MFA Support

auth_totp
REPOSITORY
REPOSITORYOCA/server-auth
GIT
GIThttps://github.com/OCA/server-auth.git
GIT FOLDER
GIT FOLDERhttps://github.com/OCA/server-auth/tree/12.0/auth_totp
VERSION
VERSION 1.1.0
CATEGORY
CATEGORYTools
LICENSE
LICENSELGPL-3
APPLICATION
APPLICATIONNo
AUTO-INSTALLABLE
AUTO-INSTALLABLENo
AUTHORS
AUTHORSOdoo Community Association (OCA), LasLabs
MAINTAINERS
MAINTAINERSOdoo Community Association (OCA), LasLabs
COMMITTERS
COMMITTERSGitHub, Patrick Tombez, OCA Transbot, oca-travis, Weblate, OCA-git-bot
WEBSITE
WEBSITEhttps://github.com/OCA/server-auth
LAST TRACKING UPDATE
LAST TRACKING UPDATE2026-07-06 00:29:15
ODOO DEPENDENCIES
ODOO DEPENDENCIES odoo/odoo:
    - web
    - base
PYTHON DEPENDENCIES
PYTHON DEPENDENCIES pyotp
SYSTEM DEPENDENCIES
SYSTEM DEPENDENCIES Not have
DESCRIPTION
DESCRIPTION

Code Analysis

Views touched (4)
XML IDNameModelTypeStatus
mfa_login MFA Login Page ir.ui.view qweb New
res_users_authenticator_create_view_form MFA App/Device Creation Wizard res.users.authenticator.create form New
view_users_form User Form - MFA Settings res.users xpath Inherits base.view_users_form
view_users_form_simple_modif Change My Preferences - MFA Settings res.users xpath Inherits base.view_users_form_simple_modif
Models touched (3)

New fields (3)
  • authenticator_ids One2many → res.users.authenticator
    comodel_name='res.users.authenticator' help='To delete an authentication app, remove it from this list. To add a new authentication app, please use the button to the right. If the button is not present, you do not have the permissions to do this.' inverse_name='user_id' string='Authentication Apps/Devices'
  • mfa_enabled Boolean
    string='MFA Enabled?'
  • trusted_device_cookie_key Char
    compute='_compute_trusted_device_cookie_key' store=True
Public methods (2)
  • check(cls, db, uid, password)
    @classmethod
    Prevent auth caching for MFA users without active MFA session
  • validate_mfa_confirmation_code(self, confirmation_code)
    @api.multi

New fields (3)
  • name Char
    readonly=True required=True
  • secret_key Char
    readonly=True required=True
  • user_id Many2one → res.users
    comodel_name='res.users' ondelete='cascade'
Public methods (1)
  • validate_conf_code(self, confirmation_code)
    @api.multi

New fields (6)
  • confirmation_code Char
    help='Enter the latest six digit code generated by your authentication app' required=True string='Confirmation Code'
  • name Char
    help='A name that will help you remember this authentication app/device' required=True string='Authentication App/Device Name'
  • qr_code_tag Html
    compute='_compute_qr_code_tag' help='Scan this image with your authentication app to add your account' string='QR Code'
  • secret_key Char
    default=<expr> required=True string='Secret Code'
  • secret_key_display Char
    compute='_compute_secret_key_display' readonly=True store=False string='Secret Code'
  • user_id Many2one → res.users
    comodel_name='res.users' default=<expr> help='This is the user whose account the new authentication app/device will be tied to' ondelete='cascade' readonly=True required=True string='Associated User'
Public methods (1)
  • action_create(self)
    @api.multi
REPOSITORY
REPOSITORYOCA/server-auth
GIT
GIThttps://github.com/OCA/server-auth.git
GIT FOLDER
GIT FOLDERhttps://github.com/OCA/server-auth/tree/11.0/auth_totp
VERSION
VERSION 1.1.0
CATEGORY
CATEGORYTools
LICENSE
LICENSELGPL-3
APPLICATION
APPLICATIONNo
AUTO-INSTALLABLE
AUTO-INSTALLABLENo
AUTHORS
AUTHORSOdoo Community Association (OCA), LasLabs
MAINTAINERS
MAINTAINERSOdoo Community Association (OCA), LasLabs
COMMITTERS
COMMITTERSmreficent, OCA Transbot, oca-travis, Weblate, fkantelberg
WEBSITE
WEBSITEhttps://github.com/OCA/server-auth
LAST TRACKING UPDATE
LAST TRACKING UPDATE2026-07-06 00:23:56
ODOO DEPENDENCIES
ODOO DEPENDENCIES odoo/odoo:
    - web
    - base
PYTHON DEPENDENCIES
PYTHON DEPENDENCIES pyotp
SYSTEM DEPENDENCIES
SYSTEM DEPENDENCIES Not have
DESCRIPTION
DESCRIPTION

Code Analysis

Views touched (4)
XML IDNameModelTypeStatus
mfa_login MFA Login Page ir.ui.view qweb New
res_users_authenticator_create_view_form MFA App/Device Creation Wizard res.users.authenticator.create form New
view_users_form User Form - MFA Settings res.users xpath Inherits base.view_users_form
view_users_form_simple_modif Change My Preferences - MFA Settings res.users xpath Inherits base.view_users_form_simple_modif
Models touched (3)

New fields (3)
  • authenticator_ids One2many → res.users.authenticator
    comodel_name='res.users.authenticator' help='To delete an authentication app, remove it from this list. To add a new authentication app, please use the button to the right. If the button is not present, you do not have the permissions to do this.' inverse_name='user_id' string='Authentication Apps/Devices'
  • mfa_enabled Boolean
    string='MFA Enabled?'
  • trusted_device_cookie_key Char
    compute='_compute_trusted_device_cookie_key' store=True
Public methods (3)
  • check(cls, db, uid, password)
    @classmethod
    Prevent auth caching for MFA users without active MFA session
  • check_credentials(self, password)
    @api.model
    Add MFA logic to core authentication process. Overview: * If user does not have MFA enabled, defer to parent logic. * If user has MFA enabled and has gone through MFA login process this session or has correct device cookie, defer to parent logic. * If neither of these is true, call parent logic. If successful, prevent auth while updating session to indicate that MFA login process can now commence.
  • validate_mfa_confirmation_code(self, confirmation_code)
    @api.multi

New fields (3)
  • name Char
    readonly=True required=True
  • secret_key Char
    readonly=True required=True
  • user_id Many2one → res.users
    comodel_name='res.users' ondelete='cascade'
Public methods (1)
  • validate_conf_code(self, confirmation_code)
    @api.multi

New fields (5)
  • confirmation_code Char
    help='Enter the latest six digit code generated by your authentication app' required=True string='Confirmation Code'
  • name Char
    help='A name that will help you remember this authentication app/device' required=True string='Authentication App/Device Name'
  • qr_code_tag Html
    compute='_compute_qr_code_tag' help='Scan this image with your authentication app to add your account' string='QR Code'
  • secret_key Char
    default=<expr> required=True string='Secret Code'
  • user_id Many2one → res.users
    comodel_name='res.users' default=<expr> help='This is the user whose account the new authentication app/device will be tied to' ondelete='cascade' readonly=True required=True string='Associated User'
Public methods (1)
  • action_create(self)
    @api.multi
REPOSITORY
REPOSITORYOCA/server-tools
GIT
GIThttps://github.com/OCA/server-tools.git
GIT FOLDER
GIT FOLDERhttps://github.com/OCA/server-tools/tree/10.0/auth_totp
VERSION
VERSION 2.0.1
CATEGORY
CATEGORYExtra Tools
LICENSE
LICENSELGPL-3
APPLICATION
APPLICATIONNo
AUTO-INSTALLABLE
AUTO-INSTALLABLENo
AUTHORS
AUTHORSOdoo Community Association (OCA), LasLabs
MAINTAINERS
MAINTAINERSOdoo Community Association (OCA), LasLabs
COMMITTERS
COMMITTERSGitHub, Akim Juillerat, OCA Transbot, Dave Lasley, oca-travis, Weblate, OCA-git-bot, Oleg Bulkin
WEBSITE
WEBSITEhttps://github.com/OCA/server-tools
LAST TRACKING UPDATE
LAST TRACKING UPDATE2026-07-06 00:19:59
ODOO DEPENDENCIES
ODOO DEPENDENCIES odoo/odoo:
    - report
    - base
    - web
    - base_setup
    - web_kanban
PYTHON DEPENDENCIES
PYTHON DEPENDENCIES pyotp
SYSTEM DEPENDENCIES
SYSTEM DEPENDENCIES Not have
DESCRIPTION
DESCRIPTION

Code Analysis

Views touched (4)
XML IDNameModelTypeStatus
mfa_login MFA Login Page ir.ui.view qweb New
res_users_authenticator_create_view_form MFA App/Device Creation Wizard res.users.authenticator.create form New
view_users_form User Form - MFA Settings res.users xpath Inherits base.view_users_form
view_users_form_simple_modif Change My Preferences - MFA Settings res.users xpath Inherits base.view_users_form_simple_modif
Models touched (3)

