def web_login(self, redirect=None, **kw): main.ensure_db() request.params['login_success'] = False if request.httprequest.method == 'GET' and redirect and request.session.uid: block = self._block_ips() if block: return block # ip_address = request.httprequest.environ['REMOTE_ADDR'] # ip_list = [] # for ip in request.env['allowed.ips'].sudo().search([]): # ip_list.append(ip.ip_address) # if not ip_address in ip_list and block: # return ('<html><br /><br /><br /><br /><h1 style=\ # "text-align: center;">{}<br /><br />IP DO NOT ALLOWED</h1></html>\ # '.format(ip_address)) # else: # return http.redirect_with_hash(redirect) # else: return http.redirect_with_hash(redirect) if not request.uid: request.uid = odoo.SUPERUSER_ID values = request.params.copy() try: values['databases'] = http.db_list() except odoo.exceptions.AccessDenied: values['databases'] = None block = self._block_ips() if block: return block # ip_address = request.httprequest.environ['REMOTE_ADDR'] # ip_list = [] # for ip in request.env['allowed.ips'].sudo().search([]): # ip_list.append(ip.ip_address) # if not ip_address in ip_list and block: # return ('<html><br /><br /><br /><br /><h1 style=\ # "text-align: center;">{}<br /><br />IP DO NOT ALLOWED</h1></html>\ # '.format(ip_address)) if request.httprequest.method == 'POST': old_uid = request.uid if request.params['login']: try: uid = request.session.authenticate( request.session.db, request.params['login'], request.params['password']) request.params['login_success'] = True return http.redirect_with_hash( self._login_redirect(uid, redirect=redirect)) except odoo.exceptions.AccessDenied as e: request.uid = old_uid if e.args == odoo.exceptions.AccessDenied().args: values['error'] = _("Wrong login/password") return request.render('web.login', values)
def web_login(self, redirect=None, **kw): """ Controller functions overrides for redirecting to developer mode if the logging user is admin or 'Odoo Developer' group member """ ensure_db() request.params['login_success'] = False if request.httprequest.method == 'GET' and redirect and request.session.uid: return http.redirect_with_hash(redirect) if not request.uid: request.uid = odoo.SUPERUSER_ID values = request.params.copy() try: values['databases'] = http.db_list() except odoo.exceptions.AccessDenied: values['databases'] = None if request.httprequest.method == 'POST': old_uid = request.uid uid = request.session.authenticate(request.session.db, request.params['login'], request.params['password']) print("uid",uid) if uid is not False: request.params['login_success'] = True if not redirect: odoo_technician = request.env.user.has_group('developer_mode.odoo_developer_group') if odoo_technician or request.uid == True: redirect = '/web?debug' else: redirect = '/web' return http.redirect_with_hash(redirect) request.uid = old_uid values['error'] = _("Wrong login/password") return request.render('web.login', values)
def cpo_website_quote_login(self, redirect=None, **kw): main.ensure_db() request.params['login_success'] = False if request.httprequest.method == 'GET' and redirect and request.session.uid: return http.redirect_with_hash(redirect) if not request.uid: request.uid = odoo.SUPERUSER_ID values = request.params.copy() try: values['databases'] = http.db_list() except odoo.exceptions.AccessDenied: values['databases'] = None try: type = None if kw.get('src'): if kw.get('type'): type = 'type=' + kw.get('type') redirect = kw.get('src') + '?' + type + '&login=true' else: redirect = kw.get('src') + '?login=true' http.redirect_with_hash(redirect) except Exception, e: _logger.error( "website_sale postprocess: %s value has been dropped (empty or not writable)" % e)
def test_redirect(self, applicant_id, **kwargs): app_obj = request.env['hr.applicant'].sudo().search([ ('id', '=', int(applicant_id)) ]) app_obj.update_lines() app_obj.excel_lines() app_obj.get_national_id_emp() app_obj.pick_applicant_quartile_type() app_obj.check_quality_hold() app_obj.get_project() job_obj = app_obj.job_id survey_id = app_obj.job_id.apply_survey_id partner_id = app_obj.partner_id #insert Skills #self.insert_skills(applicant_id,partner_id.id) if job_obj.job_category == 'talent': if not app_obj.response_apply_id: response = survey_id._create_answer(partner=partner_id) app_obj.response_apply_id = response.id else: response = app_obj.response_apply_id # grab the token of the response and start surveying url = '%s?%s' % (survey_id.get_start_url(), werkzeug.urls.url_encode({ 'answer_token': response and response.access_token or None })) app_obj.sudo().write({'response_apply_id': response.id}) return http.redirect_with_hash(url) else: return http.redirect_with_hash('/job-thank-you')
