Auth Invite: define parameters and variables

2025-08-07 10:30:36 +07:00 · 2025-08-07 10:30:36 +07:00 · a6449c6962
commit a6449c6962
parent 3e85e6375f
1 changed files with 31 additions and 0 deletions
--- a/modules/api/auth.py
+++ b/modules/api/auth.py
@ -236,6 +236,37 @@ class auth:
            self.db_main.close()
        return response

+    def invite(self, params):
+        APIADDR			= "/api/auth/invite"
+        response		= {}
+        allowed_roles		= [1,2]
+        allowed_invitation 	= globalvar.allowed_invitation
+        self.cursor.execute("BEGIN;")
+        try:
+            loggorilla.prcss(APIADDR, "Define parameters")
+            roles 		= params["roles"	]
+            email 		= params["email"	]
+            username 		= params["username"	]
+            password 		= params["password"	] # Admin should insert their password for send invitation confirmation
+            loggorilla.prcss(APIADDR, "Extract the Authorization token from Header")
+            auth_header 	= request.get_header('Authorization')
+            jwt 		= auth_header.split(' ')[1]
+            payload 		= tokenguard.decode(jwt, globalvar.ssh['key']['public'])
+            session_id 		= payload["session"]["id"]
+            loggorilla.prcss(APIADDR, "Account validation")
+            user_validation 	= procedure_validation.validation().account(APIADDR, allowed_roles, token)
+            user 		= user_validation['data']
+        except Exception as e:
+            self.cursor.execute("ROLLBACK;")
+            loggorilla.error(APIADDR, str(e) )
+            response["status"	] = "failed"
+            response["desc"	] = "Internal Server Error. Please contact us if you still have an error."
+        finally:
+            self.cursor.execute("COMMIT;")
+            self.cursor.close()
+            self.db_main.close()
+        return response
+        
    def login(self, params):
        APIADDR     = "/api/auth/login"
        response    = {}