From 06d5b6a006e35e6596606c11e1caba4d9920881c Mon Sep 17 00:00:00 2001 From: Rafi Zadanly Date: Wed, 16 Aug 2023 13:01:19 +0700 Subject: Refactor authenticate function on API controller --- indoteknik_api/controllers/controller.py | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) (limited to 'indoteknik_api/controllers/controller.py') diff --git a/indoteknik_api/controllers/controller.py b/indoteknik_api/controllers/controller.py index 32a8672e..d40ccb5a 100644 --- a/indoteknik_api/controllers/controller.py +++ b/indoteknik_api/controllers/controller.py @@ -42,7 +42,8 @@ class Controller(http.Controller): request.session.authenticate(db, username, password) return True except: - request.session.authenticate(config.get('db_name'), 'it@fixcomart.co.id', 'Fixcomart378') + if not request.env.uid: + request.session.authenticate(config.get('db_name'), 'it@fixcomart.co.id', 'Fixcomart378') user_token = self.verify_user_token() return user_token -- cgit v1.2.3 From f4211cb305d843c6462fe57daf9c0a7397132ae0 Mon Sep 17 00:00:00 2001 From: Rafi Zadanly Date: Wed, 16 Aug 2023 13:05:08 +0700 Subject: Refactor authenticate function on API controller --- indoteknik_api/controllers/controller.py | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) (limited to 'indoteknik_api/controllers/controller.py') diff --git a/indoteknik_api/controllers/controller.py b/indoteknik_api/controllers/controller.py index d40ccb5a..32a8672e 100644 --- a/indoteknik_api/controllers/controller.py +++ b/indoteknik_api/controllers/controller.py @@ -42,8 +42,7 @@ class Controller(http.Controller): request.session.authenticate(db, username, password) return True except: - if not request.env.uid: - request.session.authenticate(config.get('db_name'), 'it@fixcomart.co.id', 'Fixcomart378') + request.session.authenticate(config.get('db_name'), 'it@fixcomart.co.id', 'Fixcomart378') user_token = self.verify_user_token() return user_token -- cgit v1.2.3 From 317967d6ab733065d98c08e678ac82f89b0d08c4 Mon Sep 17 00:00:00 2001 From: Rafi Zadanly Date: Wed, 16 Aug 2023 16:01:55 +0700 Subject: Fix API Controller --- indoteknik_api/controllers/controller.py | 19 ++++++++++++++++--- 1 file changed, 16 insertions(+), 3 deletions(-) (limited to 'indoteknik_api/controllers/controller.py') diff --git a/indoteknik_api/controllers/controller.py b/indoteknik_api/controllers/controller.py index 010e66fd..1e9f01ee 100644 --- a/indoteknik_api/controllers/controller.py +++ b/indoteknik_api/controllers/controller.py @@ -42,9 +42,19 @@ class Controller(http.Controller): request.session.authenticate(db, username, password) return True except: + try: + authorization = wsgienv['HTTP_AUTHORIZATION'] + except: + authorization = None request.session.authenticate(config.get('db_name'), 'it@fixcomart.co.id', 'Fixcomart378') + token = request.env['ir.config_parameter'].sudo().get_param('rest_api_token') or '' + result = False + if authorization == token: + result = True user_token = self.verify_user_token() - return user_token or True + if user_token: + result = user_token + return result def user_pricelist(self): user_token = self.authenticate() @@ -137,10 +147,13 @@ class Controller(http.Controller): user = request.env['res.users'].browse([ user_token['id'] ]) if not user: return False - return { + data = { 'user_id': user.id, - 'partner_id': user.partner_id.id or None + 'partner_id': None } + if user.partner_id: + data['partner_id'] = user.partner_id.id + return data except: return False -- cgit v1.2.3