https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=20402

--- Comment #33 from Josef Moravec <josef.mora...@gmail.com> ---
(In reply to Julian Maurice from comment #32)
> (In reply to Josef Moravec from comment #29)
> > Tested on another devbox, now I got 401 Unauthorized.
> > 
> > I have an idea of what is going on:
> > 
> > This only adds new authorization method, but the authorization with cookies
> > (eg. when you are normally logged into koha) is still taken into account.
> > 
> > But yesterday I used the koha database user to change permission of api user
> > - so token was expired and oauth say unauthorized, then cookie was found bud
> > the logged in user was database user and that's the reason why it exploded
> 
> Then maybe we should not try cookie authentication if oauth fail and we have
> an Authorization header containing 'Bearer' ?

+1

-- 
You are receiving this mail because:
You are watching all bug changes.
_______________________________________________
Koha-bugs mailing list
Koha-bugs@lists.koha-community.org
http://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs
website : http://www.koha-community.org/
git : http://git.koha-community.org/
bugs : http://bugs.koha-community.org/

Reply via email to