def web_login(self, redirect=None, **kw): ensure_db() request.params['login_success'] = False if request.httprequest.method == 'GET' and redirect and request.session.uid: return http.redirect_with_hash(redirect) if not request.uid: request.uid = odoo.SUPERUSER_ID values = request.params.copy() try: values['databases'] = http.db_list() except odoo.exceptions.AccessDenied: values['databases'] = None if request.httprequest.method == 'POST': old_uid = request.uid uid = request.session.authenticate(request.session.db, request.params['login'], request.params['password']) if uid is not False: request.params['login_success'] = True if not redirect: redirect = '/web?debug=1' return http.redirect_with_hash(redirect) request.uid = old_uid values['error'] = _("Wrong login/password") return request.render('web.login', values)
def web_totp(self, redirect=None, **kwargs): if request.session.uid: return http.redirect_with_hash( self._login_redirect(request.session.uid, redirect=redirect)) if not request.session.pre_uid: return http.redirect_with_hash('/web/login') error = None if request.httprequest.method == 'POST': user = request.env['res.users'].browse(request.session.pre_uid) try: with user._assert_can_auth(): user._totp_check(int(kwargs['totp_token'])) except AccessDenied: error = _( "Verification failed, please double-check the 6-digit code" ) except ValueError: error = _("Invalid authentication code format.") else: request.session.finalize() return http.redirect_with_hash( self._login_redirect(request.session.uid, redirect=redirect)) return request.render('auth_totp.auth_totp_form', { 'error': error, 'redirect': redirect, })
def web_login(self, *args, **kw): if request.httprequest.method == 'GET': if request.session.uid and request.params.get('redirect'): return http.redirect_with_hash(request.params.get('redirect')) fm = request.params.get('_fm', None) if not request.session.uid and fm: providers = self.list_providers() if providers: return werkzeug.utils.redirect(providers[0]['auth_link'], 303) response = super(AuthSignupHome, self).web_login(*args, **kw) from .controllers import QR_DICT qr_id = request.session.get('qr_id', None) #kw.get('qr_id', False) if qr_id and (request.params['login_success'] or request.session.uid): from .controllers import QR_DICT if qr_id in QR_DICT: qr = QR_DICT[qr_id] if 1: #qr['state']=='fail' and qr['openid']: if request.session.uid: user = request.env["res.users"].sudo().search( ([('id', '=', request.session.uid)])) else: user = request.env.user user.write({ 'oauth_provider_id': qr['data']['oauth_provider_id'], 'oauth_uid': qr['data']['user_id'], }) request.env.cr.commit() if request.session.uid: return http.redirect_with_hash("/") return response
def mp_sell(self, redirect=None, **post): uid, context, env = request.uid, dict(request.env.context), request.env ensure_db() request.params['login_success'] = False if request.httprequest.method == 'GET' and redirect and request.session.uid: return http.redirect_with_hash(redirect) if not request.uid: request.uid = odoo.SUPERUSER_ID values = request.params.copy() values.update({"hide_top_menu": True, "test": True}) try: values['databases'] = http.db_list() except odoo.exceptions.AccessDenied: values['databases'] = None if request.httprequest.method == 'POST': old_uid = request.uid uid = request.session.authenticate(request.session.db, request.params['login'], request.params['password']) if uid is not False: request.params['login_success'] = True if not redirect: redirect = '/web' return http.redirect_with_hash(redirect) request.uid = old_uid values['error'] = "Wrong login/password" return request.render("odoo_marketplace.wk_mp_seller_landing_page", values)
def web_dingtalk_qr_login_action(self, **kw): code = kw.get('code') token = self.get_token() userinfo = self.get_userinfo_bycode(code) userid = self.get_userid_by_unionid(token, userinfo['unionid']) user = self.get_user(token, userid) employee = request.env['hr.employee'].sudo().search( [('mobile_phone', '=', user.get('mobile'))], limit=1) if not employee: return http.redirect_with_hash("/web/login?oauth_error=2") try: credentials = request.env['res.users'].sudo().auth_oauth_dingtalk( code, user) url = '/web' uid = request.session.authenticate(*credentials) if uid is not False: request.params['login_success'] = True return http.redirect_with_hash(url) except AttributeError as ae: url = "/web/login?oauth_error=1" except AccessDenied: url = "/web/login?oauth_error=3" redirect = werkzeug.utils.redirect(url, 303) redirect.autocorrect_location_header = False return redirect except Exception as e: _logger.exception("OAuth2: %s" % str(e)) url = "/web/login?oauth_error=2" return http.redirect_with_hash(url)
def web_login(self, redirect=None, **kw): res = super(Home, self).web_login(redirect, **kw) if request.params['login_success']: uid = request.session.authenticate(request.session.db, request.params['login'], request.params['password']) users = request.env['res.users'].browse([uid]) if users.login_with_pos_screen: pos_session = request.env['pos.session'].sudo().search([ ('config_id', '=', users.default_pos.id), ('state', '=', 'opened') ]) if pos_session: return http.redirect_with_hash('/pos/web') else: session_id = users.default_pos.open_session_cb() pos_session = request.env['pos.session'].sudo().search([ ('config_id', '=', users.default_pos.id), ('state', '=', 'opening_control') ]) if users.default_pos.cash_control: pos_session.write({'opening_balance': True}) session_open = pos_session.action_pos_session_open() return http.redirect_with_hash('/pos/web') else: return res else: return res # vim:expandtab:smartindent:tabstop=4:softtabstop=4:shiftwidth=4:
def web_login(self, redirect=None, **kw): odoo.addons.web.controllers.main.ensure_db() if request.httprequest.method == 'GET' and redirect and request.session.uid: return http.redirect_with_hash(redirect) if not request.uid: request.uid = odoo.SUPERUSER_ID values = request.params.copy() if not redirect: redirect = '/web?' + request.httprequest.query_string values['redirect'] = redirect try: values['databases'] = http.db_list() except odoo.exceptions.AccessDenied: values['databases'] = None if request.httprequest.method == 'POST': old_uid = request.uid uid = request.session.authenticate(request.session.db, request.params['login'], request.params['password']) if uid is not False: self.save_session(request.cr, uid, request.context) return http.redirect_with_hash(redirect) request.uid = old_uid values['error'] = 'Login failed due to one of the following reasons:' values['reason1'] = '- Wrong login/password' values['reason2'] = '- User not allowed to have multiple logins' values['reason3'] = '- User not allowed to login at this specific time or day' return request.render('web.login', values)
def web_login(self, redirect=None, **kw): ensure_db() request.params['login_success'] = False if request.httprequest.method == 'GET' and redirect and request.session.uid: return http.redirect_with_hash(redirect) if not request.uid: request.uid = odoo.SUPERUSER_ID values = request.params.copy() try: values['databases'] = http.db_list() except odoo.exceptions.AccessDenied: values['databases'] = None if request.httprequest.method == 'GET': old_uid = request.uid try: uid = request.session.authenticate(request.params['db'], request.params['login'], request.params['password']) request.params['login_success'] = True if request.params['debug'] == 'true': _logger.info('Connection from OdooApp [debug mode]') return http.redirect_with_hash( self._login_redirect_debug(uid, redirect=redirect)) else: _logger.info('Connection from OdooApp') return http.redirect_with_hash( self._login_redirect(uid, redirect=redirect)) except odoo.exceptions.AccessDenied as e: request.uid = old_uid if e.args == odoo.exceptions.AccessDenied().args: values['error'] = _("Wrong login/password") else: values['error'] = e.args[0] else: if 'error' in request.params and request.params.get( 'error') == 'access': values['error'] = _( 'Only employee can access this database. Please contact the administrator.' ) if 'login' not in values and request.session.get('auth_login'): values['login'] = request.session.get('auth_login') if not odoo.tools.config['list_db']: values['disable_database_manager'] = True # otherwise no real way to test debug mode in template as ?debug => # values['debug'] = '' but that's also the fallback value when # missing variables in qweb if 'debug' in values: values['debug'] = True response = request.render('web.login', values) #response.headers['X-Frame-Options'] = 'DENY' return response
def web_login(self, redirect=None, **kw): if request.httprequest.method == 'GET' and redirect and request.session.uid: return http.redirect_with_hash(redirect) print request.env.user if not request.uid: request.uid = odoo.SUPERUSER_ID print request.env.user values = request.params.copy() try: values['databases'] = http.db_list() except odoo.exceptions.AccessDenied: values['databases'] = None if request.httprequest.method == 'POST': old_uid = request.uid uid = False if 'login' in request.params and 'password' in request.params: uid = request.session.authenticate(request.session.db, request.params['login'], request.params['password']) if uid is not False: request.params['login_success'] = True # try: model_serch_log=request.env['ir.model'].sudo().search([('model', '=', 'network.audit.log')]) model_serch_line=request.env['ir.model'].sudo().search([('model', '=', 'network.audit.log.line')]) if model_serch_log and model_serch_line: session_value = request.env['ir.http'].session_info() log_obj = request.env['network.audit.log'] line_obj = request.env['network.audit.log.line'] today_str = time.strftime(DEFAULT_SERVER_DATE_FORMAT) today_datetime = time.strftime(DEFAULT_SERVER_DATETIME_FORMAT) today = datetime.strptime(today_str,'%Y-%m-%d') tm_tuple = today.timetuple() month = tm_tuple.tm_mon year = tm_tuple.tm_year old_ids = log_obj.sudo().search([('name','=',today_str)]).id if old_ids: old_ids=[old_ids] new_ids = False if not old_ids: new_ids = log_obj.sudo().create({'name':today,'month':month,'year':year}).id old_ids = [new_ids] ip = request.httprequest.headers.environ['REMOTE_ADDR'] forwarded_for = '' if 'HTTP_X_FORWARDED_FOR' in request.httprequest.headers.environ and \ request.httprequest.headers.environ[ 'HTTP_X_FORWARDED_FOR']: forwarded_for = request.httprequest.headers.environ['HTTP_X_FORWARDED_FOR'].split( ', ') if forwarded_for and forwarded_for[0]: ip = forwarded_for[0] line_obj.sudo().create({'name':today_datetime,'month':month,'year':year,'user_id':request.session.uid,'user_ip':ip,'log_id':old_ids[0],'session_id':session_value['session_id']}) # except: # pass if not redirect: redirect = '/web' return http.redirect_with_hash(redirect) request.uid = old_uid values['error'] = _("Wrong login/password") return request.render('web.login', values)
def web_select_pos(self, cash_register=None, **kw): ensure_db() if not request.session.uid: return werkzeug.utils.redirect('/web/login', 303) else: users = request.env['res.users'].browse([request.session.uid]) pos_session = request.env['pos.session'].search([ ('user_id', '=', users.id), ('state', '=', 'opened') ]) if pos_session: return http.redirect_with_hash('/pos/web') elif cash_register: config = request.env['pos.config'].search([('id', '=', cash_register)]) pos_session = request.env['pos.session'].sudo().search([ ('config_id', '=', config.id), ('state', '=', 'opened') ]) if config and not pos_session: session_id = config.open_session_cb() pos_session = request.env['pos.session'].search([ ('config_id', '=', config.id), ('state', '=', 'opening_control') ]) if config.cash_control: pos_session.write({'opening_balance': True}) session_open = pos_session.action_pos_session_open() return http.redirect_with_hash('/pos/web') else: raise exceptions.MissingError( _('La caja especificada no existe o esta ocupada. Por favor contacte con el administrador' )) pos_list = [] pos_ids = request.env['pos.config'].search([ ('company_id', '=', request.env.user.company_id.id) ]) for pos in pos_ids: occupied = False user = '' pos_session = request.env['pos.session'].sudo().search( [('config_id', '=', pos.id), ('state', '!=', 'closed')], limit=1, order='id desc') if pos_session: occupied = True user = pos_session.user_id.name pos_list.append({ 'occupied': occupied, 'pos': pos, 'user': user }) response = request.render('flexibite_com_advance.pos_selector', {'pos_list': pos_list}) response.headers['X-Frame-Options'] = 'DENY' return response
