Koha-community/Koha
13
7
Fork 0
Code Issues Releases Wiki Activity
Koha/svc/authentication
Zoe Bennett 2bde680e0b Bug 20016: use Modern::Perl in svc scripts 
Test Plan:
- Check that it now says 'use Modern::Perl' and not 'use trict; use
warnings;' in the follwing plugins svc scripts

authentication
bib
bib_profile
checkouts
config/systempreferences
import_bib
new_bib

https://bugs.koha-community.org/show_bug.cgi?id=20016
Signed-off-by: Jon Knight <J.P.Knight@lboro.ac.uk>

Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
2018-02-05 09:46:45 -03:00

52 lines
1.8 KiB
Perl
Executable file
Raw Blame History

#!/usr/bin/perl
# Copyright 2007 LibLime
#
# This file is part of Koha.
#
# Koha is free software; you can redistribute it and/or modify it
# under the terms of the GNU General Public License as published by
# the Free Software Foundation; either version 3 of the License, or
# (at your option) any later version.
#
# Koha is distributed in the hope that it will be useful, but
# WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with Koha; if not, see <http://www.gnu.org/licenses>.
#
use Modern::Perl;
use CGI qw ( -utf8 );
use C4::Auth qw/check_api_auth/;
use XML::Simple;
my $query = new CGI;
# The authentication strategy for the biblios web
# services is as follows.
#
# 1. biblios POSTs to the authenticate API with URL-encoded
# form parameters 'userid' and 'password'. If the credentials
# belong to a valid user with the 'editcatalogue' privilege,
# a session cookie is returned and a Koha session created. Otherwise, an
# appropriate error is returned.
# 2. For subsequent calls to the biblios APIs, the user agent
# should submit the same session cookie. If the cookie is
# not supplied or does not correspond to a valid session, the API
# will redirect to this authentication API.
# 3. The session cookie should not be (directly) sent back to the user's
# web browser, but instead should be stored and submitted by biblios.
my ($status, $cookie, $sessionID) = check_api_auth($query, { editcatalogue => 'edit_catalogue'} );
if ($status eq "ok") {
print $query->header(-type => 'text/xml', cookie => $cookie);
} else {
print $query->header(-type => 'text/xml');
}
print XMLout({ status => $status }, NoAttr => 1, RootName => 'response', XMLDecl => 1);
View git blame Copy permalink