Code Coverage
 
Lines
Functions and Methods
Classes and Traits
Total
51.61% covered (warning)
51.61%
16 / 31
62.50% covered (warning)
62.50%
5 / 8
 CRAP
0.00% covered (danger)
0.00%
0 / 1
ApiLogout
53.33% covered (warning)
53.33%
16 / 30
62.50% covered (warning)
62.50%
5 / 8
 23.30
0.00% covered (danger)
0.00%
0 / 1
 execute
55.00% covered (warning)
55.00%
11 / 20
0.00% covered (danger)
0.00%
0 / 1
 5.46
 mustBePosted
100.00% covered (success)
100.00%
1 / 1
100.00% covered (success)
100.00%
1 / 1
 1
 needsToken
100.00% covered (success)
100.00%
1 / 1
100.00% covered (success)
100.00%
1 / 1
 1
 isWriteMode
100.00% covered (success)
100.00%
1 / 1
100.00% covered (success)
100.00%
1 / 1
 1
 getWebUITokenSalt
100.00% covered (success)
100.00%
1 / 1
100.00% covered (success)
100.00%
1 / 1
 1
 isReadMode
100.00% covered (success)
100.00%
1 / 1
100.00% covered (success)
100.00%
1 / 1
 1
 getExamplesMessages
0.00% covered (danger)
0.00%
0 / 4
0.00% covered (danger)
0.00%
0 / 1
 2
 getHelpUrls
0.00% covered (danger)
0.00%
0 / 1
0.00% covered (danger)
0.00%
0 / 1
 2
1<?php
2/**
3 * Copyright © 2008 Yuri Astrakhan "<Firstname><Lastname>@gmail.com",
4 *
5 * @license GPL-2.0-or-later
6 * @file
7 */
8
9namespace MediaWiki\Api;
10
11use MediaWiki\Session\BotPasswordSessionProvider;
12
13/**
14 * API module to allow users to log out of the wiki. API equivalent of
15 * Special:Userlogout.
16 *
17 * @ingroup API
18 */
19class ApiLogout extends ApiBase {
20
21    public function execute() {
22        $session = $this->getRequest()->getSession();
23
24        // Handle bot password logout specially
25        if ( $session->getProvider() instanceof BotPasswordSessionProvider ) {
26            $session->unpersist();
27            return;
28        }
29
30        // Make sure it's possible to log out
31        if ( !$session->canSetUser() ) {
32            $this->dieWithError(
33                [
34                    'cannotlogoutnow-text',
35                    $session->getProvider()->describe( $this->getErrorFormatter()->getLanguage() )
36                ],
37                'cannotlogout'
38            );
39        }
40
41        $user = $this->getUser();
42
43        if ( $user->isAnon() ) {
44            // Cannot logout a anon user, so add a warning and return early.
45            $this->addWarning( 'apierror-mustbeloggedin-generic', 'notloggedin' );
46            return;
47        }
48
49        $oldName = $user->getName();
50        $user->logout();
51
52        // Give extensions to do something after user logout
53        $injected_html = '';
54        $this->getHookRunner()->onUserLogoutComplete( $user, $injected_html, $oldName );
55    }
56
57    /** @inheritDoc */
58    public function mustBePosted() {
59        return true;
60    }
61
62    /** @inheritDoc */
63    public function needsToken() {
64        return 'csrf';
65    }
66
67    /** @inheritDoc */
68    public function isWriteMode() {
69        // While core is optimized by default to not require DB writes on log out,
70        // these are authenticated POST requests and extensions (eg. CheckUser) are
71        // allowed to perform DB writes here without warnings.
72        return true;
73    }
74
75    /** @inheritDoc */
76    protected function getWebUITokenSalt( array $params ) {
77        return 'logoutToken';
78    }
79
80    /** @inheritDoc */
81    public function isReadMode() {
82        return false;
83    }
84
85    /** @inheritDoc */
86    protected function getExamplesMessages() {
87        return [
88            'action=logout&token=123ABC'
89                => 'apihelp-logout-example-logout',
90        ];
91    }
92
93    /** @inheritDoc */
94    public function getHelpUrls() {
95        return 'https://www.mediawiki.org/wiki/Special:MyLanguage/API:Logout';
96    }
97}
98
99/** @deprecated class alias since 1.43 */
100class_alias( ApiLogout::class, 'ApiLogout' );