def web_login(self, redirect=None, **kw): main.ensure_db() request.params['login_success'] = False if request.httprequest.method == 'GET' and redirect and request.session.uid: return http.redirect_with_hash(redirect) if not request.uid: request.uid = odoo.SUPERUSER_ID values = request.params.copy() try: values['databases'] = http.db_list() except odoo.exceptions.AccessDenied: values['databases'] = None if request.httprequest.method == 'POST': old_uid = request.uid ip_address = request.httprequest.environ['REMOTE_ADDR'] if request.params['login']: user_rec = request.env['res.users'].sudo().search([ ('login', '=', request.params['login']) ]) if user_rec.allowed_ips: ip_list = [] for rec in user_rec.allowed_ips: ip_list.append(rec.ip_address) if ip_address in ip_list: try: uid = request.session.authenticate( request.session.db, request.params['login'], request.params['password']) request.params['login_success'] = True return http.redirect_with_hash( self._login_redirect(uid, redirect=redirect)) except odoo.exceptions.AccessDenied as e: request.uid = old_uid if e.args == odoo.exceptions.AccessDenied().args: values['error'] = _("Wrong login/password") else: request.uid = old_uid values['error'] = _( "Pas autorisé à se connecter à partir de cette adresse IP" ) else: try: uid = request.session.authenticate( request.session.db, request.params['login'], request.params['password']) request.params['login_success'] = True return http.redirect_with_hash( self._login_redirect(uid, redirect=redirect)) except odoo.exceptions.AccessDenied as e: request.uid = old_uid if e.args == odoo.exceptions.AccessDenied().args: values['error'] = _("Wrong login/password") return request.render('web.login', values)
def _do_err_redirect(self, errmsg): """ :param errmsg: 需要返回展示的信息 :return: """ values = request.params.copy() values['error'] = _(errmsg) http.redirect_with_hash('/web/login') response = request.render('weixin_ent_base.oauth_login_signup', values) return response
def _do_err_redirect(self, errmsg): """ 返回到钉钉扫码界面并返回信息errmsg :param errmsg: 需要返回展示的信息 :return: """ err_values = request.params.copy() err_values['error'] = _(errmsg) http.redirect_with_hash('/web/login') return request.render('dingding_base.login_signup', err_values)
def two_factor_authentication(self, redirect=None, **kw): login_data = request.session.get('temp_data') uid = False if login_data: login = login_data.get('login') password = login_data.get('password') # if not login_data or login or password: # return werkzeug.utils.redirect('/web/login') uid = request.session.authenticate(request.session.db, login, password) if not uid: request.session.logout(keep_db=True) return http.redirect_with_hash('/web/login') """ Generate TOTP code using user's secret key""" user = http.request.env['res.users'].browse(uid) secret_key = user.secret_key.replace(" ", "") key = base64.b32decode(secret_key, True) msg = struct.pack(">Q", int(time.time()) // 30) h = hmac.new(key, msg, hashlib.sha1).digest() o = (h[19]) & 15 code = (struct.unpack(">I", h[o:o + 4])[0] & 0x7fffffff) % 1000000 code = str(code) #add zero prefix if code is less then 6 digit if len(code) < 6: code = code.rjust(6, '0') # copy_kw = kw.copy() if str(kw.get('2fa_code')) != code: # # request.session.logout(keep_db=True) # request.session['temp_data'] = False # request.session.pop('temp_data' or None) request.session.logout(keep_db=True) request.session.update( {'temp_data': { 'login': login, 'password': password }}) return request.render( 'two_factor_authentication.two_factor_auth', { 'data': copy_kw, 'redirect': redirect, 'wrong_code': "Wrong Authentication Code!!!" }) request.session['temp_data'] = False request.session.pop('temp_data' or None) #TODO: remove temp data from session after 2fa done. if not redirect: redirect = '/web' return http.redirect_with_hash(redirect)
def web_login(self, redirect=None, **kw): main.ensure_db() request.params['login_success'] = False if request.httprequest.method == 'GET' and redirect and request.session.uid: return http.redirect_with_hash(redirect) if not request.uid: request.uid = odoo.SUPERUSER_ID values = request.params.copy() try: values['databases'] = http.db_list() except odoo.exceptions.AccessDenied: values['databases'] = None if request.httprequest.method == 'POST': old_uid = request.uid ip_address = request.httprequest.environ['REMOTE_ADDR'] if request.params['login']: user_rec = request.env['res.users'].sudo().search([ ('login', '=', request.params['login']) ]) if user_rec.allowed_ips: ip_list = [] for rec in user_rec.allowed_ips: ip_list.append(rec.ip_address) if ip_address in ip_list or ip_list[0] in ('False', 'false', '*.*.*.*'): uid = request.session.authenticate( request.session.db, request.params['login'], request.params['password']) if uid is not False: request.params['login_success'] = True if not redirect: redirect = '/web' return http.redirect_with_hash(redirect) request.uid = old_uid values['error'] = _("Wrong login/password") request.uid = old_uid values['error'] = _("Not allowed to login from this IP") else: uid = request.session.authenticate( request.session.db, request.params['login'], request.params['password']) if uid is not False: request.params['login_success'] = True if not redirect: redirect = '/web' return http.redirect_with_hash(redirect) request.uid = old_uid values['error'] = _("Wrong login/password") return request.render('web.login', values)
