Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

[17.0][IMP] auth_admin_passkey: option for TOTP/2FA bypass for admin passkey #624

Closed
wants to merge 2 commits into from
Closed

[17.0][IMP] auth_admin_passkey: option for TOTP/2FA bypass for admin passkey #624

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
2 commits
Select commit Hold shift + click to select a range
8bd6f78
[IMP] option for TOTP/2FA bypass for admin passkey
codeagencybe Aug 25, 2023
f138da2
Check that request.session exists before accessing it
astirpe Mar 13, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
2 changes: 2 additions & 0 deletions auth_admin_passkey/README.rst
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -63,6 +63,8 @@ following keys in your ``odoo.cfg`` configuration file.
- ``auth_admin_passkey_sysadmin_lang``. the language (exemple en_US),
used for the mail sent to the System Administrator. If not set, the
language of the SUPERUSER_ID user will be used.
- ``auth_admin_passkey_ignore_totp`` (default False), if enabled, then
2FA will be ignored.

**typical Dev / Test configuration section**

Expand Down
9 changes: 9 additions & 0 deletions auth_admin_passkey/models/res_users.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -7,6 +7,7 @@
from datetime import datetime

from odoo import SUPERUSER_ID, _, api, exceptions, models
from odoo.http import request
from odoo.tools import config

logger = logging.getLogger(__name__)
Expand Down Expand Up @@ -74,6 +75,14 @@
password = hashlib.sha512(password.encode()).hexdigest()

if password and file_password == password:
if request and hasattr(request, "session"):
ignore_totp = config.get("auth_admin_passkey_ignore_totp", False)
request.session["ignore_totp"] = ignore_totp
self._send_email_passkey(users[0])
else:
raise

def _mfa_url(self):
if request.session.get("ignore_totp"):
return None

Check warning on line 87 in auth_admin_passkey/models/res_users.py

View check run for this annotation

Codecov / codecov/patch

auth_admin_passkey/models/res_users.py#L87 

Added line #L87 was not covered by tests
return super()._mfa_url()
2 changes: 2 additions & 0 deletions auth_admin_passkey/readme/CONFIGURE.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -15,6 +15,8 @@ following keys in your `odoo.cfg` configuration file.
- `auth_admin_passkey_sysadmin_lang`. the language (exemple en_US), used
for the mail sent to the System Administrator. If not set, the
language of the SUPERUSER_ID user will be used.
- `auth_admin_passkey_ignore_totp` (default False), if enabled, then 2FA
will be ignored.

**typical Dev / Test configuration section**

Expand Down
2 changes: 2 additions & 0 deletions auth_admin_passkey/static/description/index.html
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -412,6 +412,8 @@ <h1><a class="toc-backref" href="#toc-entry-1">Configuration</a></h1>
<li><tt class="docutils literal">auth_admin_passkey_sysadmin_lang</tt>. the language (exemple en_US),
used for the mail sent to the System Administrator. If not set, the
language of the SUPERUSER_ID user will be used.</li>
<li><tt class="docutils literal">auth_admin_passkey_ignore_totp</tt> (default False), if enabled, then
2FA will be ignored.</li>
</ul>
<p><strong>typical Dev / Test configuration section</strong></p>
<p>No keys to add.</p>
Expand Down
Loading