Simple login method for local/demo databases

Rationale

There are some cases where we want to allow users to authenticate without any password. For example this will be useful for development environments or public demo servers.

Proposal

Implement a none authentication method, that returns a valid id for the user as long as they exist on the database without checking anything else.
This option should be disabled by default and we should document that is not encouraged to use it on production systems, as it is done for example in the PostgreSQL Documentation

Although this can be implemented by a third party module, I think it’s interesting to add it on the trytond server basically to give a good advice that this is not encouraged to run this method on production systems.

I also propose to use this authentication method on the demo server.

Implementation

https://codereview.tryton.org/256751002
https://bugs.tryton.org/issue9157

I do not think it should be a standard method. It gives a wrong message to have something in the core that should not be used.
But we could have a module that we just drop on the demo server because I do not even think such module should be published.

Ok, so we can defined it on a separate module, maybe named authentication_trust to follow the authenticate_sms module.

If we don’t publish it, it’s not usable on other servers and other people with the same needs will be forced to reinvent the wheel.

For me, it is a misleading name because it gives the feeling we can trust. I would prefer authentication_none.

No, they could just get it from the repository. By the way, I think the repository should be under tpf to clearly shows it is unsupported and not standard.

Here is something similare developed by the calidae guys: https://bitbucket.org/calidae/trytond-authentication_dummy

I’ve uploaded an initial review for the module, but I didn’t create an issue on bugs.tryton.org, as I didn’t want it being confused with a standard module. I can change that if you need me to.

I think it will be good to find a way to install this module on the docker demo but without the need to publish a new image.
Maybe we should use the build of docker-compose file.

I have created Enable simple login on demo.tryton.org (#9157) · Issues · Tryton / Tryton · GitLab, which is an attempt at doing just this.

This topic was automatically closed after 14 days. New replies are no longer allowed.