From 26ac77cdd268413988cfb099dc50039ddc2db4e9 Mon Sep 17 00:00:00 2001 From: OCA-git-bot Date: Fri, 11 Oct 2024 09:52:15 +0000 Subject: [PATCH] [BOT] post-merge updates --- README.md | 1 + auth_api_key/README.rst | 15 ++++++++++++++- auth_api_key/static/description/index.html | 14 +++++++++++++- setup/_metapackage/pyproject.toml | 3 ++- 4 files changed, 30 insertions(+), 3 deletions(-) diff --git a/README.md b/README.md index 306356ab0..b1ddf5a39 100644 --- a/README.md +++ b/README.md @@ -21,6 +21,7 @@ Available addons ---------------- addon | version | maintainers | summary --- | --- | --- | --- +[auth_api_key](auth_api_key/) | 18.0.1.0.0 | | Authenticate http requests from an API key [base_user_empty_password](base_user_empty_password/) | 18.0.1.0.0 | [![grindtildeath](https://github.com/grindtildeath.png?size=30px)](https://github.com/grindtildeath) | Allows to empty password of users [//]: # (end addons) diff --git a/auth_api_key/README.rst b/auth_api_key/README.rst index 6fc2d05e5..1faa3bf11 100644 --- a/auth_api_key/README.rst +++ b/auth_api_key/README.rst @@ -7,7 +7,7 @@ Auth Api Key !! This file is generated by oca-gen-addon-readme !! !! changes will be overwritten. !! !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! - !! source digest: sha256:455a0f8646088cc228c9423fcbabbc1d81cabbebd0cac6dcf07bbbe000a6fc87 + !! source digest: sha256:bfed24ce8c3a57ea6a6270a37d412ab6fe00b5d2004270943ad5f9039a572fcc !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! .. |badge1| image:: https://img.shields.io/badge/maturity-Production%2FStable-green.png @@ -41,6 +41,19 @@ from known sources. For unknown sources, it is a good practice to filter out this header at proxy level. +Odoo allows users to authenticate ``XMLRPC/JSONRPC`` calls using their +API key instead of a password by native API keys (``res.users.apikey``). +However, ``auth_api_key`` has some special features of its own such as: + +- API keys remain usable even when the user is inactive, if enabled via + settings (e.g., for system users in a shopinvader case). +- Supports dual authentication via Basic Auth and API_KEY in separate + HTTP headers. +- Admins can manage API keys for all users + +Given these advantages, particularly in use case like system user +authentication, we have decided to keep the ``auth_api_key`` module + **Table of contents** .. contents:: diff --git a/auth_api_key/static/description/index.html b/auth_api_key/static/description/index.html index c1b7ac4c3..7a7b1e4a9 100644 --- a/auth_api_key/static/description/index.html +++ b/auth_api_key/static/description/index.html @@ -367,7 +367,7 @@

Auth Api Key

!! This file is generated by oca-gen-addon-readme !! !! changes will be overwritten. !! !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! -!! source digest: sha256:455a0f8646088cc228c9423fcbabbc1d81cabbebd0cac6dcf07bbbe000a6fc87 +!! source digest: sha256:bfed24ce8c3a57ea6a6270a37d412ab6fe00b5d2004270943ad5f9039a572fcc !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! -->

Production/Stable License: LGPL-3 OCA/server-auth Translate me on Weblate Try me on Runboat

Authenticate http requests from an API key.

@@ -379,6 +379,18 @@

Auth Api Key

from known sources.

For unknown sources, it is a good practice to filter out this header at proxy level.

+

Odoo allows users to authenticate XMLRPC/JSONRPC calls using their +API key instead of a password by native API keys (res.users.apikey). +However, auth_api_key has some special features of its own such as:

+ +

Given these advantages, particularly in use case like system user +authentication, we have decided to keep the auth_api_key module

Table of contents