]> git.koha-community.org Git - koha.git/commit
Bug 36084: Add CSRF token support to svc/authentication
authorDavid Cook <dcook@prosentient.com.au>
Wed, 21 Feb 2024 06:17:50 +0000 (06:17 +0000)
committerJonathan Druart <jonathan.druart@bugs.koha-community.org>
Fri, 1 Mar 2024 10:00:51 +0000 (11:00 +0100)
commit0fe82b601b4b06ce0e9fcc5ca677810886f26717
tree9ffecb46dfc10bf51ec56fbc08aeaa48f00c158d
parent61f1f88c5c871cf86138f81ed6f2e3db63b78d04
Bug 36084: Add CSRF token support to svc/authentication

GET svc/authentication will return a CSRF token in a response header

POST svc/authentication requires a CSRF token which can be sourced
from the response header of GET svc/authentication or some other
place like the meta element on a HTML page

Note: misc/migration_tools/koha-svc.pl is a simple script which
can be used to practically evaluate svc/authentication and svc/bib

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
C4/Auth.pm
misc/migration_tools/koha-svc.pl
svc/authentication