From 75933b6c16a6161930d8a51ac17a10f970f0d15b Mon Sep 17 00:00:00 2001
From: IT Fixcomart <it@fixcomart.co.id>
Date: Thu, 3 Nov 2022 15:41:34 +0700
Subject: allowed_ip_address get from system_parameter

---
 indoteknik_api/controllers/controller.py | 10 ++--------
 1 file changed, 2 insertions(+), 8 deletions(-)

(limited to 'indoteknik_api/controllers/controller.py')

diff --git a/indoteknik_api/controllers/controller.py b/indoteknik_api/controllers/controller.py
index d1ecab57..261adf36 100644
--- a/indoteknik_api/controllers/controller.py
+++ b/indoteknik_api/controllers/controller.py
@@ -24,14 +24,8 @@ class Controller(http.Controller):
         except:
             remote_address = wsgienv['REMOTE_ADDR']
             _logger.info("API Request from %s" % remote_address)
-            allowed_ip_address = []
-            # server website production
-            allowed_ip_address.append('34.101.189.218')
-            # server website development
-            allowed_ip_address.append('34.101.55.147')
-            # rafizadanly localhost
-            allowed_ip_address.append('182.253.155.143')
-            if remote_address in allowed_ip_address:
+            allowed_ip_address = request.env['ir.config_parameter'].get_param('api_allowed_ip_address')
+            if remote_address in allowed_ip_address.split(','):
                 request.session.authenticate(config.get('db_name'), 'it@fixcomart.co.id', 'Fixcomart378')
                 return True
             return False
-- 
cgit v1.2.3