Coverage for adhoc-cicd-odoo-odoo / odoo / service / security.py: 11%

23 statements  

« prev     ^ index     » next       coverage.py v7.13.4, created at 2026-03-09 18:05 +0000

1# Part of Odoo. See LICENSE file for full copyright and licensing details. 

2 

3import time 

4 

5from odoo.tools.misc import consteq 

6 

7 

8def compute_session_token(session, env): 

9 self = env['res.users'].browse(session.uid) 

10 return self._compute_session_token(session.sid) 

11 

12 

13def check_session(session, env, request=None): 

14 session._delete_old_sessions() 

15 # Make sure we don't use a deleted session that can be saved again 

16 if 'deletion_time' in session and session['deletion_time'] <= time.time(): 

17 return False 

18 self = env['res.users'].browse(session.uid) 

19 expected = self._compute_session_token(session.sid) 

20 if expected: 

21 if consteq(expected, session.session_token): 

22 if request: 

23 env['res.device.log']._update_device(request) 

24 return True 

25 # If the session token is not valid, we check if the legacy version works 

26 # and convert the session token to the new one 

27 legacy_expected = self._legacy_session_token_hash_compute(session.sid) 

28 if legacy_expected and consteq(legacy_expected, session.session_token): 

29 session.session_token = expected 

30 if request: 

31 env['res.device.log']._update_device(request) 

32 return True 

33 return False