[Koha-bugs] [Bug 30962] REST API: Add endpoint /patrons/:patron_id/check_password
bugzilla-daemon at bugs.koha-community.org
bugzilla-daemon at bugs.koha-community.org
Thu Jun 16 17:54:34 CEST 2022
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=30962
--- Comment #5 from Katrin Fischer <katrin.fischer at bsz-bw.de> ---
(In reply to David Cook from comment #4)
> (In reply to David Cook from comment #3)
> > (In reply to Tomás Cohen Arazi from comment #2)
> > > How will we prevent abuse for this password-guessing service? Hehe
> >
> > It's not a public/anonymous endpoint. Only an authenticated and authorized
> > user could use it.
>
> But happy to add more security to lock accounts on too many bad password
> checks.
I think it would make sense to use the existing lock feature here, also
consistent.
ILS-DI locks too.
--
You are receiving this mail because:
You are watching all bug changes.
You are the assignee for the bug.
More information about the Koha-bugs
mailing list