60 parent::__construct( $main, $action,
'lg' );
61 $this->authManager = $authManager;
62 $this->identityUtils = $identityUtils;
67 return 'apihelp-login-extended-description';
69 return 'apihelp-login-extended-description-nobotpasswords';
78 private function formatMessage( $message ) {
83 $message->useDatabase(
false )->inLanguage(
'en' )->text()
86 return $errorFormatter->formatMessage( $message );
95 private function getErrorCode( $message ) {
97 if ( $message instanceof ApiMessage ) {
98 return $message->getApiCode();
100 return $message->getKey();
117 $this->
getResult()->addValue(
null,
'login', [
118 'result' =>
'Aborted',
119 'reason' => $this->formatMessage(
'api-login-fail-sameorigin' ),
132 $session = SessionManager::getGlobalSession();
136 if ( !$session->canSetUser() ) {
137 $this->
getResult()->addValue(
null,
'login', [
138 'result' =>
'Aborted',
139 'reason' => $this->formatMessage( [
140 'api-login-fail-badsessionprovider',
141 $session->getProvider()->describe( $this->getErrorFormatter()->getLanguage() ),
153 $token = $session->getToken(
'',
'login' );
154 if ( !$params[
'token'] ) {
155 $authRes =
'NeedToken';
156 } elseif ( $token->wasNew() ) {
159 } elseif ( !$token->match( $params[
'token'] ) ) {
160 $authRes =
'WrongToken';
166 if ( $botLoginData ) {
168 $botLoginData[0], $botLoginData[1], $this->
getRequest()
170 if ( $status->isOK() ) {
171 $session = $status->getValue();
172 $authRes =
'Success';
173 $loginType =
'BotPassword';
175 $status->hasMessage(
'login-throttled' ) ||
176 $status->hasMessage(
'botpasswords-needs-reset' ) ||
177 $status->hasMessage(
'botpasswords-locked' )
180 $message = $status->getMessage();
181 LoggerFactory::getInstance(
'authentication' )->info(
182 'BotPassword login failed: ' . $status->getWikiText(
false,
false,
'en' )
189 if ( $authRes ===
false ) {
191 $reqs = AuthenticationRequest::loadRequestsFromSubmission(
192 $this->authManager->getAuthenticationRequests(
193 AuthManager::ACTION_LOGIN,
197 'username' => $params[
'name'],
198 'password' => $params[
'password'],
199 'domain' => $params[
'domain'],
200 'rememberMe' =>
true,
203 $res = $this->authManager->beginAuthentication( $reqs,
'null:' );
204 switch ( $res->status ) {
205 case AuthenticationResponse::PASS:
207 $this->
addDeprecation(
'apiwarn-deprecation-login-botpw',
'main-account-login' );
209 $this->
addDeprecation(
'apiwarn-deprecation-login-nobotpw',
'main-account-login' );
211 $authRes =
'Success';
212 $loginType =
'AuthManager';
215 case AuthenticationResponse::FAIL:
218 $message = $res->message;
219 LoggerFactory::getInstance(
'authentication' )
220 ->info( __METHOD__ .
': Authentication failed: '
221 . $message->inLanguage(
'en' )->plain() );
225 LoggerFactory::getInstance(
'authentication' )
226 ->info( __METHOD__ .
': Authentication failed due to unsupported response type: '
227 . $res->status, $this->getAuthenticationResponseLogData( $res ) );
228 $authRes =
'Aborted';
233 $result[
'result'] = $authRes;
234 switch ( $authRes ) {
236 $user = $session->getUser();
240 $this->
getHookRunner()->onUserLoginComplete( $user, $injected_html,
true );
242 $result[
'lguserid'] = $user->getId();
243 $result[
'lgusername'] = $user->getName();
247 $result[
'token'] = $token->toString();
248 $this->
addDeprecation(
'apiwarn-deprecation-login-token',
'action=login&!lgtoken' );
257 $result[
'reason'] = $this->formatMessage( $message );
261 $result[
'reason'] = $this->formatMessage(
263 ?
'api-login-fail-aborted'
264 :
'api-login-fail-aborted-nobotpw'
275 $this->
getResult()->addValue(
null,
'login', $result );
277 LoggerFactory::getInstance(
'authevents' )->info(
'Login attempt', [
279 'successful' => $authRes ===
'Success',
280 'accountType' => $this->identityUtils->getShortUserTypeInternal( $performer ),
281 'loginType' => $loginType,
282 'status' => ( $authRes ===
'Failed' && isset( $message ) ) ? $this->getErrorCode( $message ) : $authRes,
283 'full_message' => isset( $message ) ? $this->formatMessage( $message ) :
'',
308 ParamValidator::PARAM_TYPE =>
'password',
312 ParamValidator::PARAM_TYPE =>
'string',
313 ParamValidator::PARAM_REQUIRED =>
false,
314 ParamValidator::PARAM_SENSITIVE =>
true,
322 'action=login&lgname=user&lgpassword=password&lgtoken=123ABC'
323 =>
'apihelp-login-example-login',
328 return 'https://www.mediawiki.org/wiki/Special:MyLanguage/API:Login';
338 'status' => $response->status,
340 if ( $response->message ) {
341 $ret[
'responseMessage'] = $response->message->inLanguage(
'en' )->plain();
344 'neededRequests' => $response->neededRequests,
345 'createRequest' => $response->createRequest,
346 'linkRequest' => $response->linkRequest,
348 foreach ( $reqs as $k => $v ) {
350 $v = is_array( $v ) ? $v : [ $v ];
351 $reqClasses = array_unique( array_map(
'get_class', $v ) );
353 $ret[$k] = implode(
', ', $reqClasses );
361class_alias( ApiLogin::class,
'ApiLogin' );
This is the main API class, used for both external and internal processing.
A class containing constants representing the names of configuration variables.
const EnableBotPasswords
Name constant for the EnableBotPasswords setting, for use with Config::get()