Session provider for bot passwords. More...
Public Member Functions | |
| __construct (array $params=[]) | |
| getAllowedUserRights (SessionBackend $backend) | |
| Fetch the rights allowed the user when the specified session is active. More... | |
| newSessionForRequest (User $user, BotPassword $bp, WebRequest $request) | |
| Create a new session for a request. More... | |
| newSessionInfo ( $id=null) | |
| Provide session info for a new, empty session. More... | |
| preventSessionsForUser ( $username) | |
| @inheritDoc More... | |
| provideSessionInfo (WebRequest $request) | |
| Provide session info for a request. More... | |
| refreshSessionInfo (SessionInfo $info, WebRequest $request, &$metadata) | |
| Validate a loaded SessionInfo and refresh provider metadata. More... | |
 Public Member Functions inherited from MediaWiki\Session\ImmutableSessionProviderWithCookie | |
| __construct ( $params=[]) | |
| canChangeUser () | |
| Indicate whether the user associated with the request can be changed. More... | |
| getVaryCookies () | |
| Return the list of cookies that need varying on. More... | |
| persistSession (SessionBackend $session, WebRequest $request) | |
| Persist a session into a request/response. More... | |
| persistsSessionId () | |
| Indicate whether self::persistSession() can save arbitrary session IDs. More... | |
| unpersistSession (WebRequest $request) | |
| Remove any persisted session from a request/response. More... | |
| whyNoSession () | |
| Return a Message for why sessions might not be being persisted. More... | |
| Public Member Functions inherited from MediaWiki\Session\SessionProvider | |
| __construct () | |
| __toString () | |
| describe (Language $lang) | |
| Return an identifier for this session type. More... | |
| getManager () | |
| Get the session manager. More... | |
| getRememberUserDuration () | |
| Returns the duration (in seconds) for which users will be remembered when Session::setRememberUser() is set. More... | |
| getVaryHeaders () | |
| Return the HTTP headers that need varying on. More... | |
| invalidateSessionsForUser (User $user) | |
| Invalidate existing sessions for a user. More... | |
| mergeMetadata (array $savedMetadata, array $providedMetadata) | |
| Merge saved session provider metadata. More... | |
| sessionIdWasReset (SessionBackend $session, $oldId) | |
| Notification that the session ID was reset. More... | |
| setConfig (Config $config) | |
| Set configuration. More... | |
| setLogger (LoggerInterface $logger) | |
| setManager (SessionManager $manager) | |
| Set the session manager. More... | |
| suggestLoginUsername (WebRequest $request) | |
| Get a suggested username for the login form. More... | |
Additional Inherited Members | |
| Protected Member Functions inherited from MediaWiki\Session\ImmutableSessionProviderWithCookie | |
| getSessionIdFromCookie (WebRequest $request) | |
| Get the session ID from the cookie, if any. More... | |
| Protected Member Functions inherited from MediaWiki\Session\SessionProvider | |
| describeMessage () | |
| Return a Message identifying this session type. More... | |
| hashToSessionId ( $data, $key=null) | |
| Hash data as a session ID. More... | |
| Protected Attributes inherited from MediaWiki\Session\ImmutableSessionProviderWithCookie | |
| string null | $sessionCookieName = null |
| $sessionCookieOptions = [] | |
| Protected Attributes inherited from MediaWiki\Session\SessionProvider | |
| Config | $config |
| LoggerInterface | $logger |
| SessionManager | $manager |
| int | $priority |
| Session priority. More... | |
Detailed Description
Session provider for bot passwords.
- Since
- 1.27
Definition at line 34 of file BotPasswordSessionProvider.php.
Constructor & Destructor Documentation
◆ __construct()
| MediaWiki\Session\Session\BotPasswordSessionProvider::__construct | ( | array | $params = [] | ) |
- Parameters
-
array $params Keys include: - priority: (required) Set the priority
- sessionCookieName: Session cookie name. Default is '_BPsession'.
- sessionCookieOptions: Options to pass to WebResponse::setCookie().
Definition at line 42 of file BotPasswordSessionProvider.php.
References $params, MediaWiki\Session\SessionInfo\MAX_PRIORITY, and MediaWiki\Session\SessionInfo\MIN_PRIORITY.
Member Function Documentation
◆ getAllowedUserRights()
| MediaWiki\Session\Session\BotPasswordSessionProvider::getAllowedUserRights | ( | SessionBackend | $backend | ) |
Fetch the rights allowed the user when the specified session is active.
This is mainly meant for allowing the user to restrict access to the account by certain methods; you probably want to use this with MWGrants. The returned rights will be intersected with the user's actual rights.
