diff options
Diffstat (limited to 'indoteknik_api/controllers/api_v1/user.py')
| -rw-r--r-- | indoteknik_api/controllers/api_v1/user.py | 19 |
1 files changed, 2 insertions, 17 deletions
diff --git a/indoteknik_api/controllers/api_v1/user.py b/indoteknik_api/controllers/api_v1/user.py index 3080be7d..bf1814da 100644 --- a/indoteknik_api/controllers/api_v1/user.py +++ b/indoteknik_api/controllers/api_v1/user.py @@ -3,31 +3,16 @@ from odoo import http from odoo.http import request from odoo.tools.config import config import random, string -import jwt class User(controller.Controller): prefix = '/api/v1/' - jwt_secret_key = "NTNv7j0TuYARvmNMmWXo6fKvM4o6nvaUi9ryX38ZHL1bkrnD1ObOQ8JAUmHCBq7Iy7otZcyAagBLHVKvvYaIpmMuxmARQ97jUVG16Jkpkp1wXOPsrF9zwew6TpczyHkHgX5EuLg2MeBuiTqJACs1J0apruOOJCggOtkjB4c" def get_user_by_email(self, email): return request.env['res.users'].search([ ('login', '=', email), ('active', 'in', [True, False]) ]) - - def create_user_token(self, user): - return jwt.encode({'id': user.id}, self.jwt_secret_key) - - def verify_user_token(self, user_id): - try: - token = request.httprequest.environ['HTTP_TOKEN'] - user_token = jwt.decode(token, self.jwt_secret_key, algorithms=['HS256']) - if int(user_id) != user_token['id']: - return False - return True - except: - return False def response_with_token(self, user): data = request.env['res.users'].api_single_response(user) @@ -149,13 +134,13 @@ class User(controller.Controller): user = request.env['res.users'].search([('id', '=', id)], limit=1) if not user: - return self.response(code=400, description='User not found') + return self.response(code=404, description='User not found') is_verify = self.verify_user_token(id) if not is_verify: return self.response(code=401, description='Unauthorized') - partners = [user] + [x for x in user.child_ids] + partners = [user.partner_id] + [x for x in user.child_ids] address = [request.env['res.users'].api_address_response(x) for x in partners] return self.response(address) |