https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=29900
Brendan Lawlor <[email protected]> changed: What |Removed |Added ---------------------------------------------------------------------------- Attachment #185966|0 |1 is obsolete| | --- Comment #13 from Brendan Lawlor <[email protected]> --- Created attachment 191505 --> https://bugs.koha-community.org/bugzilla3/attachment.cgi?id=191505&action=edit Bug 29900: API calls should update datelastseen for API patron This patch adds the option to update borrowers.lastseen when a koha account is used for REST API access. Both REST Basic Authentication and OAuth2 methods will update borrowers.lastseen upon successful authentication. These options can be enabled or disabled independently for both Basic Authentication and OAuth2 key-based authentication using the TrackLastPatronActivityTriggers system preference. Testing Prep: A. Ensure RESTBasicAuth is enabled in system preferences. B. Ensure RESTOAuth2ClientCredentials is enabled in system preferences. C. Create a new borrower account with username "apibasic" and set a password. D. Create a new borrower acccount 'apioauth2'. E. Configure a new API client key and secret for borrower 'apiauth2'. F. Configure both borrowers 'apibasic' and 'apioauth2' to Set Permissions to authenticate patron passwords using the API. (api_validate_password) To test: 1. Edit the TrackLastPatronActivityTriggers syspref and check "Logging In" in only. 2. Check the lastseen date of your api borrowers using a SQL report SELECT borrowernumber, userid, lastseen FROM borrowers WHERE userid LIKE 'api%' NOTE: **Ensure the cache expiry of the SQL report is set to 0** 3. The lastseen for both users should be null. 4. Run the attached api_basic_test.pl test script. **Change API_USERNAME and API_PASSWORD to the username and password of 'apibasic' user. (script contains expected output for successful verification) 5. Run the attached api_oauth2_test.pl test script. **Change API_CLIENT_ID and API_SECRET to the client ID and secret key of 'apioauth2' user. (script contains expected output for successful verification) 6. Re-check the lastseen date of your api users via SQL. Both users should have no lastseen. 7. Apply Patch 8. 'restart_all' Koha services. 9. Edit the TrackLastPatronActivityTriggers syspref and check both: a. "REST API service uses Basic Authentication" and b. "REST API service uses OAuth2 authentication" 10. Run the attached api_basic_test.pl test script. **Change API_USERNAME and API_PASSWORD to the username and password of 'apibasic' user. (script contains expected output for successful verification) 11. Re-check the lastseen date of 'apibasic' via SQL. This should now be updated. 12. 'restart_all' Koha services. 13. Run the attached api_oauth2_test.pl test script. **Change API_CLIENT_ID and API_SECRET to the client ID and secret key of 'apioauth2' user. (script contains expected output for successful verification) 14.. Re-check the lastseen date of 'apioauth2' via SQL. This should now be updated. For good measure: 15. Edit the TrackLastPatronActivityTriggers syspref and **UNcheck** all options. option 16. 'restart_all' Koha services. 17. Rerun the api_basic_test.pl and api_oauth2_test.pl scripts. 18. Re-check the lastseen date of your new user again via SQL (step 4) The lastseen should have remained the same as previous. Sponsored-by: Westlake Porter Public Library <https://westlakelibrary.org> Signed-off-by: Brendan Lawlor <[email protected]> -- You are receiving this mail because: You are watching all bug changes. _______________________________________________ Koha-bugs mailing list [email protected] https://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs website : http://www.koha-community.org/ git : http://git.koha-community.org/ bugs : http://bugs.koha-community.org/
