[Koha-bugs] [Bug 9936] SIP2 should use C4/Auth.pm for user authentication
bugzilla-daemon at bugs.koha-community.org
bugzilla-daemon at bugs.koha-community.org
Tue Jan 6 17:31:21 CET 2015
http://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=9936
--- Comment #1 from Colin Campbell <colin.campbell at ptfs-europe.com> ---
For login authentication it calls C4/Auth check_api_auth
( so the fact it checks the password in the config file is a bit redundant)
For patron status it checks against the db if a password is sent or will accept
''.
For patron information the password is not a required field.
The sip logic is that the borrower barcode is the patron's token allowing them
to request to borrow books.
A quick look at the checkpw routines in Auth suggests that they are doing more
than testing the validity of the password as they are setting up parameters for
a user session and I think we'd need a simpler 'is_this_password_valid'
interface to Auth, but that could easily replace the call currently in
ILS/Patron.pm
--
You are receiving this mail because:
You are watching all bug changes.
You are the assignee for the bug.
More information about the Koha-bugs
mailing list