MediaWiki master
ApiResetPassword.php
Go to the documentation of this file.
1<?php
28
35
36 private PasswordReset $passwordReset;
37
43 public function __construct(
44 ApiMain $main,
45 $action,
46 PasswordReset $passwordReset
47 ) {
48 parent::__construct( $main, $action );
49
50 $this->passwordReset = $passwordReset;
51 }
52
54 private $hasAnyRoutes = null;
55
60 private function hasAnyRoutes() {
61 if ( $this->hasAnyRoutes === null ) {
62 $resetRoutes = $this->getConfig()->get( MainConfigNames::PasswordResetRoutes );
63 $this->hasAnyRoutes = !empty( $resetRoutes['username'] ) || !empty( $resetRoutes['email'] );
64 }
65 return $this->hasAnyRoutes;
66 }
67
69 protected function getExtendedDescription() {
70 if ( !$this->hasAnyRoutes() ) {
71 return 'apihelp-resetpassword-extended-description-noroutes';
72 }
73 return parent::getExtendedDescription();
74 }
75
77 public function execute() {
78 if ( !$this->hasAnyRoutes() ) {
79 $this->dieWithError( 'apihelp-resetpassword-description-noroutes', 'moduledisabled' );
80 }
81
82 $params = $this->extractRequestParams() + [
83 // Make sure the keys exist even if getAllowedParams didn't define them
84 'user' => null,
85 'email' => null,
86 ];
87
88 $status = $this->passwordReset->isAllowed( $this->getUser() );
89 if ( !$status->isOK() ) {
90 $this->dieStatus( Status::wrap( $status ) );
91 }
92
93 $status = $this->passwordReset->execute(
94 $this->getUser(), $params['user'], $params['email']
95 );
96 if ( !$status->isOK() ) {
97 $status->value = null;
98 $this->dieStatus( Status::wrap( $status ) );
99 }
100
101 $result = $this->getResult();
102 $result->addValue( [ 'resetpassword' ], 'status', 'success' );
103 }
104
105 public function isWriteMode() {
106 return $this->hasAnyRoutes();
107 }
108
109 public function needsToken() {
110 if ( !$this->hasAnyRoutes() ) {
111 return false;
112 }
113 return 'csrf';
114 }
115
117 public function getAllowedParams() {
118 if ( !$this->hasAnyRoutes() ) {
119 return [];
120 }
121
122 $ret = [
123 'user' => [
124 ParamValidator::PARAM_TYPE => 'user',
125 UserDef::PARAM_ALLOWED_USER_TYPES => [ 'name' ],
126 ],
127 'email' => [
128 ParamValidator::PARAM_TYPE => 'string',
129 ],
130 ];
131
132 $resetRoutes = $this->getConfig()->get( MainConfigNames::PasswordResetRoutes );
133 if ( empty( $resetRoutes['username'] ) ) {
134 unset( $ret['user'] );
135 }
136 if ( empty( $resetRoutes['email'] ) ) {
137 unset( $ret['email'] );
138 }
139
140 return $ret;
141 }
142
144 protected function getExamplesMessages() {
145 $ret = [];
146 $resetRoutes = $this->getConfig()->get( MainConfigNames::PasswordResetRoutes );
147
148 if ( !empty( $resetRoutes['username'] ) ) {
149 $ret['action=resetpassword&user=Example&token=123ABC'] = 'apihelp-resetpassword-example-user';
150 }
151 if ( !empty( $resetRoutes['email'] ) ) {
152 $ret['action=resetpassword&user=user@example.com&token=123ABC'] =
153 'apihelp-resetpassword-example-email';
154 }
155
156 return $ret;
157 }
158
160 public function getHelpUrls() {
161 return 'https://www.mediawiki.org/wiki/Special:MyLanguage/API:Manage_authentication_data';
162 }
163}
array $params
The job parameters.
This abstract class implements many basic API functions, and is the base of all API classes.
Definition ApiBase.php:65
dieWithError( $msg, $code=null, $data=null, $httpCode=0)
Abort execution with an error.
Definition ApiBase.php:1540
getResult()
Get the result object.
Definition ApiBase.php:681
extractRequestParams( $options=[])
Using getAllowedParams(), this function makes an array of the values provided by the user,...
Definition ApiBase.php:821
dieStatus(StatusValue $status)
Throw an ApiUsageException based on the Status object.
Definition ApiBase.php:1595
This is the main API class, used for both external and internal processing.
Definition ApiMain.php:67
Reset password, with AuthManager.
getAllowedParams()
Returns an array of allowed parameters (parameter name) => (default value) or (parameter name) => (ar...
getExtendedDescription()
Return the extended help text message.This is additional text to display at the top of the help secti...
getExamplesMessages()
Returns usage examples for this module.Return value has query strings as keys, with values being eith...
isWriteMode()
Indicates whether this module requires write mode.
execute()
Evaluates the parameters, performs the requested query, and sets up the result.Concrete implementatio...
__construct(ApiMain $main, $action, PasswordReset $passwordReset)
needsToken()
Returns the token type this module requires in order to execute.
getHelpUrls()
Return links to more detailed help pages about the module.1.25, returning boolean false is deprecated...
A class containing constants representing the names of configuration variables.
Type definition for user types.
Definition UserDef.php:27
Generic operation result class Has warning/error list, boolean status and arbitrary value.
Definition Status.php:54
Helper class for the password reset functionality shared by the web UI and the API.
Service for formatting and validating API parameters.