[IMP]pms_api_rest: reset-password public auth PATCH by POST

OCA · Oct 26, 2023 · 8450470 · 8450470
1 parent 4551037
commit 8450470
Showing 1 changed file with 18 additions and 18 deletions.
diff --git a/pms_api_rest/services/pms_user_service.py b/pms_api_rest/services/pms_user_service.py
@@ -1,18 +1,16 @@
 import base64
-import tempfile
 import os
+import tempfile
+from datetime import datetime, timedelta
+
 import werkzeug.exceptions
 
+from odoo import _
+from odoo.exceptions import AccessDenied, MissingError
+
 from odoo.addons.base_rest import restapi
 from odoo.addons.base_rest_datamodel.restapi import Datamodel
 from odoo.addons.component.core import Component
-from odoo.exceptions import AccessDenied
-from datetime import datetime, timedelta
-
-
-
-from odoo import _
-from odoo.exceptions import MissingError
 
 
 class PmsRoomTypeClassService(Component):
@@ -33,7 +31,6 @@ class PmsRoomTypeClassService(Component):
         output_param=Datamodel("pms.api.rest.user.output", is_list=False),
         auth="jwt_api_pms",
     )
-
     def get_user(self, user_id):
         user = self.env["res.users"].sudo().search([("id", "=", user_id)])
         if user:
@@ -96,7 +93,7 @@ def write_user(self, user_id, input_data):
             else:
                 user.write(
                     {
-                        "image_1024": '',
+                        "image_1024": "",
                     }
                 )
             return True
@@ -122,7 +119,6 @@ def change_password(self, user_id, input_data):
             except AccessDenied:
                 raise werkzeug.exceptions.Unauthorized(_("Wrong password"))
 
-
             user.change_password(input_data.password, input_data.newPassword)
 
             PmsUserInfo = self.env.datamodels["pms.api.rest.user.login.output"]
@@ -136,7 +132,7 @@ def change_password(self, user_id, input_data):
                 [
                     "/p/reset-password",
                 ],
-                "PATCH",
+                "POST",
             )
         ],
         input_param=Datamodel("pms.api.rest.user.input", is_list=False),
@@ -150,7 +146,6 @@ def reset_password(self, input_data):
         self.env["res.users"].sudo().signup(values, input_data.resetToken)
         return True
 
-
     @restapi.method(
         [
             (
@@ -165,19 +160,22 @@ def reset_password(self, input_data):
         cors="*",
     )
     def send_mail_to_reset_password(self, input_data):
-        user = self.env["res.users"].sudo().search([("email", "=", input_data.userEmail)])
+        user = (
+            self.env["res.users"].sudo().search([("email", "=", input_data.userEmail)])
+        )
         if user:
             template_id = self.env.ref("pms_api_rest.pms_reset_password_email").id
-            template = self.env['mail.template'].sudo().browse(template_id)
+            template = self.env["mail.template"].sudo().browse(template_id)
             if not template:
                 return False
             expiration_datetime = datetime.now() + timedelta(minutes=15)
             user.partner_id.sudo().signup_prepare(expiration=expiration_datetime)
-            template.with_context({'app_url': input_data.url}).send_mail(user.id, force_send=True)
+            template.with_context({"app_url": input_data.url}).send_mail(
+                user.id, force_send=True
+            )
             return True
         return False
 
-
     @restapi.method(
         [
             (
@@ -191,7 +189,9 @@ def send_mail_to_reset_password(self, input_data):
         cors="*",
     )
     def check_reset_password_token(self, reset_token):
-        user = self.env["res.partner"].sudo().search([("signup_token", "=", reset_token)])
+        user = (
+            self.env["res.partner"].sudo().search([("signup_token", "=", reset_token)])
+        )
         is_token_expired = False
         if not user:
             return True