Use self hosted privacy friendly captcha for verifying website users are not bots
Project description
Privacy Friendly Captcha
This module allows to use a Captcha System completly handled by Odoo.
It relies on Altcha (https://altcha.org), an OpenSource captcha alternative.
Table of contents
Use Cases / Context
Currently, Odoo provides 2 options:
Google Recaptcha relies on tracking of the user. It implies cookies
Cloudfare Turnstile relies on signals of the browser so it is less GDPR problematic. However, it relies on a third party infrastructure. The decision is made from a probabilistic perspective (likely a human)
With this new module, everything relies on our own system with no cookies, no tracking and no network calls.
The way to solve it is to add a deterministic puzzle to solve. Bots need to spend more CPU, making it costly at scale.
Configuration
Go to Configuration/Website, check “Enable Altcha” under “Privacy”. Some extra parameters will appear with all the ALTCHA information. This parameters are website dependent.
altcha_key: This key is made to create the challenge and review it later
Also, the system adds the option to use some extra parameters:
altcha_secret_key: Key used to use deterministic mode. Using it will make it faster from a server perspective.
altcha_algorithm: Algorithm used, by default PBKDF2/SHA-512, however, we can use:
Fast ones only for testing purposes: SHA-256, SHA-384, SHA-512
Good by default: PBKDF2/SHA-256, PBKDF2/SHA-384, PBKDF2/SHA-512
Memory Hard: SCRYPT. To be implemented
Memory Hard (it required argon2-cffi): ARGON2ID. To be implemented
altcha_timeout: Number of minutes that we will trust the key, by default 5
altcha_cost: Cost of the challenge. By default, 5000
Bug Tracker
Bugs are tracked on GitHub Issues. In case of trouble, please check there if your issue has already been reported. If you spotted it first, help us to smash it by providing a detailed and welcomed feedback.
Do not contact contributors directly about support or help with technical issues.
Credits
Contributors
-
Enric Tobella
Luís David Rodríguez
Maintainers
This module is maintained by the OCA.
OCA, or the Odoo Community Association, is a nonprofit organization whose mission is to support the collaborative development of Odoo features and promote its widespread use.
This module is part of the OCA/website project on GitHub.
You are welcome to contribute. To learn how please visit https://odoo-community.org/page/Contribute.
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distributions
Built Distribution
Filter files by name, interpreter, ABI, and platform.
If you're not sure about the file name format, learn more about wheel file names.
Copy a direct link to the current filters
File details
Details for the file odoo_addon_website_altcha-18.0.1.0.0.5-py3-none-any.whl.
File metadata
- Download URL: odoo_addon_website_altcha-18.0.1.0.0.5-py3-none-any.whl
- Upload date:
- Size: 108.0 kB
- Tags: Python 3
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/6.2.0 CPython/3.12.3
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
b3fc6a19bfee6e18f80aa96f6c085e0425661d05cefad79ebc7a2ff911aec1fd
|
|
| MD5 |
225751a9908f99af1262baaf2a152f90
|
|
| BLAKE2b-256 |
0ffb7a1d2640f7b88f873084906a4a099251068dff191f98d6ee6e9a1d865c60
|
