from .. import controller from odoo import http from odoo.http import request from odoo.tools.config import config class Auth(controller.Controller): prefix = '/api/v1/' @http.route(prefix + 'auth/login', auth='public', methods=['POST'], csrf=False) def login(self, **kw): if not self.authenticate(): return self.response(code=401, description='Unauthorized') email = kw.get('email') password = kw.get('password') if not email or not password: return self.response(code=400, description='email and password is required') user = self.get_user(email) if user and not user.active: return self.response({ 'is_auth': False, 'reason': 'NOT_ACTIVE' }) try: uid = request.session.authenticate(config.get('db_name'), email, password) user = request.env['res.users'].browse(uid) return self.response({ 'is_auth': True, 'user': { 'id': user.id, 'name': user.name, 'email': user.login, 'external': user.share } }) except: return self.response({ 'is_auth': False, 'reason': 'NOT_FOUND' }) @http.route(prefix + 'auth/register', auth='public', methods=['POST'], csrf=False) def register(self, **kw): if not self.authenticate(): return self.response(code=401, description='Unauthorized') name = kw.get('name') email = kw.get('email') password = kw.get('password') if not name or not email or not password: return self.response(code=400, description='email and password is required') user = self.get_user(email) if user: return self.response({ 'register': False, 'reason': 'EMAIL_USED' }) user = request.env['res.users'].create({ 'name': name, 'login': email, 'password': password, 'active': False, 'sel_groups_1_9_10': 9 }) return self.response({'register': True}) def get_user(self, email): return request.env['res.users'].search([('login', '=', email), ('active', 'in', [True, False])])