@classmethod
def _login(cls, db, login, password):if not password:
raise AccessDenied()
ip = request.httprequest.environ['REMOTE_ADDR']if request else'n/a'try:with cls.pool.cursor()as cr:
self = api.Environment(cr,SUPERUSER_ID,{})[cls._name]with self._assert_can_auth():
user = self.search(self._get_login_domain(login), order=self._get_login_order(), limit=1)if not user:
raise AccessDenied()
user = user.with_user(user)
user._check_credentials(password) # 此方法是验证密码的方法
user._update_last_login()
except AccessDenied:
_logger.info("Login failed for db:%s login:%s from %s", db, login, ip)
raise
_logger.info("Login successful for db:%s login:%s from %s", db, login, ip)return user.id
def _check_credentials(self, password):""" Validates the current user's password.
Override this method to plug additional authentication methods.
Overrides should:* call `super` to delegate to parents for credentials-checking
*catch AccessDenied and perform their own checking
*(re)raise AccessDenied if the credentials are still invalid
according to their own validation method
When trying to check for credentials validity, call _check_credentials
instead."""
""" Override this method to plug additional authentication methods"""
assert password
self.env.cr.execute("SELECT COALESCE(password, '') FROM res_users WHERE id=%s",[self.env.user.id])[hashed]= self.env.cr.fetchone()
valid, replacement = self._crypt_context()\
.verify_and_update(password, hashed)if replacement is not None:
self._set_encrypted_password(self.env.user.id, replacement)if not valid:
raise AccessDenied()