|
| 1 | +================================= |
| 2 | +Enforce Two-Factor Authentication |
| 3 | +================================= |
| 4 | + |
| 5 | +.. |
| 6 | + !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! |
| 7 | + !! This file is generated by oca-gen-addon-readme !! |
| 8 | + !! changes will be overwritten. !! |
| 9 | + !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! |
| 10 | + !! source digest: sha256:d7a9647142270eff465347946c269fc042be4388b9f9d22a0d3ff1239f105dae |
| 11 | + !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! |
| 12 | +
|
| 13 | +.. |badge1| image:: https://img.shields.io/badge/maturity-Beta-yellow.png |
| 14 | + :target: https://odoo-community.org/page/development-status |
| 15 | + :alt: Beta |
| 16 | +.. |badge2| image:: https://img.shields.io/badge/licence-AGPL--3-blue.png |
| 17 | + :target: http://www.gnu.org/licenses/agpl-3.0-standalone.html |
| 18 | + :alt: License: AGPL-3 |
| 19 | +.. |badge3| image:: https://img.shields.io/badge/github-OCA%2Fserver--auth-lightgray.png?logo=github |
| 20 | + :target: https://github.com/OCA/server-auth/tree/18.0/auth_totp_enforce |
| 21 | + :alt: OCA/server-auth |
| 22 | +.. |badge4| image:: https://img.shields.io/badge/weblate-Translate%20me-F47D42.png |
| 23 | + :target: https://translation.odoo-community.org/projects/server-auth-18-0/server-auth-18-0-auth_totp_enforce |
| 24 | + :alt: Translate me on Weblate |
| 25 | +.. |badge5| image:: https://img.shields.io/badge/runboat-Try%20me-875A7B.png |
| 26 | + :target: https://runboat.odoo-community.org/builds?repo=OCA/server-auth&target_branch=18.0 |
| 27 | + :alt: Try me on Runboat |
| 28 | + |
| 29 | +|badge1| |badge2| |badge3| |badge4| |badge5| |
| 30 | + |
| 31 | +This module forces internal users to configure two-factor authentication |
| 32 | +(a TOTP authenticator app) before they log in. |
| 33 | + |
| 34 | +Enforcement works like the password expiry flow of |
| 35 | +``password_security``: nobody is logged out when the module is |
| 36 | +installed, but on their next login users are held in a mandatory step |
| 37 | +and cannot reach the backend until they have enabled an authenticator |
| 38 | +app. |
| 39 | + |
| 40 | +Members of the **Exempt from 2FA enforcement** group are never forced. |
| 41 | +Portal and public users are out of scope at the moment. |
| 42 | + |
| 43 | +**Table of contents** |
| 44 | + |
| 45 | +.. contents:: |
| 46 | + :local: |
| 47 | + |
| 48 | +Usage |
| 49 | +===== |
| 50 | + |
| 51 | +Once installed, any enforced internal user without an authenticator app |
| 52 | +configured will, on their next login: |
| 53 | + |
| 54 | +1. Enter their login and password as usual. |
| 55 | +2. Be redirected to a mandatory setup page showing a QR code and secret |
| 56 | + key. |
| 57 | +3. Scan the code with an authenticator app and enter the generated code. |
| 58 | +4. Be handed over to the standard two-factor step to complete the login. |
| 59 | + |
| 60 | +Bug Tracker |
| 61 | +=========== |
| 62 | + |
| 63 | +Bugs are tracked on `GitHub Issues <https://github.com/OCA/server-auth/issues>`_. |
| 64 | +In case of trouble, please check there if your issue has already been reported. |
| 65 | +If you spotted it first, help us to smash it by providing a detailed and welcomed |
| 66 | +`feedback <https://github.com/OCA/server-auth/issues/new?body=module:%20auth_totp_enforce%0Aversion:%2018.0%0A%0A**Steps%20to%20reproduce**%0A-%20...%0A%0A**Current%20behavior**%0A%0A**Expected%20behavior**>`_. |
| 67 | + |
| 68 | +Do not contact contributors directly about support or help with technical issues. |
| 69 | + |
| 70 | +Credits |
| 71 | +======= |
| 72 | + |
| 73 | +Authors |
| 74 | +------- |
| 75 | + |
| 76 | +* ForgeFlow |
| 77 | + |
| 78 | +Contributors |
| 79 | +------------ |
| 80 | + |
| 81 | +- ForgeFlow S.L. <contact@forgeflow.com> |
| 82 | + |
| 83 | + - Laura Cazorla <laura.cazorla@forgeflow.com> |
| 84 | + |
| 85 | +Maintainers |
| 86 | +----------- |
| 87 | + |
| 88 | +This module is maintained by the OCA. |
| 89 | + |
| 90 | +.. image:: https://odoo-community.org/logo.png |
| 91 | + :alt: Odoo Community Association |
| 92 | + :target: https://odoo-community.org |
| 93 | + |
| 94 | +OCA, or the Odoo Community Association, is a nonprofit organization whose |
| 95 | +mission is to support the collaborative development of Odoo features and |
| 96 | +promote its widespread use. |
| 97 | + |
| 98 | +This module is part of the `OCA/server-auth <https://github.com/OCA/server-auth/tree/18.0/auth_totp_enforce>`_ project on GitHub. |
| 99 | + |
| 100 | +You are welcome to contribute. To learn how please visit https://odoo-community.org/page/Contribute. |
0 commit comments