Better synchronization between Django BioCapsule and OpenMRS #38
Assignees
Milestone
Comments
|
Thanks, this is working well. We need changes to the OpenMRS transfer, which I am working on now. |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Currently, the Django BioCapsule application updates the last_authenticated column in the dynaswap_users table. However, the matching probability is verified and response to the "authentication success" page is shown and it takes time to write to the last_authenticated column.
This makes it hard to authenticate OpenMRS with the same user as the BioCapsule user because we are currently having to use session validation. This might be open to a number of attacks, and it might be better to validate the user internally using the database column. Thus, before the "authentication success" page is shown, the database should be updated for the OpenMRS authentication to validate that the user is correctly authenticated.
The text was updated successfully, but these errors were encountered: