From 5cb6e6bccbf2b93ebb7bbe26ed5bb410cb3bd6c6 Mon Sep 17 00:00:00 2001
From: Bill Erickson <berickxx@gmail.com>
Date: Wed, 24 Jun 2015 11:00:25 -0400
Subject: [PATCH] LP#1384740 MARC stream (etc) use auth nonce

Add an authentication nonce to the shared oils_header.pl file to avoid
too-many-logins by a single username causing login rejections.

Signed-off-by: Bill Erickson <berickxx@gmail.com>
Signed-off-by: Galen Charlton <gmc@esilibrary.com>
---
 Open-ILS/src/support-scripts/oils_header.pl | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

diff --git a/Open-ILS/src/support-scripts/oils_header.pl b/Open-ILS/src/support-scripts/oils_header.pl
index 6dc6be6f65..d0a1870950 100755
--- a/Open-ILS/src/support-scripts/oils_header.pl
+++ b/Open-ILS/src/support-scripts/oils_header.pl
@@ -155,15 +155,16 @@ sub oils_login {
 
 	$type |= "staff";
 
+	my $nonce = rand($$);
 	my $seed = $apputils->simplereq( $AUTH, 
-		'open-ils.auth.authenticate.init', $username );
+		'open-ils.auth.authenticate.init', $username, $nonce);
 	err("No auth seed") unless $seed;
 
 	my $response = $apputils->simplereq( $AUTH, 
 		'open-ils.auth.authenticate.complete', 
 		{	username => $username, 
 			password => md5_hex($seed . md5_hex($password)), 
-			type => $type });
+			type => $type, nonce => $nonce });
 
 	err("No auth response returned on login") unless $response;
 
-- 
2.43.2