1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
|
from array import array
import datetime
import base64
import json
from odoo import http
from odoo.http import request
from odoo.tools.config import config
from pytz import timezone
import logging
import jwt
_logger = logging.getLogger(__name__)
class Controller(http.Controller):
jwt_secret_key = "NTNv7j0TuYARvmNMmWXo6fKvM4o6nvaUi9ryX38ZHL1bkrnD1ObOQ8JAUmHCBq7Iy7otZcyAagBLHVKvvYaIpmMuxmARQ97jUVG16Jkpkp1wXOPsrF9zwew6TpczyHkHgX5EuLg2MeBuiTqJACs1J0apruOOJCggOtkjB4c"
def authenticate(self):
wsgienv = request.httprequest.environ
try:
db = wsgienv['HTTP_DB']
username = wsgienv['HTTP_USERNAME']
password = wsgienv['HTTP_PASSWORD']
request.session.authenticate(db, username, password)
return True
except:
try:
authorization = wsgienv['HTTP_AUTHORIZATION']
except:
authorization = None
token = request.env['ir.config_parameter'].sudo().get_param('rest_api_token') or ''
if authorization == token:
request.session.authenticate(config.get('db_name'), 'it@fixcomart.co.id', 'Fixcomart378')
return True
return False
def validate_request(self, rules: dict, kw: dict):
validation = {
'status': True,
'reason': []
}
for key in rules:
values = rules[key]
for value in values:
if value == 'required' and not kw.get(key):
validation['status'] = False
validation['reason'].append(key + ' is ' + value)
return validation
def time_to_str(self, object, format):
time = ''
if isinstance(object, datetime.datetime):
time = object.astimezone(timezone('Asia/Jakarta')).strftime(format)
return time
def response(self, data=[], code=200, description='OK'):
response = {
'status': {
'code': code,
'description': description
}
}
if code == 200:
response.update({'result': data})
response = json.dumps(response)
return request.make_response(response, [
('Access-Control-Allow-Origin', '*'),
('Access-Control-Allow-Headers', '*'),
('Access-Control-Allow-Methods', '*'),
('Content-Type', 'application/json'),
])
def search_filter(self, model: str, kw: dict, query: array = []):
""" To search data by default API Params if exist """
limit = kw.get('limit', 0)
offset = kw.get('offset', 0)
order = kw.get('order', '')
return request.env[model].search(query, limit=int(limit), offset=int(offset), order=order)
def create_user_token(self, user):
return jwt.encode({'id': user.id}, self.jwt_secret_key)
def verify_user_token(self, user_id):
try:
token = request.httprequest.environ['HTTP_TOKEN']
user_token = jwt.decode(token, self.jwt_secret_key, algorithms=['HS256'])
if int(user_id) != user_token['id']:
return False
return True
except:
return False
@http.route('/api/token', auth='public', methods=['GET', 'OPTIONS'])
def get_api_token(self, **kw):
return self.response(request.env['ir.config_parameter'].sudo().get_param('rest_api_token') or '')
@http.route('/api/image/<model>/<field>/<id>', auth='public', methods=['GET'])
def get_image(self, model, field, id):
model = request.env[model].sudo().search([('id', '=', id)], limit=1)
image = model[field] if model[field] else ''
return request.make_response(base64.b64decode(image), [('Content-Type', 'image/jpg')])
|
