update to 12.0

Author: qnts

.gitignore

@@ -0,0 +1 @@
+.vscode/

__init__.py

@@ -3,4 +3,4 @@
 from . import controllers
 from . import models
 
-from . import validator, jwt_http
+from . import validator, jwt_http, util

__manifest__.py

@@ -3,7 +3,7 @@
     'name': "jwt_provider",
 
     'summary': """
-        Provide a simple rest using jwt for odoo 11""",
+        Provide a simple rest using jwt for odoo 12""",
 
     'description': """
         Key features:
@@ -26,15 +26,13 @@
     'external_dependencies': {
         'python': ['jwt'],
     },
-
-    # always loaded
     'data': [
-        # 'security/ir.model.access.csv',
-        #'views/views.xml',
-        #'views/templates.xml',
+        'security/ir.model.access.csv',
+        'views/user_view.xml',
+    ],
+    'css': [
+        'static/src/css/jwt.css',
     ],
-    # only loaded in demonstration mode
     'demo': [
-        #'demo/demo.xml',
     ],
 }

controllers/__init__.py

@@ -1,3 +1,4 @@
 # -*- coding: utf-8 -*-
 
-from . import main
+from . import api
+from . import web

controllers/api.py

@@ -0,0 +1,86 @@
+# -*- coding: utf-8 -*-
+import werkzeug
+from odoo import http
+from odoo.http import request, Response
+from odoo.addons.auth_signup.models.res_users import SignupError
+from odoo.exceptions import UserError
+
+from ..validator import validator
+from ..jwt_http import jwt_http
+
+import logging
+_logger = logging.getLogger(__name__)
+
+SENSITIVE_FIELDS = ['password', 'password_crypt', 'new_password', 'create_uid', 'write_uid']
+
+
+class JwtController(http.Controller):
+    # test route
+    @http.route('/api/info', auth='public', csrf=False, cors='*')
+    def index(self, **kw):
+        return 'Hello, world'
+
+    @http.route('/api/login', type='http', auth='public', csrf=False, cors='*', methods=['POST'])
+    def login(self, email, password, **kw):
+
+        return jwt_http.do_login(email, password)
+
+    @http.route('/api/me', type='http', auth='public', csrf=False, cors='*')
+    def me(self, **kw):
+        http_method, body, headers, token = jwt_http.parse_request()
+        result = validator.verify_token(token)
+        if not result['status']:
+            return jwt_http.errcode(code=result['code'], message=result['message'])
+
+        return jwt_http.response(request.env.user.to_dict(True))
+
+    @http.route('/api/logout', type='http', auth='public', csrf=False, cors='*')
+    def logout(self, **kw):
+        http_method, body, headers, token = jwt_http.parse_request()
+        result = validator.verify_token(token)
+        if not result['status']:
+            return jwt_http.errcode(code=result['code'], message=result['message'])
+
+        jwt_http.do_logout(token)
+        return jwt_http.response()
+
+    @http.route('/api/register', type='http', auth='public', csrf=False, cors='*', methods=['POST'])
+    def register(self, email=None, name=None, password=None, **kw):
+        if not validator.is_valid_email(email):
+            return jwt_http.errcode(code=400, message='Invalid email address')
+        if not name:
+            return jwt_http.errcode(code=400, message='Name cannot be empty')
+        if not password:
+            return jwt_http.errcode(code=400, message='Password cannot be empty')
+
+        # sign up
+        try:
+            self._signup_with_values(login=email, name=name, password=password)
+        except AttributeError:
+            return jwt_http.errcode(code=501, message='Signup is disabled')
+        except (SignupError, AssertionError) as e:
+            if request.env["res.users"].sudo().search([("login", "=", email)]):
+                return jwt_http.errcode(code=400, message='Email address already existed')
+            else:
+                _logger.error("%s", e)
+                return jwt_http.response_500()
+        except Exception as e:
+            _logger.error(str(e))
+            return jwt_http.response_500()
+        # log the user in
+        return jwt_http.do_login(email, password)
+
+    def _signup_with_values(self, **values):
+        request.env['res.users'].sudo().signup(values, None)
+        request.env.cr.commit()     # as authenticate will use its own cursor we need to commit the current transaction
+        self.signup_email(values)
+
+
+    def signup_email(self, values):
+        user_sudo = request.env['res.users'].sudo().search([('login', '=', values.get('login'))])
+        template = request.env.ref('auth_signup.mail_template_user_signup_account_created', raise_if_not_found=False)
+        if user_sudo and template:
+            template.sudo().with_context(
+                lang=user_sudo.lang,
+                auth_login=werkzeug.url_encode({'auth_login': user_sudo.email}),
+            ).send_mail(user_sudo.id, force_send=True)

controllers/main.py

@@ -0,0 +1,72 @@
+import werkzeug
+import odoo
+import base64
+from odoo import http
+from odoo.http import request
+from ..jwt_http import jwt_http
+from ..util import util
+
+import logging
+_logger = logging.getLogger(__name__)
+
+class WebController(http.Controller):
+    @http.route([
+        '/web/avatar/<int:id>',
+        '/web/avatar/<int:id>/<string:size>'
+    ], auth='public', csrf=False, cors='*')
+    def avatar(self, id=None, size='small', **kw):
+        # get product
+        headers = []
+        try:
+            user = request.env['res.users'].sudo().browse(id)
+            content = None
+            mimetype = None
+            if user:
+                # determine field to get
+                field_size = 'image'
+                resize = True
+                if size in ['medium', 'small']:
+                    field_size = '%s_%s' % (field_size, size)
+                    resize = False
+                content = getattr(user, field_size)
+                # the following lines purpose is to get mimetype
+                attachment = request.env['ir.attachment'].sudo().search([
+                    ('res_model', '=', 'res.partner'),
+                    ('res_id', '=', user.partner_id.id),
+                    ('res_field', '=', 'image'),
+                ])
+                if attachment.exists():
+                    mimetype = attachment.mimetype
+            if content and mimetype:
+                # resize image_variant here
+                if resize:
+                    if size == 'large':
+                        width, height = (500, 500)
+                    # add other size here, eg:
+                    # elif size == 'huge':
+                    # width, height = (800, 800)
+                    else:
+                        width = None
+                        height = None
+                    if width:
+                        content = odoo.tools.image_resize_image(base64_source=content, size=(width or None, height or None), encoding='base64', avoid_if_small=True)
+                        # force mime type becuz of image resizer
+                        # mimetype = 'image/png'
+                image_base64 = base64.b64decode(content)
+            else:
+                image_base64 = self.placeholder()  # could return (contenttype, content) in master
+                mimetype = 'image/gif'
+        except Exception as ex:
+            # just to make sure the placeholder image existed
+            image_base64 = base64.b64decode('R0lGODlhAQABAIABAP///wAAACH5BAEKAAEALAAAAAABAAEAAAICTAEAOw==')
+            mimetype = 'image/gif'
+            _logger.error(str(ex))
+        finally:
+            headers.append(('Content-Length', len(image_base64)))
+            headers.append(('Content-Type', mimetype))
+            response = request.make_response(image_base64, headers)
+            response.status_code = 200
+            return response
+
+    def placeholder(self, image='no_image.gif'):
+        return open(util.path('jwt_provider', 'static', 'img', image), 'rb').read()