MediaWiki REL1_34
ApiLogin Class Reference

Unit to authenticate log-in attempts to the current wiki. More...

Inheritance diagram for ApiLogin:
Collaboration diagram for ApiLogin:

Public Member Functions

 __construct (ApiMain $main, $action)
 
 execute ()
 Executes the log-in attempt using the parameters passed.
 
 getAllowedParams ()
 Returns an array of allowed parameters (parameter name) => (default value) or (parameter name) => (array with PARAM_* constants as keys) Don't call this function directly: use getFinalParams() to allow hooks to modify parameters as needed.
 
 getHelpUrls ()
 Return links to more detailed help pages about the module.
 
 isDeprecated ()
 Indicates whether this module is deprecated.
 
 isReadMode ()
 Indicates whether this module requires read rights.
 
 mustBePosted ()
 Indicates whether this module must be called with a POST request.
 
- Public Member Functions inherited from ApiBase
 __construct (ApiMain $mainModule, $moduleName, $modulePrefix='')
 
 getModuleManager ()
 Get the module manager, or null if this module has no sub-modules.
 
 getCustomPrinter ()
 If the module may only be used with a certain format module, it should override this method to return an instance of that formatter.
 
 shouldCheckMaxlag ()
 Indicates if this module needs maxlag to be checked.
 
 isWriteMode ()
 Indicates whether this module requires write mode.
 
 isInternal ()
 Indicates whether this module is "internal" Internal API modules are not (yet) intended for 3rd party use and may be unstable.
 
 needsToken ()
 Returns the token type this module requires in order to execute.
 
 getConditionalRequestData ( $condition)
 Returns data for HTTP conditional request mechanisms.
 
 getModuleName ()
 Get the name of the module being executed by this instance.
 
 getModulePrefix ()
 Get parameter prefix (usually two letters or an empty string).
 
 getMain ()
 Get the main module.
 
 isMain ()
 Returns true if this module is the main module ($this === $this->mMainModule), false otherwise.
 
 getParent ()
 Get the parent of this module.
 
 lacksSameOriginSecurity ()
 Returns true if the current request breaks the same-origin policy.
 
 getModulePath ()
 Get the path to this module.
 
 getModuleFromPath ( $path)
 Get a module from its module path.
 
 getResult ()
 Get the result object.
 
 getErrorFormatter ()
 Get the error formatter.
 
 getContinuationManager ()
 Get the continuation manager.
 
 setContinuationManager (ApiContinuationManager $manager=null)
 Set the continuation manager.
 
 dynamicParameterDocumentation ()
 Indicate if the module supports dynamically-determined parameters that cannot be included in self::getAllowedParams().
 
 encodeParamName ( $paramName)
 This method mangles parameter name based on the prefix supplied to the constructor.
 
 extractRequestParams ( $options=[])
 Using getAllowedParams(), this function makes an array of the values provided by the user, with key being the name of the variable, and value - validated value from user or default.
 
 requireOnlyOneParameter ( $params, $required)
 Die if none or more than one of a certain set of parameters is set and not false.
 
 requireMaxOneParameter ( $params, $required)
 Die if more than one of a certain set of parameters is set and not false.
 
 requireAtLeastOneParameter ( $params, $required)
 Die if none of a certain set of parameters is set and not false.
 
 requirePostedParameters ( $params, $prefix='prefix')
 Die if any of the specified parameters were found in the query part of the URL rather than the post body.
 
 getTitleOrPageId ( $params, $load=false)
 Get a WikiPage object from a title or pageid param, if possible.
 
 getTitleFromTitleOrPageId ( $params)
 Get a Title object from a title or pageid param, if possible.
 
 validateToken ( $token, array $params)
 Validate the supplied token.
 
 getWatchlistUser ( $params)
 Gets the user for whom to get the watchlist.
 
 errorArrayToStatus (array $errors, User $user=null)
 Turn an array of message keys or key+param arrays into a Status.
 
 addBlockInfoToStatus (StatusValue $status, User $user=null)
 Add block info to block messages in a Status.
 
 addWarning ( $msg, $code=null, $data=null)
 Add a warning for this module.
 
 addDeprecation ( $msg, $feature, $data=[])
 Add a deprecation warning for this module.
 
 addError ( $msg, $code=null, $data=null)
 Add an error for this module without aborting.
 
 addMessagesFromStatus (StatusValue $status, $types=[ 'warning', 'error'], array $filter=[])
 Add warnings and/or errors from a Status.
 
