qnts / jwt_provider Goto Github PK

A simple jwt provider for Odoo 11, 12 and 13

Python 99.78% CSS 0.22%

jwt_provider's Introduction

jwt_provider

⚠️ Looking for odoo 14 module?

Meet jwt_provider2 which is a completely rework, only for Odoo 14 (and above, maybe).

Description

This module is meant for developers, building endpoints for web and mobile app.

Currently supports odoo 11.0 12.0 and 13.0.

Attention: There is a break change in 13.0, see the Installation section.

Prerequisites

This module require pyjwt and simplejson to be installed. Run:

pip3 install pyjwt
pip3 install simplejson

If you run odoo in docker, remember to login to bash in docker container and run the above command.

Installation

Download or clone this repo and move it to odoo addons dir. Install it via odoo just like a normal module.

Version 13: now will get secret key from os ENV, using os.environ.get('ODOO_JWT_KEY').

If you're running odoo locally (or inside a docker container), run EXPORT ODOO_JWT_KEY="your_key".
If using docker compose, add ODOO_JWT_KEY=your_key in environment section of yml file.

Developer

Developers might need to verify jwt token inside private endpoints:

http_method, body, headers, token = jwt_http.parse_request()
result = validator.verify_token(token)
if not result['status']:
    return jwt_http.errcode(code=result['code'], message=result['message'])

To Do

Add an interface to store secret key (instead of hard-coding the key) and ability to pick a hashing algorithm (currently we use HMACSHA256).

Endpoints

For private endpoints, include your jwt token in the header like this:

Authorization: Bearer your_token

POST /api/login

Request payload:

[email protected]&
password=password

Response:

400: Incorect login

200: OK

{
  "data": {
      "user": {
          "id": 8,
          "login": "[email protected]",
          "company_id": [
              1,
              "My Company"
          ],
          "name": "John"
      },
      "token": "generated_token"
  },
  "success": true,
  "message": null
}

POST api/register

Require: Free signup setting is ON (as well as enabled auth_signup).

On success, response an access token as well.

Request payload:

[email protected]&
password=password&
name=Your%sName

Response:

400: User input invalid, message might be one of:

Invalid email address
Name cannot be empty
Password cannot be empty
Email address already existed

501: Signup is disabled

200: OK

{
  "data": {
      "user": {
          "id": 8,
          "login": "[email protected]",
          "company_id": [
              1,
              "My Company"
          ],
          "name": "John"
      },
      "token": "generated_token"
  },
  "success": true,
  "message": null
}

My profile

ANY /api/me

Response:

498: Token invalid or expired

200: OK, return user object

{
  "data": null,
  "success": {
      "company_id": [
          1,
          "My Company"
      ],
      "avatar": "http://yourwebsite.com/web/avatar/8",
      "name": "Join",
      "id": 8,
      "email": "[email protected]"
  },
  "message": null
}

Logout

ANY /api/logout

Response:

498: Token invalid or expired

200: OK, log the user out

jwt_provider's People

Contributors

Stargazers

Watchers

Forkers

duyisu enlight3d fredwilliam alai04 wahello webnah odooindonesia yassinelachgar hoaivan forksbot antihaos muhammedashraf9244 matiasbanega jacky-odoo bsaal2

jwt_provider's Issues

Request product.template Model Access Error

Hello, i tried access my api endpoint via localhost:8069/api/product.template after Logged in.

However i got Sorry, you are not allowed to access this document....

Code

@http.route('/api/v1/product', auth='none', cors='*', type="json",  methods=['GET'], csrf=False)
    def index(self, **params):
        records = request.env['product.template'].search([])

How to solve this issue?? Thanks..

Login Error

Please help me. When submit login

Traceback (most recent call last):

File "/usr/lib/python3/dist-packages/werkzeug/serving.py", line 270, in run_wsgi

execute(self.server.app)

File "/usr/lib/python3/dist-packages/werkzeug/serving.py", line 258, in execute

application_iter = app(environ, start_response)

File "/usr/lib/python3/dist-packages/odoo/service/server.py", line 440, in app

return self.app(e, s)

File "/usr/lib/python3/dist-packages/odoo/service/wsgi_server.py", line 124, in application

return application_unproxied(environ, start_response)

File "/usr/lib/python3/dist-packages/odoo/service/wsgi_server.py", line 99, in application_unproxied

result = odoo.http.root(environ, start_response)

File "/usr/lib/python3/dist-packages/odoo/http.py", line 1295, in call

return self.dispatch(environ, start_response)

File "/usr/lib/python3/dist-packages/odoo/http.py", line 1263, in call

return self.app(environ, start_wrapped)

File "/usr/lib/python3/dist-packages/werkzeug/wsgi.py", line 766, in call

return self.app(environ, start_response)

File "/usr/lib/python3/dist-packages/odoo/http.py", line 1465, in dispatch

result = ir_http._dispatch()

File "/usr/lib/python3/dist-packages/odoo/addons/auth_signup/models/ir_http.py", line 19, in _dispatch

return super(Http, cls)._dispatch()

File "/usr/lib/python3/dist-packages/odoo/addons/web_editor/models/ir_http.py", line 21, in _dispatch

return super(IrHttp, cls)._dispatch()

File "/usr/lib/python3/dist-packages/odoo/addons/utm/models/ir_http.py", line 29, in _dispatch

response = super(IrHttp, cls)._dispatch()

File "/usr/lib/python3/dist-packages/odoo/addons/http_routing/models/ir_http.py", line 512, in _dispatch

result = super(IrHttp, cls)._dispatch()

File "/usr/lib/python3/dist-packages/odoo/addons/base/models/ir_http.py", line 241, in _dispatch

return cls._handle_exception(e)

File "/usr/lib/python3/dist-packages/odoo/addons/utm/models/ir_http.py", line 34, in _handle_exception

response = super(IrHttp, cls)._handle_exception(exc)

File "/usr/lib/python3/dist-packages/odoo/addons/http_routing/models/ir_http.py", line 602, in _handle_exception

return super(IrHttp, cls)._handle_exception(exception)

File "/usr/lib/python3/dist-packages/odoo/addons/base/models/ir_http.py", line 209, in _handle_exception

return request._handle_exception(exception)

File "/usr/lib/python3/dist-packages/odoo/http.py", line 744, in _handle_exception

return super(HttpRequest, self)._handle_exception(exception)

File "/usr/lib/python3/dist-packages/odoo/http.py", line 315, in _handle_exception

raise exception.with_traceback(None) from new_cause

TypeError: _login() got an unexpected keyword argument 'user_agent_env' - - -

Add ODOO_JWT_KEY

Hi, i'm using JWT to authenticate my project but i can't get secret key EXPORT ODOO_JWT_KEY="your_key". Can you show me step by step to do this?

/api/login: Function declared as capable of json but request http

/api/register & api/me working well

not work:
api/login

odoo 13: in fact inside controller type='http'

<title>400 Bad Request</title>

Bad Request

<function JwtController.login at 0x10ea57d08>, /api/login: Function declared as capable of handling request of type 'json' but called with a request of type 'http'

qnts / jwt_provider Goto Github PK

jwt_provider's Introduction

jwt_provider

Description

Prerequisites

Installation

Developer

To Do

Endpoints

jwt_provider's People

Contributors

Stargazers

Watchers

Forkers

jwt_provider's Issues

Bad Request

Recommend Projects

Recommend Topics

Recommend Org