Commit 60e5a8a2 authored by Alex Arnaud's avatar Alex Arnaud Committed by joubu

Bug 19752: offline_circ/ - Return HTTP status 401 when...

Bug 19752: offline_circ/ - Return HTTP status 401 when authentication failed and add option nocookie

Test plan:

- Apply this patch,
- log in to Koha,
- go to cgi-bin/koha/offline_circ/ with no valid user
  and password as parameters and nocookie set to 1. i.e:
- auth should fail
- check that the response code is 401
Signed-off-by: 's avatarMaksim Sen <>
Signed-off-by: Katrin Fischer's avatarKatrin Fischer <>
Signed-off-by: joubu's avatarJonathan Druart <>
parent 90fd45d0
......@@ -28,9 +28,13 @@ use DateTime::TimeZone;
my $cgi = CGI->new;
# used by the KOCT firefox extension
# (or any third-party that doesn't want to rely on cookies for authentication)
my $nocookie = $cgi->param('nocookie') || 0;
# get the status of the user, this will check his credentials and rights
my ($status, $cookie, $sessionId) = C4::Auth::check_api_auth($cgi, undef);
($status, $sessionId) = C4::Auth::check_cookie_auth($cgi, undef) if ($status ne 'ok');
($status, $sessionId) = C4::Auth::check_cookie_auth($cgi, undef) if ($status ne 'ok' && !$nocookie);
my $result;
......@@ -76,9 +80,11 @@ if ($status eq 'ok') { # if authentication is ok
} else {
$result = "Authentication failed."
print CGI::header('-type'=>'text/plain', '-charset'=>'utf-8');
print $result;
print CGI::header('-type'=>'text/plain', '-charset'=>'utf-8');
print CGI::header('-type'=>'text/plain', '-charset'=>'utf-8', '-status' => '401 Unauthorized');
print $result;
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment