MediaWiki REL1_39
PasswordReset Class Reference

Helper class for the password reset functionality shared by the web UI and the API. More...

Inheritance diagram for PasswordReset:
Collaboration diagram for PasswordReset:

Public Member Functions

 __construct (ServiceOptions $config, LoggerInterface $logger, AuthManager $authManager, HookContainer $hookContainer, ILoadBalancer $loadBalancer, UserFactory $userFactory, UserNameUtils $userNameUtils, UserOptionsLookup $userOptionsLookup)
 This class is managed by MediaWikiServices, don't instantiate directly.
 
 execute (User $performingUser, $username=null, $email=null)
 Do a password reset.
 
 isAllowed (User $user)
 Check if a given user has permission to use this functionality.
 

Public Attributes

const CONSTRUCTOR_OPTIONS
 

Protected Member Functions

 getUsersByEmail ( $email)
 

Detailed Description

Helper class for the password reset functionality shared by the web UI and the API.

Requires the TemporaryPasswordPrimaryAuthenticationProvider and the EmailNotificationSecondaryAuthenticationProvider (or something providing equivalent functionality) to be enabled.

Definition at line 44 of file PasswordReset.php.

Constructor & Destructor Documentation

◆ __construct()

PasswordReset::__construct ( ServiceOptions  $config,
LoggerInterface  $logger,
AuthManager  $authManager,
HookContainer  $hookContainer,
ILoadBalancer  $loadBalancer,
UserFactory  $userFactory,
UserNameUtils  $userNameUtils,
UserOptionsLookup  $userOptionsLookup 
)

This class is managed by MediaWikiServices, don't instantiate directly.

Parameters
ServiceOptions$config
LoggerInterface$logger
AuthManager$authManager
HookContainer$hookContainer
ILoadBalancer$loadBalancer
UserFactory$userFactory
UserNameUtils$userNameUtils
UserOptionsLookup$userOptionsLookup

Definition at line 96 of file PasswordReset.php.

References MediaWiki\Config\ServiceOptions\assertRequiredOptions().

Member Function Documentation

◆ execute()

PasswordReset::execute ( User  $performingUser,
  $username = null,
  $email = null 
)

Do a password reset.

Authorization is the caller's responsibility.

Process the form. At this point we know that the user passes all the criteria in userCanExecute(), and if the data array contains 'Username', etc, then Username resets are allowed.

Since
1.29 Fourth argument for displayPassword removed.
Parameters
User$performingUserThe user that does the password reset
string | null$usernameThe user whose password is reset
string | null$emailAlternative way to specify the user
Returns
StatusValue
Exceptions
LogicExceptionWhen the user is not allowed to perform the action
MWExceptionOn unexpected DB errors

Definition at line 185 of file PasswordReset.php.

References User\getId(), User\getName(), User\getRequest(), Message\newFromSpecifier(), and User\pingLimiter().

◆ getUsersByEmail()

PasswordReset::getUsersByEmail (   $email)
protected
Note
This is protected to allow configuring in tests. This class is not stable to extend.
Parameters
string$email
Returns
User[]
Exceptions
MWExceptionOn unexpected database errors

Definition at line 372 of file PasswordReset.php.

References $res, DB_REPLICA, and User\getQueryInfo().

◆ isAllowed()

PasswordReset::isAllowed ( User  $user)

Check if a given user has permission to use this functionality.

Parameters
User$user
Since
1.29 Second argument for displayPassword removed.
Returns
StatusValue

Definition at line 127 of file PasswordReset.php.

References User\getName().

Member Data Documentation

◆ CONSTRUCTOR_OPTIONS

const PasswordReset::CONSTRUCTOR_OPTIONS
Initial value:
= [
MainConfigNames::AllowRequiringEmailForResets,
MainConfigNames::EnableEmail,
MainConfigNames::PasswordResetRoutes,
]
Access: internal
For use by ServiceWiring

Definition at line 78 of file PasswordReset.php.


The documentation for this class was generated from the following file: