MediaWiki REL1_33
disableOATHAuthForUser.php
Go to the documentation of this file.
1<?php
2
3use MediaWiki\Session\SessionManager;
4
5if ( getenv( 'MW_INSTALL_PATH' ) ) {
6 $IP = getenv( 'MW_INSTALL_PATH' );
7} else {
8 $IP = __DIR__ . '/../../..';
9}
10require_once "$IP/maintenance/Maintenance.php";
11
12class DisableOATHAuthForUser extends Maintenance {
13 public function __construct() {
14 parent::__construct();
15 $this->mDescription = 'Remove OATHAuth from a specific user';
16 $this->addArg( 'user', 'The username to remove OATHAuth from.' );
17 $this->requireExtension( 'OATHAuth' );
18 }
19
20 public function execute() {
21 $username = $this->getArg( 0 );
22
23 $user = User::newFromName( $username );
24 if ( $user && $user->getId() === 0 ) {
25 $this->error( "User $username doesn't exist!", 1 );
26 }
27
28 $repo = OATHAuthHooks::getOATHUserRepository();
29
30 $oathUser = $repo->findByUser( $user );
31
32 if ( $oathUser->getKey() === null ) {
33 $this->error( "User $username doesn't have OATHAuth enabled!", 1 );
34 }
35
36 $repo->remove( $oathUser, 'Maintenance script' );
37 // Kill all existing sessions. If this disable was social-engineered by an attacker,
38 // the legitimate user will hopefully login again and notice that the second factor
39 // is missing or different, and alert the operators.
40 SessionManager::singleton()->invalidateSessionsForUser( $user );
41
42 $this->output( "OATHAuth disabled for $username.\n" );
43 }
44}
45
46$maintClass = DisableOATHAuthForUser::class;
47require_once RUN_MAINTENANCE_IF_MAIN;
and
and that you know you can do these things To protect your we need to make restrictions that forbid anyone to deny you these rights or to ask you to surrender the rights These restrictions translate to certain responsibilities for you if you distribute copies of the or if you modify it For if you distribute copies of such a whether gratis or for a you must give the recipients all the rights that you have You must make sure that receive or can get the source code And you must show them these terms so they know their rights We protect your rights with two and(2) offer you this license which gives you legal permission to copy
DisableOATHAuthForUser\__construct
__construct()
Default constructor.
Definition disableOATHAuthForUser.php:13
Maintenance
Abstract maintenance class for quickly writing and churning out maintenance scripts with minimal effo...
Definition maintenance.txt:39
Maintenance\addArg
addArg( $arg, $description, $required=true)
Add some args that are needed.
Definition Maintenance.php:300
Maintenance\requireExtension
requireExtension( $name)
Indicate that the specified extension must be loaded before the script can run.
Definition Maintenance.php:619
Maintenance\output
output( $out, $channel=null)
Throw some output to the user.
Definition Maintenance.php:434
Maintenance\getArg
getArg( $argId=0, $default=null)
Get an argument.
Definition Maintenance.php:352
MediaWiki\Session\SessionManager
This serves as the entry point to the MediaWiki session handling system.
Definition SessionManager.php:50
OATHAuthHooks\getOATHUserRepository
static getOATHUserRepository()
Get the singleton OATH user repository.
Definition OATHAuthHooks.php:34
User\newFromName
static newFromName( $name, $validate='valid')
Static factory method for creation from username.
Definition User.php:585
error
do that in ParserLimitReportFormat instead use this to modify the parameters of the image all existing parser cache entries will be invalid To avoid you ll need to handle that somehow(e.g. with the RejectParserCacheValue hook) because MediaWiki won 't do it for you. & $defaults error
Definition hooks.txt:2644
$username
this hook is for auditing only or null if authentication failed before getting that far $username
Definition hooks.txt:782
$IP
$IP
Definition update.php:3
RUN_MAINTENANCE_IF_MAIN
require_once RUN_MAINTENANCE_IF_MAIN
Definition maintenance.txt:50