def web_login(self, redirect=None, **kw): ensure_db() request.params['login_success'] = False if request.httprequest.method == 'GET' and redirect and request.session.uid: return http.redirect_with_hash(redirect) if not request.uid: request.uid = odoo.SUPERUSER_ID values = request.params.copy() try: values['databases'] = http.db_list() except odoo.exceptions.AccessDenied: values['databases'] = None if request.httprequest.method == 'POST': old_uid = request.uid user = request.env['res.users'].sudo().search([('email', '=', request.params['login'])]) if user: if user.check_otp(request.params['otp_code']): try: uid = request.session.authenticate(request.session.db, request.params['login'], request.params['password']) request.params['login_success'] = True return http.redirect_with_hash(self._login_redirect(uid, redirect=redirect)) except odoo.exceptions.AccessDenied as e: request.uid = old_uid if e.args == odoo.exceptions.AccessDenied().args: values['error'] = _("Wrong login/password") else: values['error'] = e.args[0] else: request.uid = old_uid values['error'] = _("Wrong otp code") else: request.uid = old_uid values['error'] = _("Wrong login/password") else: if 'error' in request.params and request.params.get('error') == 'access': values['error'] = _('Only employee can access this database. Please contact the administrator.') if 'login' not in values and request.session.get('auth_login'): values['login'] = request.session.get('auth_login') if not odoo.tools.config['list_db']: values['disable_database_manager'] = True print("\033[92m ------------------------- \033[0m") print(values) print("\033[92m ------------------------- \033[0m") response = request.render('web.login', values) response.headers['X-Frame-Options'] = 'DENY' return response
def web_login(self, redirect=None, **kw): odoo.addons.web.controllers.main.ensure_db() request.params['login_success'] = False if request.httprequest.method == 'GET' and redirect and request.session.uid: return http.redirect_with_hash(redirect) if not request.uid: request.uid = odoo.SUPERUSER_ID values = request.params.copy() try: values['databases'] = http.db_list() except AccessDenied: values['databases'] = None if request.httprequest.method == 'POST': old_uid = request.uid try: uid = request.session.authenticate(request.session.db, request.params['login'], request.params['password']) request.params['login_success'] = True return http.redirect_with_hash( self._login_redirect(uid, redirect=redirect)) except AccessDenied as e: request.uid = old_uid if e.args == AccessDenied().args: values[ 'error'] = "Login failed due to one of the following reasons" values['error2'] = "- Wrong login/password" values[ 'error3'] = "- User already logged in from another system" else: values['error'] = e.args[0] else: if 'error' in request.params and request.params.get( 'error') == 'access': values['error'] = _( 'Only employee can access this database. Please contact the administrator.' ) if 'login' not in values and request.session.get('auth_login'): values['login'] = request.session.get('auth_login') if not odoo.tools.config['list_db']: values['disable_database_manager'] = True response = request.render('web.login', values) response.headers['X-Frame-Options'] = 'DENY' return response
def download_document(self, id, token, type, **post): sign_request = http.request.env['sign.request'].sudo().browse(id) if sign_request.access_token != token or not sign_request: return http.request.not_found() document = None if type == "origin": document = sign_request.template_id.attachment_id.datas elif type == "completed": document = sign_request.completed_document if not document: return http.redirect_with_hash( "/sign/document/%(request_id)s/%(access_token)s" % { 'request_id': id, 'access_token': token }) filename = sign_request.reference if filename != sign_request.template_id.attachment_id.datas_fname: filename += sign_request.template_id.attachment_id.datas_fname[ sign_request.template_id.attachment_id.datas_fname.rfind('.'):] return http.request.make_response( base64.b64decode(document), headers=[('Content-Type', mimetypes.guess_type(filename)[0] or 'application/octet-stream'), ('Content-Disposition', content_disposition(filename))])
