From c5bc2563a856981eab29637fb2da0f6f014c0d6b Mon Sep 17 00:00:00 2001 From: Martin Renvoize Date: Thu, 28 Mar 2019 11:33:00 +0000 Subject: [PATCH] Bug 22600: Add 'api' to interface types and set appropriately This patch adds 'api' as a valid interface and sets it appropriately for both the new REST api and previous /svc/ api's. Handling to keep the interface of a logged in session is included such that if the OPAC or Intranet use the API's internally via a Cookie we will maintain the interface throughout the session. Signed-off-by: Martin Renvoize Signed-off-by: Josef Moravec Signed-off-by: Tomas Cohen Arazi Signed-off-by: Nick Clemens --- C4/Auth.pm | 6 ++++++ C4/Context.pm | 7 ++++++- Koha/REST/V1/Auth.pm | 2 ++ 3 files changed, 14 insertions(+), 1 deletion(-) diff --git a/C4/Auth.pm b/C4/Auth.pm index c3ba5baad2..39c6a6c95c 100644 --- a/C4/Auth.pm +++ b/C4/Auth.pm @@ -1155,6 +1155,7 @@ sub checkauth { $session->param( 'emailaddress', $emailaddress ); $session->param( 'ip', $session->remote_addr() ); $session->param( 'lasttime', time() ); + $session->param( 'interface', $type); $session->param( 'shibboleth', $shibSuccess ); $debug and printf STDERR "AUTH_4: (%s)\t%s %s - %s\n", map { $session->param($_) } qw(cardnumber firstname surname branch); } @@ -1180,6 +1181,7 @@ sub checkauth { $session->param( 'lasttime', time() ); $session->param( 'ip', $session->remote_addr() ); $session->param( 'sessiontype', 'anon' ); + $session->param( 'interface', $type); } } # END if ( $q_userid elsif ( $type eq "opac" ) { @@ -1192,6 +1194,7 @@ sub checkauth { $session->param( 'ip', $session->remote_addr() ); $session->param( 'lasttime', time() ); $session->param( 'sessiontype', 'anon' ); + $session->param( 'interface', $type); } } # END unless ($userid) @@ -1427,6 +1430,7 @@ sub check_api_auth { my $session = get_session($sessionID); C4::Context->_new_userenv($sessionID); if ($session) { + C4::Context->interface($session->param('interface')); C4::Context->set_userenv( $session->param('number'), $session->param('id'), $session->param('cardnumber'), $session->param('firstname'), @@ -1585,6 +1589,7 @@ sub check_api_auth { $session->param( 'emailaddress', $emailaddress ); $session->param( 'ip', $session->remote_addr() ); $session->param( 'lasttime', time() ); + $session->param( 'interface', 'api' ); } $session->param( 'cas_ticket', $cas_ticket); C4::Context->set_userenv( @@ -1674,6 +1679,7 @@ sub check_cookie_auth { my $session = get_session($sessionID); C4::Context->_new_userenv($sessionID); if ($session) { + C4::Context->interface($session->param('interface')); C4::Context->set_userenv( $session->param('number'), $session->param('id'), $session->param('cardnumber'), $session->param('firstname'), diff --git a/C4/Context.pm b/C4/Context.pm index 9b3f74dbb2..319a11b59e 100644 --- a/C4/Context.pm +++ b/C4/Context.pm @@ -1028,7 +1028,12 @@ sub interface { if (defined $interface) { $interface = lc $interface; - if ($interface eq 'opac' || $interface eq 'intranet' || $interface eq 'sip' || $interface eq 'commandline') { + if ( $interface eq 'api' + || $interface eq 'opac' + || $interface eq 'intranet' + || $interface eq 'sip' + || $interface eq 'commandline' ) + { $context->{interface} = $interface; } else { warn "invalid interface : '$interface'"; diff --git a/Koha/REST/V1/Auth.pm b/Koha/REST/V1/Auth.pm index 53c6bacfc9..5e505cb47b 100644 --- a/Koha/REST/V1/Auth.pm +++ b/Koha/REST/V1/Auth.pm @@ -157,6 +157,7 @@ sub authenticate_api_request { if ($valid_token) { my $patron_id = Koha::ApiKeys->find( $valid_token->{client_id} )->patron_id; $user = Koha::Patrons->find($patron_id); + C4::Context->interface('api'); } else { # If we have "Authorization: Bearer" header and oauth authentication @@ -173,6 +174,7 @@ sub authenticate_api_request { ); } $user = $c->_basic_auth( $authorization_header ); + C4::Context->interface('api'); unless ( $user ) { # If we have "Authorization: Basic" header and authentication # failed, do not try other authentication means -- 2.39.5