[Koha-bugs] [Bug 26792] Create simple is_authenticated and is_authorized methods for AuthN/AuthZ
bugzilla-daemon at bugs.koha-community.org
bugzilla-daemon at bugs.koha-community.org
Wed Oct 28 14:10:21 CET 2020
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=26792
--- Comment #2 from David Cook <dcook at prosentient.com.au> ---
I'm making some good progress here.
I've created some methods like Koha::Auth->is_authenticated and
Koha::Auth->is_authorized, and then implemented those in a Mojolicious
application mounted in plack.psgi at 'intranet/staff'.
(The Koha::Auth->is_authenticated is used to cover all routes in the Mojo
startup() function, while Koha::Auth->is_authorized is implemented in a
"helper", which allows it to be easily and cleanly used in Mojo controller
actions.)
I need to refactor C4::Auth to create a "is_timed_out" function and add that to
Koha::Auth->is_authenticated, but otherwise these should be nearly ready.
I should probably rename "is_authorized" to "authorize" as it actually
authorizes the user.
The "is_authenticated" is just a check though. If it fails, the plan is to
redirect the user to a login page or internally use a Mojo login controller. I
need to put some more thought into that.
--
You are receiving this mail because:
You are the assignee for the bug.
You are watching all bug changes.
More information about the Koha-bugs
mailing list