- Parameters
-
SessionBackend $backend
- Returns
- null|string[] Allowed user rights, or null to allow all.
Reimplemented from MediaWiki\Session\SessionProvider.
Definition at line 176 of file BotPasswordSessionProvider.php.
References MediaWiki\Session\SessionBackend\getProvider(), and MediaWiki\Session\SessionBackend\getProviderMetadata().
◆ newSessionForRequest()
| MediaWiki\Session\Session\BotPasswordSessionProvider::newSessionForRequest | ( | User | $user, |
| BotPassword | $bp, | ||
| WebRequest | $request | ||
| ) |
Create a new session for a request.
- Parameters
-
User $user BotPassword $bp WebRequest $request
- Returns
- Session
Definition at line 96 of file BotPasswordSessionProvider.php.
References $request, $user, BotPassword\getAppId(), MWGrants\getGrantRights(), BotPassword\getGrants(), MediaWiki\Session\SessionProvider\getManager(), MediaWiki\Session\ImmutableSessionProviderWithCookie\getSessionIdFromCookie(), BotPassword\getToken(), BotPassword\getUserCentralId(), MediaWiki\Session\SessionInfo\MAX_PRIORITY, and MediaWiki\Session\UserInfo\newFromUser().
◆ newSessionInfo()
| MediaWiki\Session\Session\BotPasswordSessionProvider::newSessionInfo | ( | $id = null | ) |
Provide session info for a new, empty session.
Return null if such a session cannot be created. This base implementation assumes that it only makes sense if a session ID can be persisted and changing users is allowed.
- Access:\n protected For use by \MediaWiki\Session\SessionManager only
- Parameters
-
string | null $id ID to force for the new session
- Returns
- SessionInfo|null If non-null, must return true for $info->isIdSafe(); pass true for $data['idIsSafe'] to ensure this.
Reimplemented from MediaWiki\Session\SessionProvider.
Definition at line 84 of file BotPasswordSessionProvider.php.
◆ preventSessionsForUser()
| MediaWiki\Session\Session\BotPasswordSessionProvider::preventSessionsForUser | ( | $username | ) |
@inheritDoc
Reimplemented from MediaWiki\Session\SessionProvider.
Definition at line 172 of file BotPasswordSessionProvider.php.
References $username, and BotPassword\removeAllPasswordsForUser().
◆ provideSessionInfo()
| MediaWiki\Session\Session\BotPasswordSessionProvider::provideSessionInfo | ( | WebRequest | $request | ) |
Provide session info for a request.
If no session exists for the request, return null. Otherwise return an SessionInfo object identifying the session.
If multiple SessionProviders provide sessions, the one with highest priority wins. In case of a tie, an exception is thrown. SessionProviders are encouraged to make priorities user-configurable unless only max-priority makes sense.
- Warning
- This will be called early in the MediaWiki setup process, before $wgUser, $wgLang, $wgOut, $wgParser, $wgTitle, and corresponding pieces of the main RequestContext are set up! If you try to use these, things will break.
- Note
- The SessionProvider must not attempt to auto-create users. MediaWiki will do this later (when it's safe) if the chosen session has a user with a valid name but no ID.
- Access:\n protected For use by \MediaWiki\Session\SessionManager only
- Parameters
-
WebRequest $request
- Returns
- SessionInfo|null
Reimplemented from MediaWiki\Session\SessionProvider.
Definition at line 60 of file BotPasswordSessionProvider.php.
References MediaWiki\Session\ImmutableSessionProviderWithCookie\getSessionIdFromCookie().
◆ refreshSessionInfo()
| MediaWiki\Session\Session\BotPasswordSessionProvider::refreshSessionInfo | ( | SessionInfo | $info, |
| WebRequest | $request, | ||
| & | $metadata | ||
| ) |
Validate a loaded SessionInfo and refresh provider metadata.
This is similar in purpose to the 'SessionCheckInfo' hook, and also allows for updating the provider metadata. On failure, the provider is expected to write an appropriate message to its logger.
- Access:\n protected For use by \MediaWiki\Session\SessionManager only
- Parameters
-
SessionInfo $info Any changes by mergeMetadata() will already be reflected here. WebRequest $request array | null &$metadata Provider metadata, may be altered.
- Returns
- bool Return false to reject the SessionInfo after all.
Reimplemented from MediaWiki\Session\SessionProvider.
Definition at line 115 of file BotPasswordSessionProvider.php.
References $request, MWGrants\getGrantRights(), and BotPassword\newFromCentralId().
The documentation for this class was generated from the following file:
- includes/session/BotPasswordSessionProvider.php