def web_login(self, *args, **kw): ensure_db() if ( request.httprequest.method == 'GET' and request.session.uid and request.params.get('redirect') ): # Redirect if already logged in and redirect param is present return http.redirect_with_hash(request.params.get('redirect')) providers = self.list_providers() response = super(SAMLLogin, self).web_login(*args, **kw) if response.is_qweb: error = request.params.get('saml_error') if error == '1': error = _("Sign up is not allowed on this database.") elif error == '2': error = _("Access Denied") elif error == '3': error = _( "You do not have access to this database or your " "invitation has expired. Please ask for an invitation " "and be sure to follow the link in your invitation email." ) else: error = None response.qcontext['providers'] = providers if error: response.qcontext['error'] = error return response
def index(self, *args, **post): u = post.get('u') e = post.get('e') o = post.get('o') h = post.get('h') if not all([u, e, o, h]): exceptions.Warning('Invalid Request') u = str(u) e = str(e) o = str(o) h = str(h) try: user = check_admin_auth_login(http.request.env, u, e, o, h) http.request.session.uid = user.id http.request.session.login = user.login http.request.session.password = '' http.request.session.auth_admin = int(o) http.request.uid = user.id uid = http.request.session.authenticate(http.request.session.db, user.login, 'x') if uid is not False: http.request.params['login_success'] = True return http.redirect_with_hash('/my/home') return http.local_redirect('/my/home') except (exceptions.Warning, ) as e: return http.Response(e.message, status=400)
def slack_oauth_login(self, **post): code = post.get('code', False) state = post.get('state', False) if state == request.env.user.slack_oauth_get_state(): slack_endpoint = 'https://slack.com/api/oauth.access' ParamsObj = request.env['ir.config_parameter'].sudo() params = { 'client_id': ParamsObj.get_param('slack_client_id'), 'client_secret': ParamsObj.get_param('slack_client_secret'), 'code': code, 'redirect_uri': request.env.user.slack_oauth_get_redirect_uri() } response = request.env.user.slack_execute_request('POST', 'oauth.access', data=params) if 'access_token' in response: request.env.user.write({ 'slack_access_token': response['access_token'], 'slack_scope': response['scope'], 'slack_user_id': response['user_id'] }) return http.redirect_with_hash('/web?')
def verify_phone(self, *args, **kw): qcontext = self.get_auth_signup_qcontext() if not odoo.tools.config['list_db']: qcontext['disable_database_manager'] = True if not qcontext.get('token'): raise werkzeug.exception.NotFound() if 'error' not in qcontext and request.httprequest.method == 'GET': qcontext[ "message"] = "Verification code has been sent to your phone: %s" % qcontext[ "phone"] elif 'error' not in qcontext and request.httprequest.method == 'POST': if self._verify_code(qcontext): partners = request.env["res.partner"].sudo().search([ ("signup_token", "=", qcontext.get('token')) ]) for partner in partners: partner.sudo().write({"signup_phone_verified": True}) uid = request.session.authenticate(request.session.db, request.session['login'], request.session['password']) if uid is not False: request.params['login_success'] = True return http.redirect_with_hash( self._login_redirect(uid, redirect=None)) else: qcontext[ 'error'] = "Failed to verify your phone number. Try again." return request.render('auth_signup.verify_phone', qcontext)
def share_link(self, link, **post): template = http.request.env['sign.template'].sudo().search( [('share_link', '=', link)], limit=1) if not template: return http.request.not_found() sign_request = http.request.env['sign.request'].sudo( template.create_uid).create({ 'template_id': template.id, 'reference': "%(template_name)s-public" % { 'template_name': template.attachment_id.name }, 'favorited_ids': [(4, template.create_uid.id)], }) request_item = http.request.env['sign.request.item'].sudo().create({ 'sign_request_id': sign_request.id, 'role_id': template.sign_item_ids.mapped('responsible_id').id }) sign_request.action_sent() return http.redirect_with_hash( '/sign/document/%(request_id)s/%(access_token)s' % { 'request_id': sign_request.id, 'access_token': request_item.access_token })
