From 6fe453ed5da6cfda56f4af454dbedc00b97f0f9e Mon Sep 17 00:00:00 2001 From: Rafi Zadanly Date: Fri, 13 Jan 2023 11:40:44 +0700 Subject: simplify authentication --- indoteknik_api/controllers/api_v1/user.py | 12 +++--------- 1 file changed, 3 insertions(+), 9 deletions(-) (limited to 'indoteknik_api/controllers/api_v1/user.py') diff --git a/indoteknik_api/controllers/api_v1/user.py b/indoteknik_api/controllers/api_v1/user.py index d71c30ea..ae04e0ff 100644 --- a/indoteknik_api/controllers/api_v1/user.py +++ b/indoteknik_api/controllers/api_v1/user.py @@ -109,11 +109,7 @@ class User(controller.Controller): user = request.env['res.users'].search([('id', '=', id)], limit=1) if not user: - return self.response(code=400, description='User not found') - - is_verify = self.verify_user_token(id) - if not is_verify: - return self.response(code=401, description='Unauthorized') + return self.response(code=404, description='User not found') allowed_field = ['name', 'phone', 'mobile', 'password'] for field in allowed_field: @@ -131,15 +127,13 @@ class User(controller.Controller): return self.response(code=401, description='Unauthorized') id = kw.get('id') - is_verify = self.verify_user_token(id) - if not is_verify: - return self.response(code=401, description='Unauthorized') user = request.env['res.users'].search([('id', '=', id)], limit=1) if not user: return self.response(code=404, description='User not found') - partners = [user.partner_id] + [x for x in user.child_ids] + partner_ids = [user.partner_id.id] + [x.id for x in user.child_ids] + partners = request.env['res.partner'].search([('id', 'in', partner_ids)], order='create_date DESC') address = [request.env['res.users'].api_address_response(x) for x in partners] return self.response(address) -- cgit v1.2.3