49 parent::__construct( $main, $action,
'lg' );
54 if ( $this->
getConfig()->
get(
'EnableBotPasswords' ) ) {
55 return 'apihelp-login-extended-description';
57 return 'apihelp-login-extended-description-nobotpasswords';
71 $message->useDatabase(
false )->inLanguage(
'en' )->text()
74 return $errorFormatter->formatMessage( $message );
91 $this->
getResult()->addValue(
null,
'login', [
92 'result' =>
'Aborted',
93 'reason' => $this->
formatMessage(
'api-login-fail-sameorigin' ),
106 $session = MediaWiki\Session\SessionManager::getGlobalSession();
110 if ( !$session->canSetUser() ) {
111 $this->
getResult()->addValue(
null,
'login', [
112 'result' =>
'Aborted',
114 'api-login-fail-badsessionprovider',
115 $session->getProvider()->describe( $this->getErrorFormatter()->getLanguage() ),
126 $token = $session->getToken(
'',
'login' );
127 if ( !$params[
'token'] ) {
128 $authRes =
'NeedToken';
129 } elseif ( $token->wasNew() ) {
131 $message = ApiMessage::create(
'authpage-cannot-login-continue',
'sessionlost' );
132 } elseif ( !$token->match( $params[
'token'] ) ) {
133 $authRes =
'WrongToken';
138 $authRes ===
false && $this->
getConfig()->
get(
'EnableBotPasswords' ) &&
139 ( $botLoginData = BotPassword::canonicalizeLoginData( $params[
'name'], $params[
'password'] ) )
141 $status = BotPassword::login(
142 $botLoginData[0], $botLoginData[1], $this->
getRequest()
144 if ( $status->isOK() ) {
145 $session = $status->getValue();
146 $authRes =
'Success';
147 $loginType =
'BotPassword';
149 $status->hasMessage(
'login-throttled' ) ||
150 $status->hasMessage(
'botpasswords-needs-reset' ) ||
151 $status->hasMessage(
'botpasswords-locked' )
154 $message = $status->getMessage();
155 LoggerFactory::getInstance(
'authentication' )->info(
156 'BotPassword login failed: ' . $status->getWikiText(
false,
false,
'en' )
162 if ( $authRes ===
false ) {
164 $reqs = AuthenticationRequest::loadRequestsFromSubmission(
165 $this->authManager->getAuthenticationRequests(
166 AuthManager::ACTION_LOGIN,
170 'username' => $params[
'name'],
171 'password' => $params[
'password'],
172 'domain' => $params[
'domain'],
173 'rememberMe' =>
true,
176 $res = $this->authManager->beginAuthentication( $reqs,
'null:' );
177 switch (
$res->status ) {
178 case AuthenticationResponse::PASS:
179 if ( $this->
getConfig()->
get(
'EnableBotPasswords' ) ) {
180 $this->
addDeprecation(
'apiwarn-deprecation-login-botpw',
'main-account-login' );
182 $this->
addDeprecation(
'apiwarn-deprecation-login-nobotpw',
'main-account-login' );
184 $authRes =
'Success';
185 $loginType =
'AuthManager';
188 case AuthenticationResponse::FAIL:
191 $message =
$res->message;
192 \MediaWiki\Logger\LoggerFactory::getInstance(
'authentication' )
193 ->info( __METHOD__ .
': Authentication failed: '
194 . $message->inLanguage(
'en' )->plain() );
198 \MediaWiki\Logger\LoggerFactory::getInstance(
'authentication' )
199 ->info( __METHOD__ .
': Authentication failed due to unsupported response type: '
200 .
$res->status, $this->getAuthenticationResponseLogData(
$res ) );
201 $authRes =
'Aborted';
206 $result[
'result'] = $authRes;
207 switch ( $authRes ) {
209 $user = $session->getUser();
213 $this->
getHookRunner()->onUserLoginComplete( $user, $injected_html,
true );
215 $result[
'lguserid'] = $user->getId();
216 $result[
'lgusername'] = $user->getName();
220 $result[
'token'] = $token->toString();
221 $this->
addDeprecation(
'apiwarn-deprecation-login-token',
'action=login&!lgtoken' );
233 $this->
getConfig()->
get(
'EnableBotPasswords' )
234 ?
'api-login-fail-aborted'
235 :
'api-login-fail-aborted-nobotpw'
246 $this->
getResult()->addValue(
null,
'login', $result );
248 LoggerFactory::getInstance(
'authevents' )->info(
'Login attempt', [
250 'successful' => $authRes ===
'Success',
251 'loginType' => $loginType,
252 'status' => $authRes,
257 return !$this->
getConfig()->get(
'EnableBotPasswords' );
286 'action=login&lgname=user&lgpassword=password&lgtoken=123ABC'
287 =>
'apihelp-login-example-login',
292 return 'https://www.mediawiki.org/wiki/Special:MyLanguage/API:Login';
302 'status' => $response->status,
304 if ( $response->message ) {
305 $ret[
'responseMessage'] = $response->message->inLanguage(
'en' )->plain();
308 'neededRequests' => $response->neededRequests,
309 'createRequest' => $response->createRequest,
310 'linkRequest' => $response->linkRequest,
312 foreach ( $reqs as $k => $v ) {
314 $v = is_array( $v ) ? $v : [ $v ];
315 $reqClasses = array_unique( array_map(
'get_class', $v ) );
317 $ret[$k] = implode(
', ', $reqClasses );
This abstract class implements many basic API functions, and is the base of all API classes.
static dieDebug( $method, $message)
Internal code errors should be reported with this method.
requirePostedParameters( $params, $prefix='prefix')
Die if any of the specified parameters were found in the query part of the URL rather than the post b...
addDeprecation( $msg, $feature, $data=[])
Add a deprecation warning for this module.
getResult()
Get the result object.
extractRequestParams( $options=[])
Using getAllowedParams(), this function makes an array of the values provided by the user,...
const PARAM_HELP_MSG
(string|array|Message) Specify an alternative i18n documentation message for this parameter.
getHookRunner()
Get an ApiHookRunner for running core API hooks.
lacksSameOriginSecurity()
Returns true if the current request breaks the same-origin policy.
Unit to authenticate log-in attempts to the current wiki.
formatMessage( $message)
Format a message for the response.
getHelpUrls()
Return links to more detailed help pages about the module.
getExtendedDescription()
Return the extended help text message.
isDeprecated()
Indicates whether this module is deprecated.
isReadMode()
Indicates whether this module requires read rights.
mustBePosted()
Indicates whether this module must be called with a POST request.
execute()
Executes the log-in attempt using the parameters passed.
getAllowedParams()
Returns an array of allowed parameters (parameter name) => (default value) or (parameter name) => (ar...
getAuthenticationResponseLogData(AuthenticationResponse $response)
Turns an AuthenticationResponse into a hash suitable for passing to Logger.
__construct(ApiMain $main, $action, AuthManager $authManager)
getExamplesMessages()
Returns usage examples for this module.
This is the main API class, used for both external and internal processing.
static newFromSpecifier( $value)
Transform a MessageSpecifier or a primitive value used interchangeably with specifiers (a message key...