如何在Odoo的Web模块中为res.user(而不是res.partner)自动登录? [英] How to auto login in Odoo's Web-module for res.user, not for res.partner?

问题描述

我试图使用基于令牌的Auth登录，因为我们在移动应用中使用了Odoo-web模块.

I am trying to login using token-based Auth, because we are using Odoo-web module in mobile-app.

当前使用的是GET-方法url传递方法，在没有SSL证书和localhost-websites的网站上为不安全"，如

currently using GET-method url-passing approach which is "UNSECURE" on websites without SSL certificates and localhost-websites, as

myurl.com?username=foo&password=bar

我该如何使用基于令牌的方法或在Odoo-12中以POST方法传递凭据?

How can I do that using Token based approach or passing credentials in POST-method, in Odoo-12?

我在http-controllers文件的odoo核心模块中找到了authenticate()方法，我现在才这样称呼它，

I found this authenticate() method in core-modules of odoo in http-controllers file and I am calling that only now, as:

request.session(db, username, password)

但是我希望它是基于令牌的，而没有将密码硬编码为不同合作伙伴的不同密码，这我不能进行硬编码，这是不好的方法.

but I wanted it to be token based without hardcoding password as different passwords for different partners, which I can't hardcode and it's bad approach.

如何通过传递令牌并对其进行验证?

how can I do it by passing token and validating it?

推荐答案

您可以使用odoo提供的authenticate端点为您的api用户创建会话. 然后，在以下请求中，您使用session id来处理操作.

You can use the authenticate endpoint provided by odoo to create a session for your api user. In the following requests you then use the session id to process operations.

/body验证/web/session/authentication的示例:

Example call to /web/session/authenticate with body:

{
  "jsonrpc": "2.0",
  "method": "call",
  "id": 1,
  "params": {
    "db": "<YOUR-DB>",
    "login": "<YOUR@LOGIN.COM>",
    "password": "<YOUR-PASSWORD>"
  }
}

您可以在 https://中找到端点的描述. github.com/odoo/odoo/blob/12.0/odoo/http.py

这篇关于如何在Odoo的Web模块中为res.user(而不是res.partner)自动登录?的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！