https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=37060 --- Comment #16 from David Cook <dcook@prosentient.com.au> --- (In reply to David Cook from comment #15)
I've just confirmed your problem using curl, so I'll look into that. Something very odd going on here, especially since I'm sure this used to work...
So it looks like a bug in C4::Auth::check_api_auth, but it looks like a bug that has existed for years, so maybe this only worked theoretically in the past... Basically, C4::Auth::check_api_auth() sometimes returns $sessionID and sometimes it returns $session (like in the case where you already have an authenticated cookie), even though it's supposed to always return $sessionID. -- You are receiving this mail because: You are watching all bug changes.