[Koha-bugs] [Bug 24539] New: Build generic authentication module interface
bugzilla-daemon at bugs.koha-community.org
bugzilla-daemon at bugs.koha-community.org
Thu Jan 30 08:34:25 CET 2020
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=24539
Bug ID: 24539
Summary: Build generic authentication module interface
Change sponsored?: ---
Product: Koha
Version: master
Hardware: All
OS: All
Status: NEW
Severity: enhancement
Priority: P5 - low
Component: Authentication
Assignee: koha-bugs at lists.koha-community.org
Reporter: dcook at prosentient.com.au
QA Contact: testopia at bugs.koha-community.org
CC: dpavlin at rot13.org
Locally, I run a number of custom authentication integrations for Koha, and
I've been thinking it would be great if there were a generic authentication
module interface.
So I've refactored my local OpenID Connect implementation, so that the changes
to Auth.pm and opac-auth.tt are very generic, and other authentication modules
could easily leverage them without touching Auth.pm or opac-auth.tt. (The
latter remains translateable as generic messages are in opac-auth.tt and they
are bound to keys passed from the authentication module.)
Right now, you invoke a custom endpoint (I have ideas about making those more
generic and extensible too) and it passes an object to C4::Auth::checkauth().
The module for that object and some other data are persisted in the logged in
user's session.
To log off, you just hit the log off button, Koha gets relevant info from the
user's session, and runs the authentication module's logout hook.
My goal is to make it so that people can rapidly develop authentication
modules, and make it easy to swap in and out different modules. (For instance,
my local OpenID Connect code works and works reasonable well, but it's not
perfect. However, I shouldn't need to touch Auth.pm and opac-auth.tt to improve
that code. The improvements should be isolated within the specific
authentication module itself.)
--
You are receiving this mail because:
You are the assignee for the bug.
You are watching all bug changes.
More information about the Koha-bugs
mailing list