16 case AuthManager::ACTION_CREATE:
17 $needed = $captcha->needCreateAccountCaptcha( $user ?:
new User() );
19 $captcha->setAction(
'accountcreate' );
20 LoggerFactory::getInstance(
'authevents' )
21 ->info(
'Captcha shown on account creation', [
22 'event' =>
'captcha.display',
23 'eventType' =>
'accountcreation',
27 case AuthManager::ACTION_LOGIN:
39 $session = $this->manager->getRequest()->getSession();
40 $sessionFlag = $session->get(
'ConfirmEdit:loginCaptchaPerUserTriggered' );
41 $suggestedUsername = $session->suggestLoginUsername();
43 $captcha->isBadLoginTriggered()
45 || $suggestedUsername && $captcha->isBadLoginPerUserTriggered( $suggestedUsername )
48 $captcha->setAction(
'badlogin' );
49 LoggerFactory::getInstance(
'authevents' )
50 ->info(
'Captcha shown on account creation', [
51 'event' =>
'captcha.display',
52 'eventType' =>
'accountcreation',
60 return [ $captcha->createAuthenticationRequest() ];
68 $username = AuthenticationRequest::getUsernameFromRequests( $reqs );
71 $captcha->isBadLoginPerUserTriggered(
$username ) :
false;
73 if ( $captcha->isBadLoginTriggered() || $isBadLoginPerUserTriggered ) {
74 $captcha->setAction(
'badlogin' );
75 $captcha->setTrigger(
"post-badlogin login '$username'" );
77 LoggerFactory::getInstance(
'authevents' )->info(
'Captcha submitted on login', [
78 'event' =>
'captcha.submit',
79 'eventType' =>
'login',
84 if ( $isBadLoginPerUserTriggered || $isBadLoginPerUserTriggered ===
null ) {
85 $session = $this->manager->getRequest()->getSession();
86 $session->set(
'ConfirmEdit:loginCaptchaPerUserTriggered',
true );
91 return $success ? Status::newGood() : $this->
makeError(
'wrongpassword', $captcha );
97 if ( $captcha->needCreateAccountCaptcha( $creator ) ) {
99 $captcha->setAction(
'accountcreate' );
100 $captcha->setTrigger(
"new account '$username'" );
102 LoggerFactory::getInstance(
'authevents' )->info(
'Captcha submitted on account creation', [
103 'event' =>
'captcha.submit',
104 'eventType' =>
'accountcreation',
108 return $this->
makeError(
'captcha-createaccount-fail', $captcha );
111 return Status::newGood();
117 case AuthenticationResponse::PASS:
118 case AuthenticationResponse::RESTART:
119 $session = $this->manager->getRequest()->getSession();
120 $session->remove(
'ConfirmEdit:loginCaptchaPerUserTriggered' );
121 $captcha->resetBadLoginCounter( $user ? $user->getName() : null );
123 case AuthenticationResponse::FAIL:
124 $captcha->increaseBadLoginCounter( $user ? $user->getName() : null );
139 $req = AuthenticationRequest::getRequestByClass( $reqs,
140 CaptchaAuthenticationRequest::class,
true );
144 return $captcha->passCaptchaLimited(
$req->captchaId,
$req->captchaWord, $user );
153 $error = $captcha->getError();
155 return Status::newFatal(
wfMessage(
'captcha-error', $error ) );
157 return Status::newFatal( $message );
testForAccountCreation( $user, $creator, array $reqs)
Determine whether an account creation may begin.
getAuthenticationRequests( $action, array $options)
Return the applicable list of AuthenticationRequests.
makeError( $message, SimpleCaptcha $captcha)
verifyCaptcha(SimpleCaptcha $captcha, array $reqs, User $user)
Verify submitted captcha.
postAuthentication( $user, AuthenticationResponse $response)
Post-login callback.
testForAuthentication(array $reqs)
Determine whether an authentication may begin.
static getInstance()
Get the global Captcha instance.
Demo CAPTCHA (not for production usage) and base class for real CAPTCHAs.
The User object encapsulates all of the user-specific settings (user_id, name, rights,...
static newFromName( $name, $validate='valid')
Static factory method for creation from username.
this hook is for auditing only $req
null means default in associative array with keys and values unescaped Should be merged with default with a value of false meaning to suppress the attribute in associative array with keys and values unescaped & $options
either a unescaped string or a HtmlArmor object after in associative array form externallinks including delete and has completed for all link tables whether this was an auto creation default is conds Array Extra conditions for the No matching items in log is displayed if loglist is empty msgKey Array If you want a nice box with a set this to the key of the message First element is the message additional optional elements are parameters for the key that are processed with wfMessage() -> params() ->parseAsBlock() - offset Set to overwrite offset parameter in $wgRequest set to '' to unset offset - wrap String Wrap the message in html(usually something like "<div ...>$1</div>"). - flags Integer display flags(NO_ACTION_LINK, NO_EXTRA_USER_LINKS) 'LogException':Called before an exception(or PHP error) is logged. This is meant for integration with external error aggregation services
this hook is for auditing only or null if authentication failed before getting that far $username
this hook is for auditing only $response