MediaWiki  master
ApiValidatePassword.php
Go to the documentation of this file.
1 <?php
2 
7 
12 
14  private $authManager;
15 
17  private $userFactory;
18 
25  public function __construct(
26  ApiMain $mainModule,
27  string $moduleName,
30  ) {
31  parent::__construct( $mainModule, $moduleName );
32  $this->authManager = $authManager;
33  $this->userFactory = $userFactory;
34  }
35 
36  public function execute() {
37  $params = $this->extractRequestParams();
38 
39  $this->requirePostedParameters( [ 'password' ] );
40 
41  if ( $params['user'] !== null ) {
42  $user = $this->userFactory->newFromName(
43  $params['user'],
44  UserRigorOptions::RIGOR_CREATABLE
45  );
46  if ( !$user ) {
47  $encParamName = $this->encodeParamName( 'user' );
48  $this->dieWithError(
49  [ 'apierror-baduser', $encParamName, wfEscapeWikiText( $params['user'] ) ],
50  "baduser_{$encParamName}"
51  );
52  }
53 
54  if ( $user->isRegistered() || $this->authManager->userExists( $user->getName() ) ) {
55  $this->dieWithError( 'userexists' );
56  }
57 
58  $user->setEmail( (string)$params['email'] );
59  $user->setRealName( (string)$params['realname'] );
60  } else {
61  $user = $this->getUser();
62  }
63 
64  $r = [];
65  $validity = $user->checkPasswordValidity( $params['password'] );
66  $r['validity'] = $validity->isGood() ? 'Good' : ( $validity->isOK() ? 'Change' : 'Invalid' );
67  $messages = array_merge(
68  $this->getErrorFormatter()->arrayFromStatus( $validity, 'error' ),
69  $this->getErrorFormatter()->arrayFromStatus( $validity, 'warning' )
70  );
71  if ( $messages ) {
72  $r['validitymessages'] = $messages;
73  }
74 
75  $this->getHookRunner()->onApiValidatePassword( $this, $r );
76 
77  $this->getResult()->addValue( null, $this->getModuleName(), $r );
78  }
79 
80  public function mustBePosted() {
81  return true;
82  }
83 
84  public function getAllowedParams() {
85  return [
86  'password' => [
87  ApiBase::PARAM_TYPE => 'password',
89  ],
90  'user' => [
91  ApiBase::PARAM_TYPE => 'user',
92  UserDef::PARAM_ALLOWED_USER_TYPES => [ 'name', 'id' ],
93  ],
94  'email' => null,
95  'realname' => null,
96  ];
97  }
98 
99  protected function getExamplesMessages() {
100  return [
101  'action=validatepassword&password=foobar'
102  => 'apihelp-validatepassword-example-1',
103  'action=validatepassword&password=querty&user=Example'
104  => 'apihelp-validatepassword-example-2',
105  ];
106  }
107 
108  public function getHelpUrls() {
109  return 'https://www.mediawiki.org/wiki/Special:MyLanguage/API:Validatepassword';
110  }
111 }
wfEscapeWikiText( $text)
Escapes the given text so that it may be output using addWikiText() without any linking,...
This abstract class implements many basic API functions, and is the base of all API classes.
Definition: ApiBase.php:56
const PARAM_REQUIRED
Definition: ApiBase.php:106
encodeParamName( $paramName)
This method mangles parameter name based on the prefix supplied to the constructor.
Definition: ApiBase.php:743
dieWithError( $msg, $code=null, $data=null, $httpCode=null)
Abort execution with an error.
Definition: ApiBase.php:1446
const PARAM_TYPE
Definition: ApiBase.php:82
getErrorFormatter()
Definition: ApiBase.php:640
requirePostedParameters( $params, $prefix='prefix')
Die if any of the specified parameters were found in the query part of the URL rather than the post b...
Definition: ApiBase.php:990
getResult()
Get the result object.
Definition: ApiBase.php:629
extractRequestParams( $options=[])
Using getAllowedParams(), this function makes an array of the values provided by the user,...
Definition: ApiBase.php:765
getModuleName()
Get the name of the module being executed by this instance.
Definition: ApiBase.php:498
getHookRunner()
Get an ApiHookRunner for running core API hooks.
Definition: ApiBase.php:711
This is the main API class, used for both external and internal processing.
Definition: ApiMain.php:51
getExamplesMessages()
Returns usage examples for this module.
getAllowedParams()
Returns an array of allowed parameters (parameter name) => (default value) or (parameter name) => (ar...
execute()
Evaluates the parameters, performs the requested query, and sets up the result.
mustBePosted()
Indicates whether this module must be called with a POST request.
__construct(ApiMain $mainModule, string $moduleName, AuthManager $authManager, UserFactory $userFactory)
getHelpUrls()
Return links to more detailed help pages about the module.
This serves as the entry point to the authentication system.
Creates User objects.
Definition: UserFactory.php:38
Shared interface for rigor levels when dealing with User methods.
return true
Definition: router.php:90