https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=17004
Benjamin Rokseth <[email protected]> changed: What |Removed |Added ---------------------------------------------------------------------------- Attachment #54957|0 |1 is obsolete| | --- Comment #18 from Benjamin Rokseth <[email protected]> --- Created attachment 55146 --> https://bugs.koha-community.org/bugzilla3/attachment.cgi?id=55146&action=edit Bug 17004: Add API route to authenticate patron (CGISESSID) including logout POST /auth/session (login) DELETE /auth/session (logout) Required POST data: - "password" - either "userid" or "cardnumber". To test: 1. Make sure you are logged out from Koha. 2. Make a POST request to http://yourlibrary/api/v1/auth/session with form data "userid" => <your_user_id> and "password" => <your_password>. 3. If your userid and password is correct, you should be returned with most basic patron data and your CGISESSID. 4. Also attempt with invalid login to get an error. 5. Send a DELETE request to /auth/session 6. Observe that you are no longer logged-in in Koha. 7. Run tests at b/t/db_dependent/api/v1/auth.t You may find this cURL useful: curl -X DELETE http://lib/api/v1/auth/session --cookie 'CGISESSID=88e735aaf7c6cf194a775425cbd00570' (replace CGISESSID=... with your CGISESSID) ---- I've rebased both attachments to master (restructuralized swagger definitions). And added proposed permissions as proposed by Benjamin Rokseth. Btw, very nice work Lari! Signed-off-by: Benjamin Rokseth <[email protected]> -- You are receiving this mail because: You are the assignee for the bug. You are watching all bug changes. _______________________________________________ Koha-bugs mailing list [email protected] http://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs website : http://www.koha-community.org/ git : http://git.koha-community.org/ bugs : http://bugs.koha-community.org/
