https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=20402
--- Comment #33 from Josef Moravec <[email protected]> --- (In reply to Julian Maurice from comment #32) > (In reply to Josef Moravec from comment #29) > > Tested on another devbox, now I got 401 Unauthorized. > > > > I have an idea of what is going on: > > > > This only adds new authorization method, but the authorization with cookies > > (eg. when you are normally logged into koha) is still taken into account. > > > > But yesterday I used the koha database user to change permission of api user > > - so token was expired and oauth say unauthorized, then cookie was found bud > > the logged in user was database user and that's the reason why it exploded > > Then maybe we should not try cookie authentication if oauth fail and we have > an Authorization header containing 'Bearer' ? +1 -- You are receiving this mail because: You are watching all bug changes. _______________________________________________ Koha-bugs mailing list [email protected] http://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs website : http://www.koha-community.org/ git : http://git.koha-community.org/ bugs : http://bugs.koha-community.org/
