There are some cases where we want to allow users to authenticate without any password. For example this will be useful for development environments or public demo servers.
Proposal
Implement a none authentication method, that returns a valid id for the user as long as they exist on the database without checking anything else.
This option should be disabled by default and we should document that is not encouraged to use it on production systems, as it is done for example in the PostgreSQL Documentation
Although this can be implemented by a third party module, I think it’s interesting to add it on the trytond server basically to give a good advice that this is not encouraged to run this method on production systems.
I also propose to use this authentication method on the demo server.
I do not think it should be a standard method. It gives a wrong message to have something in the core that should not be used.
But we could have a module that we just drop on the demo server because I do not even think such module should be published.
For me, it is a misleading name because it gives the feeling we can trust. I would prefer authentication_none.
No, they could just get it from the repository. By the way, I think the repository should be under tpf to clearly shows it is unsupported and not standard.
I’ve uploaded an initial review for the module, but I didn’t create an issue on bugs.tryton.org, as I didn’t want it being confused with a standard module. I can change that if you need me to.
I think it will be good to find a way to install this module on the docker demo but without the need to publish a new image.
Maybe we should use the build of docker-compose file.