New fields (3)
  • authenticator_ids One2many → res.users.authenticator
    comodel_name='res.users.authenticator' help='To delete an authentication app, remove it from this list. To add a new authentication app, please use the button to the right. If the button is not present, you do not have the permissions to do this.' inverse_name='user_id' string='Authentication Apps/Devices'
  • mfa_enabled Boolean
    string='MFA Enabled?'
  • trusted_device_cookie_key Char
    compute='_compute_trusted_device_cookie_key' store=True
Public methods (3)
  • check(cls, db, uid, password)
    @classmethod
    Prevent auth caching for MFA users without active MFA session
  • check_credentials(self, password)
    @api.model
    Add MFA logic to core authentication process. Overview: * If user does not have MFA enabled, defer to parent logic. * If user has MFA enabled and has gone through MFA login process this session or has correct device cookie, defer to parent logic. * If neither of these is true, call parent logic. If successful, prevent auth while updating session to indicate that MFA login process can now commence.
  • validate_mfa_confirmation_code(self, confirmation_code)
    @api.multi

New fields (3)
  • name Char
    readonly=True required=True
  • secret_key Char
    readonly=True required=True
  • user_id Many2one → res.users
    comodel_name='res.users' ondelete='cascade'
Public methods (1)
  • validate_conf_code(self, confirmation_code)
    @api.multi

New fields (5)
  • confirmation_code Char
    help='Enter the latest six digit code generated by your authentication app' required=True string='Confirmation Code'
  • name Char
    help='A name that will help you remember this authentication app/device' index=True required=True string='Authentication App/Device Name'
  • qr_code_tag Html
    compute='_compute_qr_code_tag' help='Scan this image with your authentication app to add your account' string='QR Code'
  • secret_key Char
    default=<expr> required=True
  • user_id Many2one → res.users
    comodel_name='res.users' default=<expr> help='This is the user whose account the new authentication app/device will be tied to' index=True ondelete='cascade' readonly=True required=True string='Associated User'
Public methods (1)
  • action_create(self)
    @api.multi
REPOSITORY
REPOSITORYOCA/server-tools
GIT
GIThttps://github.com/OCA/server-tools.git
GIT FOLDER
GIT FOLDERhttps://github.com/OCA/server-tools/tree/9.0/auth_totp
VERSION
VERSION 1.1.0
CATEGORY
CATEGORYExtra Tools
LICENSE
LICENSELGPL-3
APPLICATION
APPLICATIONNo
AUTO-INSTALLABLE
AUTO-INSTALLABLENo
AUTHORS
AUTHORSOdoo Community Association (OCA), LasLabs
MAINTAINERS
MAINTAINERSOdoo Community Association (OCA), LasLabs
COMMITTERS
COMMITTERSPedro M. Baeza, Akim Juillerat, OCA Transbot, Dave Lasley, oca-travis, Weblate, Oleg Bulkin
WEBSITE
WEBSITEhttps://laslabs.com/
LAST TRACKING UPDATE
LAST TRACKING UPDATE2026-07-06 00:15:22
ODOO DEPENDENCIES
ODOO DEPENDENCIES odoo/odoo:
    - report
    - base
    - web
PYTHON DEPENDENCIES
PYTHON DEPENDENCIES pyotp
SYSTEM DEPENDENCIES
SYSTEM DEPENDENCIES Not have
DESCRIPTION
DESCRIPTION

Code Analysis

Views touched (4)
XML IDNameModelTypeStatus
mfa_login MFA Login Page ir.ui.view qweb New
res_users_authenticator_create_view_form MFA App/Device Creation Wizard res.users.authenticator.create form New
view_users_form User Form - MFA Settings res.users xpath Inherits base.view_users_form
view_users_form_simple_modif Change My Preferences - MFA Settings res.users xpath Inherits base.view_users_form_simple_modif
Models touched (4)

New fields (5)
  • authenticator_ids One2many → res.users.authenticator
    comodel_name='res.users.authenticator' help='To delete an authentication app, remove it from this list. To add a new authentication app, please use the button to the right. If the button is not present, you do not have the permissions to do this.' inverse_name='user_id' string='Authentication Apps/Devices'
  • mfa_enabled Boolean
    string='MFA Enabled?'
  • mfa_login_token Char
  • mfa_login_token_exp Datetime
  • trusted_device_ids One2many → res.users.device
    comodel_name='res.users.device' inverse_name='user_id' string='Trusted Devices'
Public methods (4)
  • check_credentials(self, password)
    @api.model
  • generate_mfa_login_token(self, lifetime_mins=15)
    @api.multi
  • user_from_mfa_login_token(self, token)
    @api.model
  • validate_mfa_confirmation_code(self, confirmation_code)
    @api.multi

New fields (3)
  • name Char
    readonly=True required=True
  • secret_key Char
    readonly=True required=True
  • user_id Many2one → res.users
    comodel_name='res.users' ondelete='cascade'
Public methods (1)
  • validate_conf_code(self, confirmation_code)
    @api.multi

