[Koha-bugs] [Bug 27309] New: Add plugin hooks for capturing raw passwords (NNPDB)
bugzilla-daemon at bugs.koha-community.org
bugzilla-daemon at bugs.koha-community.org
Mon Dec 28 14:21:42 CET 2020
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=27309
Bug ID: 27309
Summary: Add plugin hooks for capturing raw passwords (NNPDB)
Change sponsored?: ---
Product: Koha
Version: master
Hardware: All
OS: All
Status: NEW
Severity: enhancement
Priority: P5 - low
Component: Plugin architecture
Assignee: koha-bugs at lists.koha-community.org
Reporter: magnus at libriotech.no
QA Contact: testopia at bugs.koha-community.org
Bug 22706 tried to add hooks to make it possible to implement support for the
Norwegian National Patron Database (NNPDB) via a plugin. That bug added a new
hook called check_password, and this was called in two places:
1. In Koha::Patron::set_password
https://git.koha-community.org/Koha-community/Koha/src/branch/master/Koha/Patron.pm#L774
2. In Koha::Patron::store
https://git.koha-community.org/Koha-community/Koha/src/branch/master/Koha/Patron.pm#L167
The second call to check_password was initially placed after this call:
$self = $self->SUPER::store;
so we could send both the raw password and the borrowernumber to the hook. This
is of course a problem, since checking the password after the borrower has been
stored means we can't reject the user completely based on the password. And so
the call to the check_password hook was placed bwfore this line. This meant
that the check_password hook could not serve the intended purpose of
implementing the NNPDB.
This bug proposes a new plugin hook, to be implemented after the ->store, to
finally make it possible to implement NNPDB as a plugin.
--
You are receiving this mail because:
You are the assignee for the bug.
You are watching all bug changes.
More information about the Koha-bugs
mailing list