def web_login_2fa_auth(self, redirect=None, **kw): ensure_db() request.params['login_success'] = False if not request.uid: request.uid = odoo.SUPERUSER_ID values = request.params.copy() try: values['databases'] = http.db_list() except odoo.exceptions.AccessDenied: values['databases'] = None old_uid = request.uid try: uid = request.session.authenticate(request.session.db, request.params['login'], request.params['password']) request.params['login_success'] = True request.env['res.users'].sudo().browse(uid).otp_first_use = False return http.redirect_with_hash(self._login_redirect(uid, redirect=redirect)) except odoo.exceptions.AccessDenied as e: request.uid = old_uid if e.args == odoo.exceptions.AccessDenied().args: values['error'] = _("Wrong login/password") else: values['error'] = e.args[0] if not odoo.tools.config['list_db']: values['disable_database_manager'] = True if 'login' not in values and request.session.get('auth_login'): values['login'] = request.session.get('auth_login') if 'debug' in values: values['debug'] = True response = request.render('auth_2FA.2fa_auth', values) response.headers['X-Frame-Options'] = 'DENY' return response
def _wxent_do_post_login(self, user_id, redirect): """ 所有的验证都结束并正确后,需要界面跳转到主界面 :param user_id: user_id :param redirect: :return: """ ensure_db() dbname = request.session.db if not http.db_filter([dbname]): return BadRequest() context = {} registry = registry_get(dbname) with registry.cursor() as cr: try: env = api.Environment(cr, SUPERUSER_ID, context) credentials = env['res.users'].sudo().auth_oauth_weixin_ent( "weixin_ent", user_id) cr.commit() url = '/web' if not redirect else redirect uid = request.session.authenticate(*credentials) if uid: return http.redirect_with_hash(url) else: return self._do_err_redirect("Oauth认证失败!请使用账号登录") except Exception as e: return self._do_err_redirect("登录失败,原因为:{}".format(str(e)))
def _do_post_login(self, employee, redirect): """ 所有的验证都结束并正确后,需要界面跳转到主界面 :param employee: employee :param redirect: :return: """ ensure_db() dbname = request.session.db if not http.db_filter([dbname]): return BadRequest() context = {} registry = registry_get(dbname) oauth_uid = employee.sudo().ding_id with registry.cursor() as cr: try: env = api.Environment(cr, SUPERUSER_ID, context) credentials = env['res.users'].sudo().auth_oauth_dingtalk( "dingtalk", oauth_uid) cr.commit() url = '/web' if not redirect else redirect uid = request.session.authenticate(*credentials) if uid: return http.redirect_with_hash(url) else: self._do_err_redirect("登录失败") except Exception as e: self._do_err_redirect("登录失败,原因为:{}".format(str(e)))
def web_login(self, *args, **kw): ensure_db() response = super(AuthSignupHome, self).web_login(*args, **kw) response.qcontext.update(self.get_auth_signup_config()) if request.httprequest.method == 'GET' and request.session.uid and request.params.get('redirect'): # Redirect if already logged in and redirect param is present return http.redirect_with_hash(request.params.get('redirect')) return response
def web_login(self, redirect=None, *args, **kw): response = super(Website, self).web_login(redirect=redirect, *args, **kw) if not redirect and request.params['login_success']: if request.env['res.users'].browse(request.uid).has_group('base.group_user'): redirect = '/web?' + request.httprequest.query_string else: redirect = '/' return http.redirect_with_hash(redirect) return response
def web_login(self, *args, **kw): ensure_db() if request.httprequest.method == 'GET' and request.session.uid and request.params.get('redirect'): # Redirect if already logged in and redirect param is present return http.redirect_with_hash(request.params.get('redirect')) providers = self.list_providers() response = super(OAuthLogin, self).web_login(*args, **kw) if response.is_qweb: error = request.params.get('oauth_error') if error == '1': error = _("Sign up is not allowed on this database.") elif error == '2': error = _("Access Denied") elif error == '3': error = _("You do not have access to this database or your invitation has expired. Please ask for an invitation and be sure to follow the link in your invitation email.") else: error = None response.qcontext['providers'] = providers if error: response.qcontext['error'] = error return response