[Koha-bugs] [Bug 30962] REST API: Add endpoint /patrons/:patron_id/check_password
bugzilla-daemon at bugs.koha-community.org
bugzilla-daemon at bugs.koha-community.org
Fri Jun 17 04:31:00 CEST 2022
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=30962
--- Comment #6 from David Cook <dcook at prosentient.com.au> ---
(In reply to Katrin Fischer from comment #5)
> (In reply to David Cook from comment #4)
> > (In reply to David Cook from comment #3)
> > > (In reply to Tomás Cohen Arazi from comment #2)
> > > > How will we prevent abuse for this password-guessing service? Hehe
> > >
> > > It's not a public/anonymous endpoint. Only an authenticated and authorized
> > > user could use it.
> >
> > But happy to add more security to lock accounts on too many bad password
> > checks.
>
> I think it would make sense to use the existing lock feature here, also
> consistent.
>
> ILS-DI locks too.
Done!
--
You are receiving this mail because:
You are watching all bug changes.
You are the assignee for the bug.
More information about the Koha-bugs
mailing list