summaryrefslogtreecommitdiff
path: root/indoteknik_api/controllers/controller.py
diff options
context:
space:
mode:
Diffstat (limited to 'indoteknik_api/controllers/controller.py')
-rw-r--r--indoteknik_api/controllers/controller.py16
1 files changed, 16 insertions, 0 deletions
diff --git a/indoteknik_api/controllers/controller.py b/indoteknik_api/controllers/controller.py
index 10cd76a1..73c8829d 100644
--- a/indoteknik_api/controllers/controller.py
+++ b/indoteknik_api/controllers/controller.py
@@ -8,11 +8,14 @@ from odoo.http import request
from odoo.tools.config import config
from pytz import timezone
import logging
+import jwt
_logger = logging.getLogger(__name__)
class Controller(http.Controller):
+ jwt_secret_key = "NTNv7j0TuYARvmNMmWXo6fKvM4o6nvaUi9ryX38ZHL1bkrnD1ObOQ8JAUmHCBq7Iy7otZcyAagBLHVKvvYaIpmMuxmARQ97jUVG16Jkpkp1wXOPsrF9zwew6TpczyHkHgX5EuLg2MeBuiTqJACs1J0apruOOJCggOtkjB4c"
+
def authenticate(self):
wsgienv = request.httprequest.environ
try:
@@ -76,6 +79,19 @@ class Controller(http.Controller):
order = kw.get('order', '')
return request.env[model].search(query, limit=int(limit), offset=int(offset), order=order)
+
+ def create_user_token(self, user):
+ return jwt.encode({'id': user.id}, self.jwt_secret_key)
+
+ def verify_user_token(self, user_id):
+ try:
+ token = request.httprequest.environ['HTTP_TOKEN']
+ user_token = jwt.decode(token, self.jwt_secret_key, algorithms=['HS256'])
+ if int(user_id) != user_token['id']:
+ return False
+ return True
+ except:
+ return False
@http.route('/api/token', auth='public', methods=['GET', 'OPTIONS'])
def get_api_token(self, **kw):
generated by cgit v1.2.3 (git 2.25.1) at 2026-04-18 08:41:30 +0000