 dieWithError ( $msg, $code=null, $data=null, $httpCode=null)
 Abort execution with an error.
 
 dieWithException ( $exception, array $options=[])
 Abort execution with an error derived from an exception.
 
 dieBlocked (AbstractBlock $block)
 Throw an ApiUsageException, which will (if uncaught) call the main module's error handler and die with an error message including block info.
 
 dieStatus (StatusValue $status)
 Throw an ApiUsageException based on the Status object.
 
 dieReadOnly ()
 Helper function for readonly errors.
 
 checkUserRightsAny ( $rights, $user=null)
 Helper function for permission-denied errors.
 
 checkTitleUserPermissions (LinkTarget $linkTarget, $actions, $options=[])
 Helper function for permission-denied errors.
 
 dieWithErrorOrDebug ( $msg, $code=null, $data=null, $httpCode=null)
 Will only set a warning instead of failing if the global $wgDebugAPI is set to true.
 
 logFeatureUsage ( $feature)
 Write logging information for API features to a debug log, for usage analysis.
 
 getFinalSummary ()
 Get final module summary.
 
 getFinalDescription ()
 Get final module description, after hooks have had a chance to tweak it as needed.
 
 getFinalParams ( $flags=0)
 Get final list of parameters, after hooks have had a chance to tweak it as needed.
 
 getFinalParamDescription ()
 Get final parameter descriptions, after hooks have had a chance to tweak it as needed.
 
 modifyHelp (array &$help, array $options, array &$tocData)
 Called from ApiHelp before the pieces are joined together and returned.
 
- Public Member Functions inherited from ContextSource
 canUseWikiPage ()
 Check whether a WikiPage object can be get with getWikiPage().
 
 exportSession ()
 Export the resolved user IP, HTTP headers, user ID, and session ID.
 
 getConfig ()
 
 getContext ()
 Get the base IContextSource object.
 
 getLanguage ()
 
 getOutput ()
 
 getRequest ()
 
 getSkin ()
 
 getStats ()
 
 getTiming ()
 
 getTitle ()
 
 getUser ()
 
 getWikiPage ()
 Get the WikiPage object.
 
 msg ( $key,... $params)
 Get a Message object with context set Parameters are the same as wfMessage()
 
 setContext (IContextSource $context)
 

Protected Member Functions

 getAuthenticationResponseLogData (AuthenticationResponse $response)
 Turns an AuthenticationResponse into a hash suitable for passing to Logger.
 
 getExamplesMessages ()
 Returns usage examples for this module.
 
 getExtendedDescription ()
 Return the extended help text message.
 
- Protected Member Functions inherited from ApiBase
 getWebUITokenSalt (array $params)
 Fetch the salt used in the Web UI corresponding to this module.
 
 getDB ()
 Gets a default replica DB connection object.
 
 getPermissionManager ()
 Obtain a PermissionManager instance that subclasses may use in their authorization checks.
 
 getParameter ( $paramName, $parseLimit=true)
 Get a value for the given parameter.
 
 getWatchlistValue ( $watchlist, $titleObj, $userOption=null)
 Return true if we're to watch the page, false if not, null if no change.
 
 getParameterFromSettings ( $paramName, $paramSettings, $parseLimit)
 Using the settings determine the value for the given parameter.
 
 handleParamNormalization ( $paramName, $value, $rawValue)
 Handle when a parameter was Unicode-normalized.
 
 explodeMultiValue ( $value, $limit)
 Split a multi-valued parameter string, like explode()
 
 parseMultiValue ( $valueName, $value, $allowMultiple, $allowedValues, $allSpecifier=null, $limit1=null, $limit2=null)
 Return an array of values that were given in a 'a|b|c' notation, after it optionally validates them against the list allowed values.
 
 validateLimit ( $paramName, &$value, $min, $max, $botMax=null, $enforceLimits=false)
 Validate the value against the minimum and user/bot maximum limits.
 
 validateTimestamp ( $value, $encParamName)
 Validate and normalize parameters of type 'timestamp'.
 
 setWatch ( $watch, $titleObj, $userOption=null)
 Set a watch (or unwatch) based the based on a watchlist parameter.
 
 useTransactionalTimeLimit ()
 Call wfTransactionalTimeLimit() if this request was POSTed.
 
 filterIDs ( $fields, array $ids)
 Filter out-of-range values from a list of positive integer IDs.
 
 dieContinueUsageIf ( $condition)
 Die with the 'badcontinue' error.
 
 getSummaryMessage ()
 Return the summary message.
 
 getHelpFlags ()
 Generates the list of flags for the help screen and for action=paraminfo.
 
 getModuleSourceInfo ()
 Returns information about the source of this module, if known.
 

