auth_jwt

This module provides JWT bearer token authentication for Odoo controller routes.

Key Features

auth.jwt.validator: Enables configuration of JWT token validation parameters including audience, issuer, signature type, algorithm, secret, and JWK URI.
auth.jwt.validator: Supports static user ID strategy for authentication.
auth.jwt.validator: Allows partner ID resolution based on email claim from JWT payload.
auth.jwt.validator: Provides cookie mode to store JWT payload as Http-Only cookie for frontend applications.
controller routes: Allows adding JWT authentication to routes using auth="jwt_{validator-name}" attribute.
controller routes: Supports public_or_jwt authentication for endpoints that work anonymously but enhance with JWT.
authentication: Validates JWT tokens including exp, aud, and iss claims.
authentication: Rejects requests with invalid or missing Authorization header with 401 Unauthorized.
authentication: Prevents authentication conflicts by rejecting requests with existing user sessions.
authentication: Stores decoded JWT payload in request.jwt_payload for use in controllers.
authentication: Associates requests with partners via request.jwt_partner_id when configured.
authentication: Supports chaining multiple validators for fallback authentication.