[Koha-bugs] [Bug 28785] Code in C4::Auth::checkauth is copy pasted
bugzilla-daemon at bugs.koha-community.org
bugzilla-daemon at bugs.koha-community.org
Fri Sep 10 17:47:45 CEST 2021
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=28785
Martin Renvoize <martin.renvoize at ptfs-europe.com> changed:
What |Removed |Added
----------------------------------------------------------------------------
Attachment #123392|0 |1
is obsolete| |
--- Comment #17 from Martin Renvoize <martin.renvoize at ptfs-europe.com> ---
Created attachment 124776
-->
https://bugs.koha-community.org/bugzilla3/attachment.cgi?id=124776&action=edit
Bug 28785: Centralize cookie auth check in check_cookie_auth
This code is duplicated in 3 different places, we must call
check_cookie_auth instead.
It makes check_cookie_auth returns a 'restricted' when
SessionRestrictionByIP is set and the IP changed.
It also returns a third parameters contained the old and new IP, to fill
the "info" hash in checkauth but apparently the oldip and newip
variables are not even used from the template. We may want to remove it
completely.
No change is expected with this patch, the different authentication
methods should still work as before.
Test plan:
Log in the staff and OPAC interfaces, logout.
Log in and call script that call the 3 different subroutines modified by
this patch. For instance you can list checkouts (that is using
check_cookie_auth) and display a patron's image (using check_api_auth).
QA with good knowledge of the C4::Auth module and the different
authentication methods is required.
Signed-off-by: Owen Leonard <oleonard at myacpl.org>
Signed-off-by: Martin Renvoize <martin.renvoize at ptfs-europe.com>
--
You are receiving this mail because:
You are watching all bug changes.
More information about the Koha-bugs
mailing list