Private Member Functions

 formatMessage ( $message)
 Format a message for the response.
 

Additional Inherited Members

- Static Public Member Functions inherited from ApiBase
static makeMessage ( $msg, IContextSource $context, array $params=null)
 Create a Message from a string or array.
 
- Public Attributes inherited from ApiBase
const ALL_DEFAULT_STRING = '*'
 
const GET_VALUES_FOR_HELP = 1
 getAllowedParams() flag: When set, the result could take longer to generate, but should be more thorough.
 
const LIMIT_BIG1 = 500
 Fast query, standard limit.
 
const LIMIT_BIG2 = 5000
 Fast query, apihighlimits limit.
 
const LIMIT_SML1 = 50
 Slow query, standard limit.
 
const LIMIT_SML2 = 500
 Slow query, apihighlimits limit.
 
const PARAM_DFLT = 0
 (null|boolean|integer|string) Default value of the parameter.
 
const PARAM_ISMULTI = 1
 (boolean) Accept multiple pipe-separated values for this parameter (e.g.
 
const PARAM_TYPE = 2
 (string|string[]) Either an array of allowed value strings, or a string type as described below.
 
const PARAM_MAX = 3
 (integer) Max value allowed for the parameter, for PARAM_TYPE 'integer' and 'limit'.
 
const PARAM_MAX2 = 4
 (integer) Max value allowed for the parameter for users with the apihighlimits right, for PARAM_TYPE 'limit'.
 
const PARAM_MIN = 5
 (integer) Lowest value allowed for the parameter, for PARAM_TYPE 'integer' and 'limit'.
 
const PARAM_ALLOW_DUPLICATES = 6
 (boolean) Allow the same value to be set more than once when PARAM_ISMULTI is true?
 
const PARAM_DEPRECATED = 7
 (boolean) Is the parameter deprecated (will show a warning)?
 
const PARAM_REQUIRED = 8
 (boolean) Is the parameter required?
 
const PARAM_RANGE_ENFORCE = 9
 (boolean) For PARAM_TYPE 'integer', enforce PARAM_MIN and PARAM_MAX?
 
const PARAM_HELP_MSG = 10
 (string|array|Message) Specify an alternative i18n documentation message for this parameter.
 
const PARAM_HELP_MSG_APPEND = 11
 ((string|array|Message)[]) Specify additional i18n messages to append to the normal message for this parameter.
 
const PARAM_HELP_MSG_INFO = 12
 (array) Specify additional information tags for the parameter.
 
const PARAM_VALUE_LINKS = 13
 (string[]) When PARAM_TYPE is an array, this may be an array mapping those values to page titles which will be linked in the help.
 
const PARAM_HELP_MSG_PER_VALUE = 14
 ((string|array|Message)[]) When PARAM_TYPE is an array, this is an array mapping those values to $msg for ApiBase::makeMessage().
 
const PARAM_SUBMODULE_MAP = 15
 (string[]) When PARAM_TYPE is 'submodule', map parameter values to submodule paths.
 
const PARAM_SUBMODULE_PARAM_PREFIX = 16
 (string) When PARAM_TYPE is 'submodule', used to indicate the 'g' prefix added by ApiQueryGeneratorBase (and similar if anything else ever does that).
 
const PARAM_ALL = 17
 (boolean|string) When PARAM_TYPE has a defined set of values and PARAM_ISMULTI is true, this allows for an asterisk ('*') to be passed in place of a pipe-separated list of every possible value.
 
const PARAM_EXTRA_NAMESPACES = 18
 (int[]) When PARAM_TYPE is 'namespace', include these as additional possible values.
 
const PARAM_SENSITIVE = 19
 (boolean) Is the parameter sensitive? Note 'password'-type fields are always sensitive regardless of the value of this field.
 
const PARAM_DEPRECATED_VALUES = 20
 (array) When PARAM_TYPE is an array, this indicates which of the values are deprecated.
 
const PARAM_ISMULTI_LIMIT1 = 21
 (integer) Maximum number of values, for normal users.
 
const PARAM_ISMULTI_LIMIT2 = 22
 (integer) Maximum number of values, for users with the apihighimits right.
 
const PARAM_MAX_BYTES = 23
 (integer) Maximum length of a string in bytes (in UTF-8 encoding).
 
const PARAM_MAX_CHARS = 24
 (integer) Maximum length of a string in characters (unicode codepoints).
 
const PARAM_TEMPLATE_VARS = 25
 (array) Indicate that this is a templated parameter, and specify replacements.
 
