1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
|
from array import array
import datetime
import base64
import json
from odoo import http
from odoo.http import request
from odoo.tools.config import config
from pytz import timezone
import logging
import jwt
_logger = logging.getLogger(__name__)
class Controller(http.Controller):
jwt_secret_key = "NTNv7j0TuYARvmNMmWXo6fKvM4o6nvaUi9ryX38ZHL1bkrnD1ObOQ8JAUmHCBq7Iy7otZcyAagBLHVKvvYaIpmMuxmARQ97jUVG16Jkpkp1wXOPsrF9zwew6TpczyHkHgX5EuLg2MeBuiTqJACs1J0apruOOJCggOtkjB4c"
def authenticate(self):
wsgienv = request.httprequest.environ
try:
db = wsgienv['HTTP_DB']
username = wsgienv['HTTP_USERNAME']
password = wsgienv['HTTP_PASSWORD']
request.session.authenticate(db, username, password)
return True
except:
try:
authorization = wsgienv['HTTP_AUTHORIZATION']
except:
authorization = None
token = request.env['ir.config_parameter'].sudo().get_param('rest_api_token') or ''
result = False
if authorization == token:
request.session.authenticate(config.get('db_name'), 'it@fixcomart.co.id', 'Fixcomart378')
result = True
if self.verify_user_token():
result = True
return result
def get_request_params(self, kw, queries):
result = {
'valid': True,
'reason': [],
'value': {},
'query': {}
}
for key in queries:
rules = queries[key]
is_number = len([r for r in rules if r == 'number']) > 0
has_alias = [r for r in rules if r.startswith('alias:')]
alias = key
if len(has_alias) > 0:
alias = has_alias[0].replace('alias:', '')
has_default = [r for r in rules if r.startswith('default:')]
default = None
if len(has_default) > 0:
default = has_default[0].replace('default:', '')
value = kw.get(key, '')
if value in ['null', 'undefined']:
value = ''
for rule in rules:
if rule == 'required' and not value:
result['reason'].append(key + ' is ' + rule)
elif rule == 'number' and value and not value.isdigit():
result['reason'].append(key + ' must be ' + rule)
if not value and default:
value = default
if is_number and value.isdigit():
value = int(value)
if not value:
value = None
result['value'][alias] = value
result['query'][key] = value
if len(result['reason']) > 0:
result['valid'] = False
if not result['valid']:
del result['value']
return result
def time_to_str(self, object, format):
time = ''
if isinstance(object, datetime.datetime):
time = object.astimezone(timezone('Asia/Jakarta')).strftime(format)
return time
def response(self, data=[], code=200, description='OK'):
response = {
'status': {
'code': code,
'description': description
}
}
if code == 200:
response.update({'result': data})
response = json.dumps(response)
return request.make_response(response, [
('Access-Control-Allow-Origin', '*'),
('Access-Control-Allow-Headers', '*'),
('Access-Control-Allow-Methods', '*'),
('Content-Type', 'application/json'),
])
def search_filter(self, model: str, kw: dict, query: array = []):
""" To search data by default API Params if exist """
limit = kw.get('limit', 0)
offset = kw.get('offset', 0)
order = kw.get('order', '')
return request.env[model].search(query, limit=int(limit), offset=int(offset), order=order)
def create_user_token(self, user):
return jwt.encode({'id': user.id}, self.jwt_secret_key)
def verify_user_token(self):
try:
token = request.httprequest.environ['HTTP_TOKEN']
user_token = jwt.decode(token, self.jwt_secret_key, algorithms=['HS256'])
user = request.env['res.users'].search([('id', '=', user_token['id'])])
if not user:
return False
return True
except:
return False
@http.route('/api/token', auth='public', methods=['GET', 'OPTIONS'])
def get_api_token(self, **kw):
return self.response(request.env['ir.config_parameter'].sudo().get_param('rest_api_token') or '')
@http.route('/api/image/<model>/<field>/<id>', auth='public', methods=['GET'])
def get_image(self, model, field, id):
model = request.env[model].sudo().search([('id', '=', id)], limit=1)
image = model[field] if model[field] else ''
return request.make_response(base64.b64decode(image), [('Content-Type', 'image/jpg')])
|
