Bug 10667: Allow authentication with cardnumber for ILS-DI

Test authentication via ILS-DI: - with userid and password - with userid and wrong password - with cardnumber and password - with cardnumber and wrong password ... Before the patch only userid will authenticate the patron. After the patch was applied, userid and cardnumber will work. To test: - Run t/db_dependent/ILSDI_Services.t - all tests should pass. Signed-off-by: Bernardo Gonzalez Kriegel <bgkriegel@gmail.com> No koha-qa errors Test: Enable ISL-DI access opac with /cgi-bin/koha/ilsdi.pl?service=AuthenticatePatron&username=XXX&password=YYY With userid/cardnumber & password returns borrowernumber With userid/cardnumber & wrong password returns PatronNotFound Signed-off-by: Mason James <mtj@kohaaloha.com> Signed-off-by: Galen Charlton <gmc@esilibrary.com>
11 years ago · ddb67e3237
3 changed files with 12 additions and 17 deletions
--- a/C4/ILSDI/Services.pm
+++ b/C4/ILSDI/Services.pm
@ -313,28 +313,24 @@ the patron.
 Parameters:
  - username (Required)
-	user's login identifier
+    user's login identifier (userid or cardnumber)
  - password (Required)
-	user's password
+    user's password
 =cut
 sub AuthenticatePatron {
    my ($cgi) = @_;
-
+    my ($status, $cardnumber, $userid) = C4::Auth::checkpw( C4::Context->dbh, $cgi->param('username'), $cgi->param('password') );
-    # Check if borrower exists, using a C4::Auth function...
+    if ( $status ) {
-    unless( C4::Auth::checkpw( C4::Context->dbh, $cgi->param('username'), $cgi->param('password') ) ) {
+        # Get the borrower
        my $borrower = GetMember( cardnumber => $cardnumber );
        my $patron->{'id'} = $borrower->{'borrowernumber'};
        return $patron;
    }
    else {
        return { code => 'PatronNotFound' };
    }
    # Get the borrower
    my $borrower = GetMember( userid => $cgi->param('username') );
    # Build the hashref
    my $patron->{'id'} = $borrower->{'borrowernumber'};
    # ... and return his ID
    return $patron;
 }
 =head2 GetPatronInfo
--- a/koha-tmpl/opac-tmpl/prog/en/modules/ilsdi.tt
+++ b/koha-tmpl/opac-tmpl/prog/en/modules/ilsdi.tt
@ -388,7 +388,7 @@
                <h4>Parameters</h4>
                <dl>
                    <dt><strong>username</strong> (Required)</dt>
-                    <dd>user's login identifier</dd>
+                    <dd>user's login identifier (userid or cardnumber)</dd>
                    <dt><strong>password</strong> (Required)</dt>
                    <dd>user's password</dd>
                </dl>
--- a/t/db_dependent/ILSDI_Services.t
+++ b/t/db_dependent/ILSDI_Services.t
@ -72,7 +72,6 @@ my $borrower = GetMember( borrowernumber => $borrowernumber );
    is($reply->{'id'}, $borrowernumber, "userid is not case sensitive - Patron authenticated");
    is($reply->{'code'}, undef, "Error code undef");
 TODO: { local: $TODO = "Can't use cardnumber for authentication with ILS-DI yet.";
    $query->param('username',$borrower->{'cardnumber'});
    $reply = C4::ILSDI::Services::AuthenticatePatron($query);
    is($reply->{'id'}, $borrowernumber, "cardnumber and password - Patron authenticated");
@ -88,6 +87,6 @@ TODO: { local: $TODO = "Can't use cardnumber for authentication with ILS-DI yet.
    $reply = C4::ILSDI::Services::AuthenticatePatron($query);
    is($reply->{'code'}, 'PatronNotFound', "non-existing cardnumer/userid - PatronNotFound");
    is($reply->{'id'}, undef, "id undef");
    }
 }