- Static Protected Member Functions inherited from ApiBase
static dieDebug ( $method, $message)
 Internal code errors should be reported with this method.
 

Detailed Description

Unit to authenticate log-in attempts to the current wiki.

Definition at line 34 of file ApiLogin.php.

Constructor & Destructor Documentation

◆ __construct()

ApiLogin::__construct ( ApiMain  $main,
  $action 
)

Definition at line 36 of file ApiLogin.php.

Member Function Documentation

◆ execute()

ApiLogin::execute ( )

Executes the log-in attempt using the parameters passed.

If the log-in succeeds, it attaches a cookie to the session and outputs the user id, username, and session token. If a log-in fails, as the result of a bad password, a nonexistent user, or any other reason, the host is cached with an expiry and no log-in attempts will be accepted until that expiry is reached. The expiry is $this->mLoginThrottle.

Reimplemented from ApiBase.

Definition at line 74 of file ApiLogin.php.

References $res, ApiBase\addDeprecation(), ApiBase\dieDebug(), ApiBase\extractRequestParams(), formatMessage(), ContextSource\getConfig(), ContextSource\getRequest(), ApiBase\getResult(), ApiBase\lacksSameOriginSecurity(), ApiBase\requirePostedParameters(), and ApiQueryInfo\resetTokenCache().

◆ formatMessage()

ApiLogin::formatMessage (   $message)
private

Format a message for the response.

Parameters
Message | string | array$message
Returns
string|array

Definition at line 53 of file ApiLogin.php.

References ApiBase\getErrorFormatter(), Message\newFromSpecifier(), and ApiErrorFormatter\stripMarkup().

Referenced by execute().

◆ getAllowedParams()

ApiLogin::getAllowedParams ( )

Returns an array of allowed parameters (parameter name) => (default value) or (parameter name) => (array with PARAM_* constants as keys) Don't call this function directly: use getFinalParams() to allow hooks to modify parameters as needed.

Some derived classes may choose to handle an integer $flags parameter in the overriding methods. Callers of this method can pass zero or more OR-ed flags like GET_VALUES_FOR_HELP.

Returns
array

Reimplemented from ApiBase.

Definition at line 252 of file ApiLogin.php.

References ApiBase\PARAM_HELP_MSG, ApiBase\PARAM_REQUIRED, ApiBase\PARAM_SENSITIVE, and ApiBase\PARAM_TYPE.

◆ getAuthenticationResponseLogData()

ApiLogin::getAuthenticationResponseLogData ( AuthenticationResponse  $response)
protected

Turns an AuthenticationResponse into a hash suitable for passing to Logger.

Parameters
AuthenticationResponse$response
Returns
array

Definition at line 284 of file ApiLogin.php.

References $response.

◆ getExamplesMessages()

ApiLogin::getExamplesMessages ( )
protected

Returns usage examples for this module.

Return value has query strings as keys, with values being either strings (message key), arrays (message key + parameter), or Message objects.

Do not call this base class implementation when overriding this method.

Since
1.25
Returns
array

Reimplemented from ApiBase.

Definition at line 268 of file ApiLogin.php.

◆ getExtendedDescription()

ApiLogin::getExtendedDescription ( )
protected

Return the extended help text message.

This is additional text to display at the top of the help section, below the summary.

Since
1.30
Returns
string|array|Message

Reimplemented from ApiBase.

Definition at line 40 of file ApiLogin.php.

References ContextSource\getConfig().

◆ getHelpUrls()

ApiLogin::getHelpUrls ( )

Return links to more detailed help pages about the module.

Since
1.25, returning boolean false is deprecated
Returns
string|array

Reimplemented from ApiBase.

Definition at line 275 of file ApiLogin.php.

◆ isDeprecated()

ApiLogin::isDeprecated ( )

Indicates whether this module is deprecated.

Since
1.25
Returns
bool

Reimplemented from ApiBase.

Definition at line 240 of file ApiLogin.php.

References ContextSource\getConfig().

◆ isReadMode()

ApiLogin::isReadMode ( )

Indicates whether this module requires read rights.

Returns
bool

Reimplemented from ApiBase.

Definition at line 248 of file ApiLogin.php.

◆ mustBePosted()

ApiLogin::mustBePosted ( )

Indicates whether this module must be called with a POST request.

Returns
bool

Reimplemented from ApiBase.

Definition at line 244 of file ApiLogin.php.


The documentation for this class was generated from the following file: