LP#
1996908: allow OpenILS::WWW::Proxy::Authen to check eg.auth.token
This patch allows the authentication handler to accept the
'eg.auth.token' cookie coming from the staff client if a 'ses' parameter
or 'ses' cookie has not been set. This allows resources gated by
this handler to be accessed by a staff member who has logged
into the staff client without requiring an additional login.
To test
-------
[1] Create a report and note the URL of one of its
outputs.
[2] In a completely fresh browser session, log into the
staff client, then directly load the reporter output.
You will be prompted to log in again because the 'ses'
cookie was not set.
[3] Apply the patch and repeat step 2. This time, the reporter
output should be directly retrieved.
Signed-off-by: Galen Charlton <gmc@equinoxOLI.org>
Signed-off-by: Jason Boyer <JBoyer@equinoxOLI.org>
projects / Evergreen.git / commit