--- /dev/null
+package Koha::REST::V1::Auth::Password;
+
+# This file is part of Koha.
+#
+# Koha is free software; you can redistribute it and/or modify it
+# under the terms of the GNU General Public License as published by
+# the Free Software Foundation; either version 3 of the License, or
+# (at your option) any later version.
+#
+# Koha is distributed in the hope that it will be useful, but
+# WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with Koha; if not, see <http://www.gnu.org/licenses>.
+
+use Modern::Perl;
+
+use Mojo::Base 'Mojolicious::Controller';
+
+use C4::Auth qw/checkpw/;
+use Koha::Patrons;
+
+=head1 NAME
+
+Koha::REST::V1::Auth::Password - Controller library for handling
+validation of username and password.
+
+Intended use case is authenticating Koha patrons in external
+applications via Koha's REST API.
+
+=head2 Operations
+
+=head3 validate
+
+Controller method that checks a patron's password
+
+=cut
+
+sub validate {
+ my $c = shift->openapi->valid_input or return;
+ my $body = $c->validation->param('body');
+ my $username = $body->{username} // '';
+ my $patron = Koha::Patrons->find({ userid => $username });
+
+ unless ($patron) {
+ return $c->render( status => 400, openapi => { error => "Validation failed" } );
+ }
+
+ my $password = $body->{password} // "";
+
+ return try {
+ my ($status, $cardnumber, $userid) = C4::Auth::checkpw($patron->userid, $password );
+ unless ( $status ) {
+ return $c->render(
+ status => 400,
+ openapi => { error => "Validation failed" }
+ );
+ }
+
+ return $c->render( status => 204, openapi => '' );
+ }
+ catch {
+ if ( blessed $_ and $_->isa('Koha::Exceptions::Password') ) {
+ return $c->render(
+ status => 400,
+ openapi => { error => "$_" }
+ );
+ }
+
+ $c->unhandled_exception($_);
+ };
+}
+
+1;
$ref: ../swagger.yaml#/definitions/error
x-koha-authorization:
permissions:
- parameters: manage_identity_providers
\ No newline at end of file
+ parameters: manage_identity_providers
+"/auth/password/validation":
+ post:
+ x-mojo-to: Auth::Password#validate
+ operationId: validateUserAndPassword
+ tags:
+ - patrons
+ summary: Check validity of username and password
+ parameters:
+ - name: body
+ in: body
+ description: A JSON object containing username and password information
+ schema:
+ type: object
+ properties:
+ username:
+ description: Username
+ type: string
+ password:
+ description: Password (plain text)
+ type: string
+ required:
+ - username
+ - password
+ additionalProperties: false
+ produces:
+ - application/json
+ responses:
+ "204":
+ description: Validation successful
+ "400":
+ description: Bad request
+ schema:
+ $ref: ../swagger.yaml#/definitions/error
+ "401":
+ description: Authentication required
+ schema:
+ $ref: ../swagger.yaml#/definitions/error
+ "403":
+ description: Access forbidden
+ schema:
+ $ref: ../swagger.yaml#/definitions/error
+ "500":
+ description: |
+ Internal server error. Possible `error_code` attribute values:
+
+ * `internal_server_error`
+ schema:
+ $ref: ../swagger.yaml#/definitions/error
+ "503":
+ description: Under maintenance
+ schema:
+ $ref: ../swagger.yaml#/definitions/error
+ x-koha-authorization:
+ permissions:
+ borrowers: "1"
$ref: "./paths/article_requests.yaml#/~1article_requests~1{article_request_id}"
/auth/otp/token_delivery:
$ref: paths/auth.yaml#/~1auth~1otp~1token_delivery
+ "/auth/password/validation":
+ $ref: "./paths/auth.yaml#/~1auth~1password~1validation"
/auth/two-factor/registration:
$ref: paths/auth.yaml#/~1auth~1two-factor~1registration
/auth/two-factor/registration/verification: