thirdparty
/
CybroAddons
mirror of https://github.com/CybroOdoo/CybroAddons.git
5
0
Fork 0
Code Issues Projects Releases Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
703 Commits
14 Branches
0 Tags
6.9 GiB
 
 
 
 
 
Tree: e1592c640f
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from 'e1592c640f'
${ noResults }
CybroAddons/access_restriction_by_ip/controllers/access_restriction_by_ip.py

124 lines
6.1 KiB
Raw Blame History

# -*- coding: utf-8 -*-
################################################################################
#
# Cybrosys Technologies Pvt. Ltd.
# Copyright (C) 2025-TODAY Cybrosys Technologies(<https://www.cybrosys.com>).
# Author: Bhagyadev KP (odoo@cybrosys.com)
#
# This program is free software: you can modify
# it under the terms of the GNU Affero General Public License (AGPL) as
# published by the Free Software Foundation, either version 3 of the
# License, or (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU Affero General Public License for more details.
#
# You should have received a copy of the GNU Affero General Public License
# along with this program. If not, see <https://www.gnu.org/licenses/>.
#
################################################################################
import odoo
from odoo import http
from odoo.addons.web.controllers import home
from odoo.addons.web.controllers.utils import ensure_db, _get_login_redirect_url, is_user_internal
from odoo.http import request, route
from odoo.tools.translate import _
SIGN_UP_REQUEST_PARAMS = {'db', 'login', 'debug', 'token', 'message', 'error',
'scope', 'mode',
'redirect', 'redirect_hostname', 'email', 'name',
'partner_id',
'password', 'confirm_password', 'city', 'country_id',
'lang', 'signup_email'}
LOGIN_SUCCESSFUL_PARAMS = set()
CREDENTIAL_PARAMS = ['login', 'password', 'type']
class Home(home.Home):
"""Custom Home class for handling web login and authentication.
Extends the base Home class.
Methods:
web_login(self, redirect=None, **kw): Handles web login and
authentication."""
@route('/web/login', type='http', auth="none", readonly=False)
def web_login(self, redirect=None, **kw):
"""Handle web login and authentication.
Args:
redirect (str): URL to redirect after successful login.
**kw: Additional keyword arguments.
Returns:
http.Response: The HTTP response."""
ensure_db()
request.params['login_success'] = False
if request.httprequest.method == 'GET' and redirect and request.session.uid:
return request.redirect(redirect)
if request.env.uid is None:
if request.session.uid is None:
request.env["ir.http"]._auth_method_public()
else:
request.update_env(user=request.session.uid)
values = {k: v for k, v in request.params.items() if
k in SIGN_UP_REQUEST_PARAMS}
try:
values['databases'] = http.db_list()
except odoo.exceptions.AccessDenied:
values['databases'] = None
if request.httprequest.method == 'POST':
old_uid = request.uid
ip_address = request.httprequest.environ['REMOTE_ADDR']
if request.params['login']:
user_rec = request.env['res.users'].sudo().search(
[('login', '=', request.params['login'])])
if user_rec.allowed_ip_ids:
ip_list = []
for rec in user_rec.allowed_ip_ids:
ip_list.append(rec.ip_address)
if ip_address in ip_list:
try:
credential = {key: value for key, value in
request.params.items() if
key in CREDENTIAL_PARAMS}
credential.setdefault('type', 'password')
auth_info = request.session.authenticate(request.db, credential)
request.params['login_success'] = True
return request.redirect(self._login_redirect(auth_info['uid'], redirect=redirect))
except odoo.exceptions.AccessDenied as e:
request.update_env = old_uid
if e.args == odoo.exceptions.AccessDenied().args:
values['error'] = _("Wrong login/password")
else:
request.update_env = old_uid
values['error'] = _("Not allowed to login from this IP")
else:
try:
credential = {key: value for key, value in
request.params.items() if
key in CREDENTIAL_PARAMS}
credential.setdefault('type', 'password')
auth_info = request.session.authenticate(request.db,
credential)
request.params['login_success'] = True
return request.redirect(
self._login_redirect(auth_info['uid'],
redirect=redirect))
except odoo.exceptions.AccessDenied as e:
if e.args == odoo.exceptions.AccessDenied().args:
values['error'] = _("Wrong login/password")
else:
values['error'] = e.args[0]
else:
if 'error' in request.params and request.params.get(
'error') == 'access':
values['error'] = _(
'Only employees can access this database.'
'Please contact the administrator.')
if 'login' not in values and request.session.get('auth_login'):
values['login'] = request.session.get('auth_login')
if not odoo.tools.config['list_db']:
values['disable_database_manager'] = True
response = request.render('web.login', values)
response.headers['X-Frame-Options'] = 'SAMEORIGIN'
response.headers['Content-Security-Policy'] = "frame-ancestors 'self'"
return response