| Availability |
Odoo Online
Odoo.sh
On Premise
|
| Lines of code | 334 |
| Technical Name |
cap_login_captcha |
| License | LGPL-3 |
| Website | http://rm-management.odoo.com |
| Versions | 18.0 19.0 |
| Availability |
Odoo Online
Odoo.sh
On Premise
|
| Lines of code | 334 |
| Technical Name |
cap_login_captcha |
| License | LGPL-3 |
| Website | http://rm-management.odoo.com |
| Versions | 18.0 19.0 |
Login CAPTCHA â Proof-of-Work
Stop brute-force and bot logins on your Odoo backend â without sending data to any third party.
100% self-contained
Unlike most CAPTCHA add-ons, this module needs no external service, no API key, and no separate Docker container. The challenge/verification server is re-implemented in pure Python inside Odoo, and the browser widget plus its WebAssembly helper are bundled and served locally. Nothing is fetched from a CDN at runtime.
Privacy-friendly
Based on the open-source Cap proof-of-work CAPTCHA. No image puzzles, no tracking, no cookies sent to anyone. Visitors prove they are real by having their browser perform a small amount of work â invisible and accessible.
How it works
- The login page asks Odoo for a challenge (
/cap/challenge). - The visitor's browser solves a SHA-256 proof-of-work.
- Odoo verifies every solution in Python (
/cap/redeem) and issues a single-use token. - On submit, login is refused unless that token is valid.
Simple configuration
A single switch under Settings â General Settings â Login CAPTCHA turns the protection on or off, with an Easy / Medium / Hard difficulty selector. Disabled by default, so installing the module never locks anyone out.
Bundled browser widget & WebAssembly: Cap by tiago, Apache-2.0, https://github.com/tiagozip/cap. This module: LGPL-3.
Please log in to comment on this module