['res.partner'].search( + parameter, limit=1) match_ratio = 0 if match_company: - match_ratio = SequenceMatcher(None, match_company.name, company).ratio() + match_ratio = SequenceMatcher( + None, match_company.name, company).ratio() if match_ratio > 0.8: request.env['user.company.request'].create({ 'user_id': user.partner_id.id, @@ -97,9 +137,9 @@ class User(controller.Controller): 'name': company }) user.parent_id = new_company.id - + return self.response({'register': True}) - + @http.route(prefix + 'user/activation-request', auth='public', methods=['POST'], csrf=False) @controller.Controller.must_authorized() def request_activation_user(self, **kw): @@ -107,36 +147,38 @@ class User(controller.Controller): user = self.get_user_by_email(email) if not user: return self.response({'activation_request': False, 'reason': 'NOT_FOUND'}) - + if user.active: return self.response({'activation_request': False, 'reason': 'ACTIVE'}) - + token_source = string.ascii_letters + string.digits - user.activation_token = ''.join(random.choice(token_source) for i in range(21)) + user.activation_token = ''.join( + random.choice(token_source) for i in range(21)) return self.response({ 'activation_request': True, 'token': user.activation_token, 'user': request.env['res.users'].api_single_response(user) }) - + @http.route(prefix + 'user/activation', auth='public', methods=['POST'], csrf=False) @controller.Controller.must_authorized() def activation_user(self, **kw): token = kw.get('token') if not token: return self.response(code=400, description='token is required') - - user = request.env['res.users'].search([('activation_token', '=', token), ('active', '=', False)], limit=1) + + user = request.env['res.users'].search( + [('activation_token', '=', token), ('active', '=', False)], limit=1) if not user: return self.response({'activation': False, 'reason': 'INVALID_TOKEN'}) - + user.active = True user.activation_token = '' return self.response({ 'activation': True, 'user': self.response_with_token(user) }) - + @http.route(prefix + 'user/forgot-password', auth='public', methods=['POST'], csrf=False) @controller.Controller.must_authorized() def forgot_password_user(self, **kw): @@ -146,25 +188,27 @@ class User(controller.Controller): return self.response({'success': False, 'reason': 'NOT_FOUND'}) token_source = string.ascii_letters + string.digits - user.reset_password_token = ''.join(random.choice(token_source) for i in range(21)) + user.reset_password_token = ''.join( + random.choice(token_source) for i in range(21)) return self.response({ 'success': True, 'token': user.reset_password_token, 'user': request.env['res.users'].api_single_response(user) }) - + @http.route(prefix + 'user/reset-password', auth='public', methods=['POST', 'OPTIONS'], csrf=False) @controller.Controller.must_authorized() def reset_password_user(self, **kw): token = kw.get('token') if not token: return self.response(code=400, description='token is required') - - user = request.env['res.users'].search([('reset_password_token', '=', token), ('active', 'in', [False, True])], limit=1) - + + user = request.env['res.users'].search( + [('reset_password_token', '=', token), ('active', 'in', [False, True])], limit=1) + if not user: return self.response({'success': False, 'reason': 'INVALID_TOKEN'}) - + password = kw.get('password', '') user.password = password user.reset_password_token = '' @@ -172,38 +216,39 @@ class User(controller.Controller): 'success': True, 'user': request.env['res.users'].api_single_response(user) }) - + @http.route(prefix + 'user/<id>', auth='public', methods=['PUT', 'OPTIONS'], csrf=False) @controller.Controller.must_authorized() def update_user(self, **kw): id = kw.get('id') - + user = request.env['res.users'].search([('id', '=', id)], limit=1) - if not user: + if not user: return self.response(code=404, description='User not found') - + allowed_field = ['name', 'phone', 'mobile', 'password'] for field in allowed_field: field_value = kw.get(field) if field_value or field_value == '': user[field] = field_value - + return self.response({ 'user': self.response_with_token(user) }) - + @http.route(prefix + 'user/<id>/address', auth='public', methods=['GET', 'OPTIONS']) @controller.Controller.must_authorized() def get_user_address_by_id(self, **kw): id = kw.get('id') - + user = request.env['res.users'].search([('id', '=', id)], limit=1) - if not user: + if not user: return self.response(code=404, description='User not found') - + partner_ids = [user.partner_id.id] + [x.id for x in user.child_ids] - partners = request.env['res.partner'].search([('id', 'in', partner_ids)], order='write_date DESC') - address = [request.env['res.users'].api_address_response(x) for x in partners] - + partners = request.env['res.partner'].search( + [('id', 'in', partner_ids)], order='write_date DESC') + address = [request.env['res.users'].api_address_response( + x) for x in partners] + return self.response(address) -
\ No newline at end of file |