New fields (5)
  • confirmation_code Char
    help='Enter the latest six digit code generated by your authentication app' required=True string='Confirmation Code'
  • name Char
    help='A name that will help you remember this authentication app/device' index=True required=True string='Authentication App/Device Name'
  • qr_code_tag Html
    compute='_compute_qr_code_tag' help='Scan this image with your authentication app to add your account' string='QR Code'
  • secret_key Char
    default=<expr> required=True string='Secret Code'
  • user_id Many2one → res.users
    comodel_name='res.users' default=<expr> help='This is the user whose account the new authentication app/device will be tied to' index=True ondelete='cascade' readonly=True required=True string='Associated User'
Public methods (1)
  • action_create(self)
    @api.multi

New fields (1)
  • user_id Many2one → res.users
    comodel_name='res.users' ondelete='cascade' required=True
Public methods (0)

No public methods.

REPOSITORY
REPOSITORYOCA/server-tools
GIT
GIThttps://github.com/OCA/server-tools.git
GIT FOLDER
GIT FOLDERhttps://github.com/OCA/server-tools/tree/8.0/auth_totp
VERSION
VERSION 1.0.0
CATEGORY
CATEGORYExtra Tools
LICENSE
LICENSELGPL-3
APPLICATION
APPLICATIONNo
AUTO-INSTALLABLE
AUTO-INSTALLABLENo
AUTHORS
AUTHORSOdoo Community Association (OCA), LasLabs
MAINTAINERS
MAINTAINERSOdoo Community Association (OCA), LasLabs
COMMITTERS
COMMITTERSoca-travis, Weblate, Andhitia Rama
WEBSITE
WEBSITEhttps://laslabs.com/
LAST TRACKING UPDATE
LAST TRACKING UPDATE2026-07-06 00:11:25
ODOO DEPENDENCIES
ODOO DEPENDENCIES odoo/odoo:
    - report
    - base
    - web
PYTHON DEPENDENCIES
PYTHON DEPENDENCIES pyotp
SYSTEM DEPENDENCIES
SYSTEM DEPENDENCIES Not have
DESCRIPTION
DESCRIPTION

Code Analysis

Views touched (4)
XML IDNameModelTypeStatus
mfa_login MFA Login Page ir.ui.view qweb New
res_users_authenticator_create_view_form MFA App/Device Creation Wizard res.users.authenticator.create form New
view_users_form User Form - MFA Settings res.users xpath Inherits base.view_users_form
view_users_form_simple_modif Change My Preferences - MFA Settings res.users xpath Inherits base.view_users_form_simple_modif
Models touched (4)

New fields (5)
  • authenticator_ids One2many → res.users.authenticator
    comodel_name='res.users.authenticator' help='To delete an authentication app, remove it from this list. To add a new authentication app, please use the button to the right. If the button is not present, you do not have the permissions to do this.' inverse_name='user_id' string='Authentication Apps/Devices'
  • mfa_enabled Boolean
    string='MFA Enabled?'
  • mfa_login_token Char
  • mfa_login_token_exp Datetime
  • trusted_device_ids One2many → res.users.device
    comodel_name='res.users.device' inverse_name='user_id' string='Trusted Devices'
Public methods (4)
  • check_credentials(self, password)
    @api.model
  • generate_mfa_login_token(self, lifetime_mins=15)
    @api.multi
  • user_from_mfa_login_token(self, token)
    @api.model
  • validate_mfa_confirmation_code(self, confirmation_code)
    @api.multi

New fields (3)
  • name Char
    readonly=True required=True
  • secret_key Char
    readonly=True required=True
  • user_id Many2one → res.users
    comodel_name='res.users' ondelete='cascade'
Public methods (1)
  • validate_conf_code(self, confirmation_code)
    @api.multi

New fields (5)
  • confirmation_code Char
    help='Enter the latest six digit code generated by your authentication app' required=True string='Confirmation Code'
  • name Char
    help='A name that will help you remember this authentication app/device' index=True required=True string='Authentication App/Device Name'
  • qr_code_tag Html
    compute='_compute_qr_code_tag' help='Scan this image with your authentication app to add your account' string='QR Code'
  • secret_key Char
    default=<expr> required=True
  • user_id Many2one → res.users
    comodel_name='res.users' default=<expr> help='This is the user whose account the new authentication app/device will be tied to' index=True ondelete='cascade' readonly=True required=True string='Associated User'
Public methods (1)
  • action_create(self)
    @api.multi

New fields (1)
  • user_id Many2one → res.users
    comodel_name='res.users' ondelete='cascade' required=True
Public methods (0)

No public methods.