Merge pull request #74 from expsa/fix-jwt-model-import-apis

[FIX] odex_web_app: add access_token model

odex25_mobile/odex_web_app/controllers/authentication.py

@@ -57,3 +57,85 @@ class AuthenticationController(http.Controller):
         dic['token'] = token
         http_helper.cleanup();
         return http_helper.response(data=dic, message=_("User log in successfully"))
+    
+
+    @http.route('/rest_api/validate',type='http', auth='none', csrf=False, cors='*',methods=['POST'])
+    def validate_token(self, **kw):
+        http_method, body, headers, token = http_helper.parse_request()
+
+        result = validator.validate_token(token)
+        if result['code'] == 497 or result['code'] == 498:
+            return http_helper.errcode(code=result['code'], message=result['message'])
+
+        return http_helper.response(message="uploaded success",data=result['data'])
+
+    @http.route('/rest_api/refresh',type='http', auth='none', csrf=False, cors='*',methods=['POST'])
+    def refresh_token(self, **kw):
+        http_method, body, headers, token = http_helper.parse_request()
+
+        result = validator.refresh_token(token)
+        if result['code'] == 497:
+            return http_helper.errcode(code=result['code'], message=result['message'])
+
+        return http_helper.response(message="uploaded success",data=result['data'])
+
+    # Reet password with email
+    @http.route(['/rest_api/reset'], type='http', auth='none', csrf=False, methods=['POST'])
+    def reset_email(self, **kw):
+        http_method, body, headers, token = http_helper.parse_request()
+        if not body.get('email'):
+            return http_helper.response(code=400, message="Email must not be empty", success=False)
+        user = http.request.env['res.users'].sudo().search([('login', '=', kw.get('email'))])
+        if user:
+            user.sudo().action_reset_password()
+            return http_helper.response(message=_("A verification link has been sent to you email account"), data={})
+        else:
+            return http_helper.errcode(code=403, message="Password reset failed")
+    
+    @http.route('/rest_api/users/password',type='http', auth='none', csrf=False, cors='*',methods=['PUT'])
+    def change_password(self, **kw):
+        http_method, body, headers, token = http_helper.parse_request()
+        if not body.get('old_password') or not  body.get('new_password'):
+            return http_helper.errcode(code=400, message='Password must not be empty')
+        
+        result = validator.verify_token(token)
+        
+        if not result['status']:
+            return http_helper.errcode(code=400, message='Invalid passwords')
+        
+        user = validator.verify(token)
+        if not user:
+            return http_helper.errcode(code=400, message=_("You are not allowed to perform this operation. please check with one of your team admins"))
+
+        if not http_helper.is_authentic(user.login, body.get('old_password')):
+            return http_helper.errcode(code=400, message='Invalid passwords')
+        
+        request.env.user.write({
+            'password':str(body.get('new_password')).strip()
+        })
+        request.session.logout()
+        
+
+        return http_helper.response(message=_("password changed successfully"),data={'id':user.id})
+    
+    @http.route('/rest_api/logout', type='http', auth='none', csrf=False, cors='*', methods=['POST'])
+    def logout(self, **kw):
+        http_method, body, headers, token = http_helper.parse_request()
+        result = validator.verify_token(token)
+        if not result['status']:
+            return http_helper.errcode(code=result['code'], message=result['message'])
+
+        http_helper.do_logout(token)
+        return http_helper.response()
+    
+    @http.route('/rest_api/users', type='http', auth='none', csrf=False, cors='*', methods=['GET'])
+    def info(self, **kw):
+        http_method, body, headers, token = http_helper.parse_request()
+        result = validator.verify_token(token)
+        if not result['status']:
+            return http_helper.errcode(code=result['code'], message=result['message'])
+        user = validator.verify(token)
+        if not user:
+            return http_helper.response(code=400, message=_("You are not allowed to perform this operation. please check with one of your team admins"), success=False)
+              
+        return http_helper.response(data=user.to_dict(True))

odex25_mobile/odex_web_app/models/__init__.py

@@ -1,3 +1,4 @@
 from . import hr_employee
 from . import attendence_zone_config
 from . import mail_thread
+from . import access_token

odex25_mobile/odex_web_app/models/access_token.py

@@ -0,0 +1,32 @@
+from odoo import models, fields, api
+from datetime import datetime, timedelta
+from dateutil import parser
+from odoo.tools import DEFAULT_SERVER_DATETIME_FORMAT
+
+import logging
+_logger = logging.getLogger(__name__)
+str_fmt = '%d/%m/%Y %H:%M:%S'
+
+class JwtAccessToken(models.Model):
+    _name = 'jwt_provider.access_token'
+    _description = 'Store user access token for one-time-login'
+
+    token = fields.Char('Access Token', required=True)
+    user_id = fields.Many2one('res.users', string='User', required=True, ondelete='cascade')
+    expires = fields.Datetime('Expires', required=True)
+
+    is_expired = fields.Boolean(compute='_compute_is_expired')
+
+    @api.depends('expires')
+    def _compute_is_expired(self):
+        ctr = datetime.now().strftime(str_fmt)
+        _logger.info(ctr)
+        for token in self:
+            token.is_expired = datetime.now() >  token.expires
+
+    def access_token_cron(self):
+        self.search([("is_expired", "=", True)]).unlink()
+        return True
+    
+    def set_env(self,env):
+        self.env = env