[15.0][IMP] usabiltiy_webhooks: support api key

usability_webhooks/README.rst

@@ -56,7 +56,20 @@ and the body should include:
       }
    }
 
-Following successful authentication, you can proceed with five API routes:
+**Alternative Authentication Method (API Key)**
+
+As an alternative to session-based authentication, you can use an **API Key** for your requests. This approach bypasses the need for an initial authentication call to ``/web/session/authenticate``.
+
+To use this method, you must send a header with ``Authorization`` set to ``Bearer <api_key>`` for every API route call.
+
+.. code-block:: http
+
+   Authorization: Bearer <api_key>
+
+
+**API Routes**
+
+Following successful authentication, you can proceed with 5 API routes:
 
 1. ``/api/create_data``: This route allows the creation of new data only.
    The format for creating data should be in the following structure:

usability_webhooks/controllers/main.py

@@ -57,32 +57,44 @@ def _set_create_logs(self, param, vals):
         is_create_log = ast.literal_eval(is_create_log.capitalize())
         vals.update({"is_create_log": is_create_log})
 
-    @http.route("/api/create_data", type="json", auth="user")
+    def update_session_auth(self):
+        # Check session first. if no session, use API Key
+        if request.session.uid:
+            request.update_env(user=request.session.uid)
+        else:
+            request.env["ir.http"]._auth_method_bearer()
+
+    @http.route("/api/create_data", type="json", auth="none")
     def create_data(self, model, vals):
+        self.update_session_auth()
         self._set_create_logs("webhook.create_data_log", vals)
         res = self._create_api_logs(model, vals, "create_data")
         return res
 
-    @http.route("/api/update_data", type="json", auth="user")
+    @http.route("/api/update_data", type="json", auth="none")
     def update_data(self, model, vals):
+        self.update_session_auth()
         self._set_create_logs("webhook.update_data_log", vals)
         res = self._create_api_logs(model, vals, "update_data")
         return res
 
-    @http.route("/api/create_update_data", type="json", auth="user")
+    @http.route("/api/create_update_data", type="json", auth="none")
     def create_update_data(self, model, vals):
+        self.update_session_auth()
         self._set_create_logs("webhook.create_update_data_log", vals)
         res = self._create_api_logs(model, vals, "create_update_data")
         return res
 
-    @http.route("/api/search_data", type="json", auth="user")
+    @http.route("/api/search_data", type="json", auth="none")
     def search_data(self, model, vals):
+        self.update_session_auth()
         self._set_create_logs("webhook.search_data_log", vals)
         res = self._create_api_logs(model, vals, "search_data")
         return res
 
-    @http.route("/api/call_function", type="json", auth="user")
+    @http.route("/api/call_function", type="json", auth="none")
     def call_function(self, model, vals):
+        self.update_session_auth()
         self._set_create_logs("webhook.call_function_log", vals)
         res = self._create_api_logs(model, vals, "call_function")
         return res

usability_webhooks/readme/USAGE.rst

@@ -16,7 +16,20 @@ and the body should include:
       }
    }
 
-Following successful authentication, you can proceed with five API routes:
+**Alternative Authentication Method (API Key)**
+
+As an alternative to session-based authentication, you can use an **API Key** for your requests. This approach bypasses the need for an initial authentication call to ``/web/session/authenticate``.
+
+To use this method, you must send a header with ``Authorization`` set to ``Bearer <api_key>`` for every API route call.
+
+.. code-block:: http
+
+   Authorization: Bearer <api_key>
+
+
+**API Routes**
+
+Following successful authentication, you can proceed with 5 API routes:
 
 1. ``/api/create_data``: This route allows the creation of new data only.
    The format for creating data should be in the following structure:

usability_webhooks/static/description/index.html

@@ -407,7 +407,14 @@ <h1><a class="toc-backref" href="#toc-entry-1">Usage</a></h1>
 </span>   <span class="p">}</span><span class="w">
 </span><span class="p">}</span>
 </pre>
-<p>Following successful authentication, you can proceed with five API routes:</p>
+<p><strong>Alternative Authentication Method (API Key)</strong></p>
+<p>As an alternative to session-based authentication, you can use an <strong>API Key</strong> for your requests. This approach bypasses the need for an initial authentication call to <tt class="docutils literal">/web/session/authenticate</tt>.</p>
+<p>To use this method, you must send a header with <tt class="docutils literal">Authorization</tt> set to <tt class="docutils literal">Bearer &lt;api_key&gt;</tt> for every API route call.</p>
+<pre class="code http literal-block">
+<span class="err">Authorization: Bearer &lt;api_key&gt;</span>
+</pre>
+<p><strong>API Routes</strong></p>
+<p>Following successful authentication, you can proceed with 5 API routes:</p>
 <ol class="arabic">
 <li><p class="first"><tt class="docutils literal">/api/create_data</tt>: This route allows the creation of new data only.
 The format for creating data should be in the following structure:</p>