auth_totp.py 1.1 KB

1234567891011121314151617181920212223242526272829303132
  1. # -*- coding: utf-8 -*-
  2. from odoo import api, models
  3. from odoo.addons.auth_totp.controllers.home import TRUSTED_DEVICE_AGE
  4. import logging
  5. _logger = logging.getLogger(__name__)
  6. class AuthTotpDevice(models.Model):
  7. # init is overriden in res.users.apikeys to create a secret column 'key'
  8. # use a different model to benefit from the secured methods while not mixing
  9. # two different concepts
  10. _name = "auth_totp.device"
  11. _inherit = "res.users.apikeys"
  12. _description = "Authentication Device"
  13. _auto = False
  14. def _check_credentials_for_uid(self, *, scope, key, uid):
  15. """Return True if device key matches given `scope` for user ID `uid`"""
  16. assert uid, "uid is required"
  17. return self._check_credentials(scope=scope, key=key) == uid
  18. @api.autovacuum
  19. def _gc_device(self):
  20. self._cr.execute("""
  21. DELETE FROM auth_totp_device
  22. WHERE create_date < (NOW() AT TIME ZONE 'UTC' - INTERVAL '%s SECONDS')
  23. """, [TRUSTED_DEVICE_AGE])
  24. _logger.info("GC'd %d totp devices entries", self._cr.rowcount)