Alternative OPAC logins RFC
From Koha Wiki
Home > Development > RFCs > Koha version targeted RFCs > RFCs not targeted at a particular Koha version
Alternative OPAC logins
Sponsored by and developed by , expected for/deadline: '
See also Bug .
Work in progress:
Could it be possible to let patrons login to the OPAC with other credentials than the Username/password provided by Koha itself? OAuth and OpenID look like obvious candidates - what are their pros and cons, and are there other/better alternatives?
This is more of an attempt at getting a little brainstorming going, rather than the description of any specific plans for a new development.
The problem: Patrons probably have too many usernames/passwords already, resulting in them forgetting them and/or re-using credentials from other sites, resulting in reduced security. Could we let users use credentials from outside Koha to log in?
Creating a website that uses OAuth/OpenID/etc for logging in is probably not rocket science. An added challenge for Koha will be connecting external credentials to an actual/physical borrower.
A basic oauth2 login for google is currently being worked on by Perth Bible College. If the email address associated with the google account is registered to a user in Koha, then that user is automatically logged in.
Developed by Nicholas van Oudtshoorn // Perth Bible College
This is a work in progress - though it is used in production on the pbc opac. See also Bug 10988.
- Bug 3237 - OpenID patron authentication
- OpenID Foundation website
Connecting external credentials to an actual/physical borrower
How do we know that a user logging in with /OpenID/OAuth/etc should be given access to any given account in Koha? Do they have to turn up at the library and tell us their OpenID? Are there other ways?
- Thomas Brevik: The library card is a barrier to library use