https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=27113 David Cook <dcook@prosentient.com.au> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |dcook@prosentient.com.au --- Comment #36 from David Cook <dcook@prosentient.com.au> --- (In reply to Tomás Cohen Arazi from comment #34)
I agree with Fridolin: we should think of adding API routes for this. There should be a privileged route, and an unprivileged route. You shouldn't worry about sessions and all. Just add the required permissions to interact with the routes.
Yeah, I don't get why session data is being used here. I don't even know if there needs to be 2 routes. Maybe just 1 public/unprivileged API route. -- You are receiving this mail because: You are watching all bug changes.