MediaWiki  master
ApiValidatePassword.php
Go to the documentation of this file.
1 <?php
2 
8 
13 
14  private AuthManager $authManager;
15  private UserFactory $userFactory;
16 
23  public function __construct(
24  ApiMain $mainModule,
25  string $moduleName,
26  AuthManager $authManager,
27  UserFactory $userFactory
28  ) {
29  parent::__construct( $mainModule, $moduleName );
30  $this->authManager = $authManager;
31  $this->userFactory = $userFactory;
32  }
33 
34  public function execute() {
35  $params = $this->extractRequestParams();
36 
37  $this->requirePostedParameters( [ 'password' ] );
38 
39  if ( $params['user'] !== null ) {
40  $user = $this->userFactory->newFromName(
41  $params['user'],
42  UserRigorOptions::RIGOR_CREATABLE
43  );
44  if ( !$user ) {
45  $encParamName = $this->encodeParamName( 'user' );
46  $this->dieWithError(
47  [ 'apierror-baduser', $encParamName, wfEscapeWikiText( $params['user'] ) ],
48  "baduser_{$encParamName}"
49  );
50  }
51 
52  if ( $user->isRegistered() || $this->authManager->userExists( $user->getName() ) ) {
53  $this->dieWithError( 'userexists' );
54  }
55 
56  $user->setEmail( (string)$params['email'] );
57  $user->setRealName( (string)$params['realname'] );
58  } else {
59  $user = $this->getUser();
60  }
61 
62  $r = [];
63  $validity = $user->checkPasswordValidity( $params['password'] );
64  $r['validity'] = $validity->isGood() ? 'Good' : ( $validity->isOK() ? 'Change' : 'Invalid' );
65  $messages = array_merge(
66  $this->getErrorFormatter()->arrayFromStatus( $validity, 'error' ),
67  $this->getErrorFormatter()->arrayFromStatus( $validity, 'warning' )
68  );
69  if ( $messages ) {
70  $r['validitymessages'] = $messages;
71  }
72 
73  $this->getHookRunner()->onApiValidatePassword( $this, $r );
74 
75  $this->getResult()->addValue( null, $this->getModuleName(), $r );
76  }
77 
78  public function mustBePosted() {
79  return true;
80  }
81 
82  public function getAllowedParams() {
83  return [
84  'password' => [
85  ParamValidator::PARAM_TYPE => 'password',
86  ParamValidator::PARAM_REQUIRED => true
87  ],
88  'user' => [
89  ParamValidator::PARAM_TYPE => 'user',
90  UserDef::PARAM_ALLOWED_USER_TYPES => [ 'name', 'id' ],
91  ],
92  'email' => null,
93  'realname' => null,
94  ];
95  }
96 
97  protected function getExamplesMessages() {
98  return [
99  'action=validatepassword&password=foobar'
100  => 'apihelp-validatepassword-example-1',
101  'action=validatepassword&password=querty&user=Example'
102  => 'apihelp-validatepassword-example-2',
103  ];
104  }
105 
106  public function getHelpUrls() {
107  return 'https://www.mediawiki.org/wiki/Special:MyLanguage/API:Validatepassword';
108  }
109 }
wfEscapeWikiText( $text)
Escapes the given text so that it may be output using addWikiText() without any linking,...
This abstract class implements many basic API functions, and is the base of all API classes.
Definition: ApiBase.php:63
dieWithError( $msg, $code=null, $data=null, $httpCode=0)
Abort execution with an error.
Definition: ApiBase.php:1516
encodeParamName( $paramName)
This method mangles parameter name based on the prefix supplied to the constructor.
Definition: ApiBase.php:786
getErrorFormatter()
Definition: ApiBase.php:679
requirePostedParameters( $params, $prefix='prefix')
Die if any of the specified parameters were found in the query part of the URL rather than the HTTP p...
Definition: ApiBase.php:1035
getResult()
Get the result object.
Definition: ApiBase.php:668
extractRequestParams( $options=[])
Using getAllowedParams(), this function makes an array of the values provided by the user,...
Definition: ApiBase.php:808
getModuleName()
Get the name of the module being executed by this instance.
Definition: ApiBase.php:529
getHookRunner()
Get an ApiHookRunner for running core API hooks.
Definition: ApiBase.php:753
This is the main API class, used for both external and internal processing.
Definition: ApiMain.php:64
getExamplesMessages()
Returns usage examples for this module.
getAllowedParams()
Returns an array of allowed parameters (parameter name) => (default value) or (parameter name) => (ar...
execute()
Evaluates the parameters, performs the requested query, and sets up the result.
mustBePosted()
Indicates whether this module must be called with a POST request.
__construct(ApiMain $mainModule, string $moduleName, AuthManager $authManager, UserFactory $userFactory)
getHelpUrls()
Return links to more detailed help pages about the module.
This serves as the entry point to the authentication system.
Creates User objects.
Definition: UserFactory.php:41
Service for formatting and validating API parameters.
Shared interface for rigor levels when dealing with User methods.
return true
Definition: router.php:90