34 AuthManager::ACTION_LOGIN,
35 AuthManager::ACTION_LOGIN_CONTINUE
39 'authform-newtoken' =>
'nocookiesforlogin',
40 'authform-notoken' =>
'sessionfailure',
41 'authform-wrongtoken' =>
'sessionfailure',
45 parent::__construct(
'Userlogin' );
57 return AuthManager::ACTION_LOGIN;
61 return $this->
msg(
'login' )->text();
67 if ( $this->securityLevel && $this->
getUser()->isLoggedIn() ) {
68 $this->
getOutput()->setPageTitle( $this->
msg(
'login-security' ) );
80 $query = array_diff_key( $this->
getRequest()->getValues(),
81 array_fill_keys( [
'type',
'title' ],
true ) );
86 return parent::beforeExecute(
$subPage );
103 $user = $this->targetUser ?: $this->
getUser();
111 if ( $user->requiresHTTPS() ) {
112 $this->mStickHTTPS =
true;
119 $this->
mainLoginForm( [ ], $session->getProvider()->whyNoSession() );
125 # Run any hooks; display injected HTML if any, else redirect
128 $user, $injected_html, $direct );
130 if ( $injected_html !==
'' || $extraMessages ) {
132 'loginsuccess', $injected_html, $extraMessages );
135 $helper->showReturnToPage(
'successredirect', $this->mReturnTo, $this->mReturnToQuery,
136 $this->mStickHTTPS );
141 return $this->
getRequest()->getSession()->getToken(
'',
'login' );
145 return $this->
getRequest()->getSession()->resetToken(
'login' );
149 return 'wpLoginToken';
157 LoggerFactory::getInstance(
'authevents' )->info(
'Login attempt', [
160 'status' => strval( $status ),
$wgSecureLogin
This is to let user authenticate using https when they come from http.
string $subPage
Subpage of the special page.
getRequest()
Get the WebRequest being used for this instance.
Helper functions for the login form that need to be shared with other special pages (such as CentralA...
Holds shared logic for login and account creation pages.
mainLoginForm(array $requests, $msg='', $msgtype='error')
showSuccessPage( $type, $title, $msgname, $injected_html, $extraMessages)
Show the success page.
hasSessionCookie()
Check if a session cookie is present.
getOutput()
Get the OutputPage being used for this instance.
getUser()
Shortcut to get the User executing this instance.
static getTitleFor( $name, $subpage=false, $fragment='')
Get a localised Title object for a specified special page name If you don't need a full Title object,...
getContext()
Gets the context this SpecialPage is executed in.
msg( $key,... $params)
Wrapper around wfMessage that sets the current context.
Implements Special:UserLogin.
getDescription()
Returns the name that goes in the <h1> in the special page itself, and also the name that will be l...
getGroupName()
Under which header this special page is listed in Special:SpecialPages See messages 'specialpages-gro...
getDefaultAction( $subPage)
Get the default action for this special page, if none is given via URL/POST data.
beforeExecute( $subPage)
Stable to override.
logAuthResult( $success, $status=null)
Logs to the authmanager-stats channel.
getLoginSecurityLevel()
Stable to override.
setHeaders()
Sets headers - this should be called from the execute() method of all derived classes!...
getTokenName()
Returns the name of the CSRF token (under which it should be found in the POST or GET data).
successfulAction( $direct=false, $extraMessages=null)
Run any hooks registered for logins, then HTTP redirect to $this->mReturnTo (or Main Page if that's u...
doesWrites()
Indicates whether this special page may perform database writes.
getToken()
Returns the CSRF token.