User activation request rest api

author: IT Fixcomart <it@fixcomart.co.id> 2022-11-18 15:30:53 +0700
committer: IT Fixcomart <it@fixcomart.co.id> 2022-11-18 15:30:53 +0700
commit: d15f7df65c95f41f12fb72795f0b1360bde115c0 (patch)
tree: b8ceb62ffddc32a67f8c40ebe11cb42585255b47 /indoteknik_api/controllers/api_v1
parent: 4b077e2a3796fb075840307a42e89d8a73eebe11 (diff)
2 files changed, 56 insertions, 4 deletions
diff --git a/indoteknik_api/controllers/api_v1/__init__.py b/indoteknik_api/controllers/api_v1/__init__.py
index d3023594..af28675c 100644
--- a/indoteknik_api/controllers/api_v1/__init__.py
+++ b/indoteknik_api/controllers/api_v1/__init__.py
@@ -1,4 +1,3 @@
-from . import auth
 from . import banner
 from . import blog
 from . import cart
@@ -8,4 +7,5 @@ from . import manufacture
 from . import product
 from . import promotion
 from . import sale_order
+from . import user
 from . import wishlist
 \ No newline at end of file
diff --git a/indoteknik_api/controllers/api_v1/auth.py b/indoteknik_api/controllers/api_v1/user.py
index e51431b1..41581961 100644
--- a/indoteknik_api/controllers/api_v1/auth.py
+++ b/indoteknik_api/controllers/api_v1/user.py
@@ -2,12 +2,13 @@ from .. import controller
 from odoo import http
 from odoo.http import request
 from odoo.tools.config import config
+import random, string
 
 
 class Auth(controller.Controller):
     prefix = '/api/v1/'
     
-    @http.route(prefix + 'auth/login', auth='public', methods=['POST'], csrf=False)
+    @http.route(prefix + 'user/login', auth='public', methods=['POST'], csrf=False)
     def login(self, **kw):
         if not self.authenticate():
             return self.response(code=401, description='Unauthorized')
@@ -42,7 +43,7 @@ class Auth(controller.Controller):
                 'reason': 'NOT_FOUND'
             })
     
-    @http.route(prefix + 'auth/register', auth='public', methods=['POST'], csrf=False)
+    @http.route(prefix + 'user/register', auth='public', methods=['POST'], csrf=False)
     def register(self, **kw):
         if not self.authenticate():
             return self.response(code=401, description='Unauthorized')
@@ -51,7 +52,7 @@ class Auth(controller.Controller):
         email = kw.get('email')
         password = kw.get('password')
         if not name or not email or not password:
-            return self.response(code=400, description='email and password is required')
+            return self.response(code=400, description='email, name and password is required')
         
         user = self.get_user(email)
         
@@ -73,3 +74,54 @@ class Auth(controller.Controller):
     
     def get_user(self, email):
         return request.env['res.users'].search([('login', '=', email), ('active', 'in', [True, False])])
+    
+    @http.route(prefix + 'user/activation-request', auth='public', methods=['POST'], csrf=False)
+    def request_activation_user(self, **kw):
+        if not self.authenticate():
+            return self.response(code=401, description='Unauthorized')
+        
+        email = kw.get('email')
+        user = self.get_user(email)
+        if not user:
+            return self.response({'activation_request': False, 'reason': 'NOT_FOUND'})
+        
+        if user.active:
+            return self.response({'activation_request': False, 'reason': 'ACTIVE'})
+        
+        token_source = string.ascii_letters + string.digits
+        user.activation_token = ''.join(random.choice(token_source) for i in range(20))
+        return self.response({
+            'activation_request': True,
+            'token': user.activation_token,
+            'user': {
+                'id': user.id,
+                'name': user.name,
+                'email': user.login,
+                'external': user.share
+            }
+        })
+        
+    @http.route(prefix + 'user/activation', auth='public', methods=['POST'], csrf=False)
+    def activation_user(self, **kw):
+        if not self.authenticate():
+            return self.response(code=401, description='Unauthorized')
+        
+        token = kw.get('token')
+        if not token:
+            return self.response(code=400, description='token is required')
+        
+        user = request.env['res.users'].search([('activation_token', '=', token), ('active', '=', False)], limit=1)
+        if not user:
+            return self.response({'activation': False, 'reason': 'INVALID_TOKEN'})
+        
+        user.active = True
+        user.activation_token = ''
+        return self.response({
+            'activation': True,
+            'user': {
+                'id': user.id,
+                'name': user.name,
+                'email': user.login,
+                'external': user.share
+            }
+        })
+\ No newline at end of file
author	IT Fixcomart <it@fixcomart.co.id>	2022-11-18 15:30:53 +0700
committer	IT Fixcomart <it@fixcomart.co.id>	2022-11-18 15:30:53 +0700
commit	d15f7df65c95f41f12fb72795f0b1360bde115c0 (patch)
tree	b8ceb62ffddc32a67f8c40ebe11cb42585255b47 /indoteknik_api/controllers/api_v1
parent	4b077e2a3796fb075840307a42e89d8a73eebe11 (diff)