oca/oca-server-auth
2
0
Fork 0
mirror of https://github.com/bringout/oca-server-auth.git synced 2026-04-18 05:12:02 +02:00
Code Issues Projects Releases Packages Wiki Activity Actions
oca-server-auth/odoo-bringout-oca-server-auth-vault/vault
History
Ernad Husremovic 8e1e5a5b14 Fix placeholder-mismatched translations
2026-01-25 13:44:04 +01:00
..
controllers Initial commit: OCA Server Auth packages (29 packages) 2025-08-29 15:43:06 +02:00
i18n Fix placeholder-mismatched translations 2026-01-25 13:44:04 +01:00
models Initial commit: OCA Server Auth packages (29 packages) 2025-08-29 15:43:06 +02:00
readme Initial commit: OCA Server Auth packages (29 packages) 2025-08-29 15:43:06 +02:00
security Initial commit: OCA Server Auth packages (29 packages) 2025-08-29 15:43:06 +02:00
static Initial commit: OCA Server Auth packages (29 packages) 2025-08-29 15:43:06 +02:00
tests Initial commit: OCA Server Auth packages (29 packages) 2025-08-29 15:43:06 +02:00
views Initial commit: OCA Server Auth packages (29 packages) 2025-08-29 15:43:06 +02:00
wizards Initial commit: OCA Server Auth packages (29 packages) 2025-08-29 15:43:06 +02:00
__init__.py Initial commit: OCA Server Auth packages (29 packages) 2025-08-29 15:43:06 +02:00
__manifest__.py Initial commit: OCA Server Auth packages (29 packages) 2025-08-29 15:43:06 +02:00
README.rst Initial commit: OCA Server Auth packages (29 packages) 2025-08-29 15:43:06 +02:00
TECHNICAL.rst Initial commit: OCA Server Auth packages (29 packages) 2025-08-29 15:43:06 +02:00

README.rst 

=====
Vault
=====

.. 
   !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
   !! This file is generated by oca-gen-addon-readme !!
   !! changes will be overwritten.                   !!
   !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
   !! source digest: sha256:c0c446463d63752dc25080d52e0132ae87b0b43fd51edc7915ed1b919763b40e
   !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!

.. |badge1| image:: https://img.shields.io/badge/maturity-Beta-yellow.png
    :target: https://odoo-community.org/page/development-status
    :alt: Beta
.. |badge2| image:: https://img.shields.io/badge/licence-AGPL--3-blue.png
    :target: http://www.gnu.org/licenses/agpl-3.0-standalone.html
    :alt: License: AGPL-3
.. |badge3| image:: https://img.shields.io/badge/github-OCA%2Fserver--auth-lightgray.png?logo=github
    :target: https://github.com/OCA/server-auth/tree/16.0/vault
    :alt: OCA/server-auth
.. |badge4| image:: https://img.shields.io/badge/weblate-Translate%20me-F47D42.png
    :target: https://translation.odoo-community.org/projects/server-auth-16-0/server-auth-16-0-vault
    :alt: Translate me on Weblate
.. |badge5| image:: https://img.shields.io/badge/runboat-Try%20me-875A7B.png
    :target: https://runboat.odoo-community.org/builds?repo=OCA/server-auth&target_branch=16.0
    :alt: Try me on Runboat

|badge1| |badge2| |badge3| |badge4| |badge5|

This module implements a vault for secrets and files using end-to-end-encryption. The encryption and decryption happens in the browser using a vault specific shared master key. The master keys are encrypted using asymmetrically. For this the user has to enter a second password on the first login or if he needs to access data in a vault. The asymmetric keys are stored for a certain time in the browser storage.

The server can never access the secrets with the information available. Only people registered in the vault can decrypt or encrypt values in a vault. The meta data isn't encrypted to be able to search/filter for entries more easily.

This modules requires a secure context for the browser to work properly and therefore HTTPS support is required.

The `vault-recovery <https://github.com/fkantelberg/vault-recovery>`_ project focuses on disaster recovery in case of an incident to recover secrets from old database backups or old exports.

**Table of contents**

.. contents::
   :local:

Known issues / Roadmap
======================

* Field and file history for restoration

* Import improvement

 * Support challenge-response/FIDO2
 * Support for argon2 and kdbx v4

* When changing an entry from one vault to another existing vault, the values added on
  this entry cannot be accessed, so the field vault is going to be readonly when it
  is defined.

  If you want to move entries between vaults you can use the export -> import option.

* HTTPS or localhost (secure browser context) is required for the client side encryption

Bug Tracker
===========

Bugs are tracked on `GitHub Issues <https://github.com/OCA/server-auth/issues>`_.
In case of trouble, please check there if your issue has already been reported.
If you spotted it first, help us to smash it by providing a detailed and welcomed
`feedback <https://github.com/OCA/server-auth/issues/new?body=module:%20vault%0Aversion:%2016.0%0A%0A**Steps%20to%20reproduce**%0A-%20...%0A%0A**Current%20behavior**%0A%0A**Expected%20behavior**>`_.

Do not contact contributors directly about support or help with technical issues.

Credits
=======

Authors
~~~~~~~

* initOS GmbH

Contributors
~~~~~~~~~~~~

* Florian Kantelberg <florian.kantelberg@initos.com>
* `Tecnativa <https://www.tecnativa.com>`_:

  * Carlos Roca

Maintainers
~~~~~~~~~~~

This module is maintained by the OCA.

.. image:: https://odoo-community.org/logo.png
   :alt: Odoo Community Association
   :target: https://odoo-community.org

OCA, or the Odoo Community Association, is a nonprofit organization whose
mission is to support the collaborative development of Odoo features and
promote its widespread use.

This module is part of the `OCA/server-auth <https://github.com/OCA/server-auth/tree/16.0/vault>`_ project on GitHub.

You are welcome to contribute. To learn how please visit https://odoo-community.org/page/Contribute.