Merge branch 'for_qa_auth' into 'dev_cooperatic'

Added route and method to allow external authentification (Questions2Answers plugin) See merge request !180

Merge branch 'for_qa_auth' into 'dev_cooperatic'
Added route and method to allow external authentification (Questions2Answers plugin) See merge request !180
0d8734ce · Administrator · 9afd5f37 · 300bc6a4 · 0d8734ce · 0d8734ce
Commit 0d8734ce authored Jun 02, 2022 by Administrator
Hide whitespace changes
Inline Side-by-side

Showing with 30 additions and 7 deletions

models.py members/models.py +18 -7

urls.py members/urls.py +2 -0

views.py members/views.py +10 -0

No files found.
--- a/members/models.py
+++ b/members/models.py
@@ -121,7 +121,7 @@ class CagetteMember(models.Model):
                                     'id DESC')
    @staticmethod
-    def get_credentials(request):
+    def get_credentials(request, external=False):
        import hashlib
        data = {}
@@ -138,7 +138,7 @@ class CagetteMember(models.Model):
                cond.append(['is_member', '=', True])
                cond.append(['is_associated_people', '=', True])
-            fields = ['name', 'email', 'birthdate', 'create_date', 'cooperative_state', 'is_associated_people']
+            fields = ['name', 'email', 'birthdate', 'create_date', 'cooperative_state', 'is_associated_people', 'barcode_base']
            res = api.search_read('res.partner', cond, fields)
            if (res and len(res) >= 1):
                coop_id = None
@@ -160,6 +160,16 @@ class CagetteMember(models.Model):
                    data['auth_token'] = hashlib.sha256(auth_token_seed.encode('utf-8')).hexdigest()
                    data['token'] = hashlib.sha256(coop['create_date'].encode('utf-8')).hexdigest()
                    data['coop_state'] = coop_state
+                    if external is True:
+                        from outils.functions import extract_firstname_lastname
+                        name_sep = getattr(settings, 'SUBSCRIPTION_NAME_SEP', ' ')
+                        name_elts = extract_firstname_lastname(coop['name'], name_sep)
+                        data['lastname'] = name_elts['lastname']
+                        if name_elts['firstname'] != name_elts['lastname']:
+                            data['firstname'] = name_elts['firstname']
+                        else:
+                            data['firstname'] = ''
+                        data['coop_num'] = coop['barcode_base']
                if not ('auth_token' in data):
                    data['failure'] = True
@@ -171,7 +181,7 @@ class CagetteMember(models.Model):
                data['errnum'] = 2
                #  data['res'] = res
-        elif 'token' in request.COOKIES and 'id' in request.COOKIES:
+        elif external is False and 'token' in request.COOKIES and 'id' in request.COOKIES:
            api = OdooAPI()
            cond = [['id', '=', request.COOKIES['id']]]
            fields = ['create_date','email']
@@ -187,10 +197,11 @@ class CagetteMember(models.Model):
        else:
            data['failure'] = True
        if not ('failure' in data):
-            data['login'] = login
+            if external is False:
-            c_db_data = CagetteMember.get_couchdb_data(login)
+                data['login'] = login
-            if len(c_db_data) > 0 and 'validation_state' in c_db_data:
+                c_db_data = CagetteMember.get_couchdb_data(login)
-                data['validation_state'] = c_db_data['validation_state']
+                if len(c_db_data) > 0 and 'validation_state' in c_db_data:
+                    data['validation_state'] = c_db_data['validation_state']
        #  print(str(data))
        return data

--- a/members/urls.py
+++ b/members/urls.py
@@ -71,4 +71,6 @@ urlpatterns = [
    url(r'^update_members_makeups$', admin.update_members_makeups),
    url(r'^get_member_info/(\d+)$', admin.get_member_info),
    url(r'^get_attached_members$', admin.get_attached_members),
+    # External login 
+    url(r'^external_login$', views.external_login)
 ]
--- a/members/views.py
+++ b/members/views.py
@@ -443,3 +443,12 @@ def save_partner_info(request):
    else:
        res['error'] = "Forbidden"
        return JsonResponse(res, safe=False)
+### External login 
+@csrf_exempt
+def external_login(request):
+    """Post request send from external login page, such as Question2Answer."""
+    # TODO : Allow only known host (based on domain ? key ?)
+    res = {'credentials': CagetteMember.get_credentials(request, external=True)}
+    return JsonResponse(res, safe=False)
\ No newline at end of file