从外部php系统登录Odoo [英] Login to Odoo from external php system

问题描述

我有一个要求，我需要从外部 php 系统重定向到 Odoo，并且用户也应该登录.我想到了以下两种方法来完成这项工作:

I have a requirement where I need to have a redirect from the external php system to Odoo, and the user should be logged in as well. I thought of the following two ways to get this done:

1. 来自 php 端的 url 重定向，它调用特定的控制器，并通过 url 传递凭据，由于显而易见的原因，这不是一个安全的选项

1. A url redirection from the php side which calls a particular controller,and pass the credentials alongiwth the url, which is not a secure option for obvious reasons

使用 xmlrpc 从 php 调用方法，并从 php 传递必要的参数，使用这些参数登录，然后在此处的方法中调用重定向.必须进一步检查此方法是否有效，因为在 odoo 中进行重定向时，控制器和普通函数的工作方式不同.

A call of method using xmlrpc from php, and pass the necessary arguments along from php, use the arguments to sign in and then in the method over here a call for redirect is made. Will have to check further whether this method will work, as the controller and normal functions work in different ways when it comes to redirections within odoo.

请建议哪种方法更好，或者有没有其他方法可以更简单地完成这项工作.并且，在 openerp/service/common.py 中添加一个新方法并调用该方法是否有意义，然后是否可以从那里重定向到 odoo 登录页面?

Please suggest as to which way would be better or are there any other ways to get this done which might be simpler. And, would it make sense to add a new method in the openerp/service/common.py and call that method, and then will it be possible to redirect to the odoo logged in page from there?

希望就上述内容提供意见，我也希望这对 Odoo 中常见的其他外部系统集成查询有所帮助.

Hoping for inputs on the above, and I also hope that this helps out with other external system integration queries which are frequent in Odoo.

谢谢和问候，亚辛·谢里夫

Thanks And Regards, Yaseen Shareef

推荐答案

在您的 php 代码中，您可以对 /web/session/authenticate 进行 jsonrpc 调用并在响应中接收 session_id.您可以在重定向中将 session_id 作为 url 的哈希值传递.在 odoo 中创建一个页面，该页面使用 javascript 读取哈希并将 cookie "session_id=733a54f4663629ffb89d3895f357f6b1715e8666"(显然是一个示例)写入您的 odoo 页面上的浏览器.此时，您应该能够以您在 php 代码中进行身份验证的用户身份在 odoo 中导航.

In your php code you could make a jsonrpc call to /web/session/authenticate and receive the session_id in the response. You could pass the session_id as the hash of your url in your redirect. Create a page in odoo that uses javascript to read the hash and write the cookie "session_id=733a54f4663629ffb89d3895f357f6b1715e8666" (obviously an example) to your browser on your odoo page. At this point you should be able to navigate in odoo as the user you authenticated as in your php code.

    from requests import Request,Session
    import json

    base_url = "127.0.0.1:8069"
    url = "%s/web/session/authenticate" % base_url
    db = <db_name>
    user = <login>
    passwd = <password>

    s = Session()

    data = {
        'jsonrpc': '2.0',
        'params': {
            'context': {},
            'db': db,
            'login': user,
            'password': passwd,
        },
    }

    headers = {
        'Content-type': 'application/json'
    }

    req = Request('POST',url,data=json.dumps(data),headers=headers)
    prepped = req.prepare()
    resp = s.send(prepped)

    r_data = json.loads(resp.text)
    session_id = r_data['result']['session_id']

此示例使用香草卷曲.我知道这不是 php，但是我稍后可能会为 php 更新这篇文章.然而，原则仍然成立.只需将此卷曲转换为 php.

This example uses vanilla curl. Which I know is not php however I may update this post later for php. The principle still stands however. Just convert this curl to php.

如何通过重定向传递此 session_id 取决于您.您需要警惕一些安全问题.因此，请注意不要不安全地传递 session_id，否则有人可能会嗅探它并成为您的登录用户.

How you pass this session_id with your redirect is up to you. There are security concerns which you will need to be wary of. So be careful not to pass the session_id insecurely or someone could sniff it and become your logged in user.

这是一个示例(未经测试)，您必须创建类似于我上面提供的 curl 示例的 json 编码字符串.希望这会有所帮助.

This is an example (untested), you will have to create json encoded string similar to the curl example I provided above. Hope this helps.

$data = <your_json_data>
$data_string = json_encode($data);                                                                                   

$ch = curl_init('http://127.0.0.1:8069/web/session/authenticate');                                                                      
curl_setopt($ch, CURLOPT_CUSTOMREQUEST, "POST");                                                                     
curl_setopt($ch, CURLOPT_POSTFIELDS, $data_string);                                                                  
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);                                                                      
curl_setopt($ch, CURLOPT_HTTPHEADER, array(                                                                          
    'Content-Type: application/json',                                                                                
    'Content-Length: ' . strlen($data_string))                                                                       
);                                                                                                                   

$result = curl_exec($ch);

一旦您拥有 session_id，您将重定向到您的 odoo 服务器到由您插件中的控制器处理的路由.

Once you have your session_id you will redirect to your odoo server to a route which is handled by a controller in your addon.

控制器

imports ...

class MyAddon(http.Controller):

@http.route('/path/for/controller', type='http', auth='public', website=True)
def ext_login_redirect(self, **kw):
    return http.request.render('myaddon.template',{})

重要的是url中的hash包含了你在php中获取的session_id.

The important part is that the hash in the url contains the session_id you obtained in your php.

你的模板 your_template.xml

<openerp>
    <data>
        <template id="template" name="Redirect Template" page="True">
            document.cookie = "session_id=" + window.location.hash;
            window.location = "127.0.0.1:8069/web";
        </template>
    </data>
</openerp>

这篇关于从外部php系统登录Odoo的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！