MediaWiki  master
ApiValidatePassword.php
Go to the documentation of this file.
1 <?php
2 
3 use MediaWiki\Auth\AuthManager;
4 use MediaWiki\ParamValidator\TypeDef\UserDef;
5 use MediaWiki\User\UserFactory;
6 use MediaWiki\User\UserRigorOptions;
7 use Wikimedia\ParamValidator\ParamValidator;
8 
12 class ApiValidatePassword extends ApiBase {
13 
14  private AuthManager $authManager;
15  private UserFactory $userFactory;
16 
23  public function __construct(
24  ApiMain $mainModule,
25  string $moduleName,
26  AuthManager $authManager,
27  UserFactory $userFactory
28  ) {
29  parent::__construct( $mainModule, $moduleName );
30  $this->authManager = $authManager;
31  $this->userFactory = $userFactory;
32  }
33 
34  public function execute() {
35  $params = $this->extractRequestParams();
36 
37  $this->requirePostedParameters( [ 'password' ] );
38 
39  if ( $params['user'] !== null ) {
40  $user = $this->userFactory->newFromName(
41  $params['user'],
42  UserRigorOptions::RIGOR_CREATABLE
43  );
44  if ( !$user ) {
45  $encParamName = $this->encodeParamName( 'user' );
46  $this->dieWithError(
47  [ 'apierror-baduser', $encParamName, wfEscapeWikiText( $params['user'] ) ],
48  "baduser_{$encParamName}"
49  );
50  }
51 
52  if ( $user->isRegistered() || $this->authManager->userExists( $user->getName() ) ) {
53  $this->dieWithError( 'userexists' );
54  }
55 
56  $user->setEmail( (string)$params['email'] );
57  $user->setRealName( (string)$params['realname'] );
58  } else {
59  $user = $this->getUser();
60  }
61 
62  $r = [];
63  $validity = $user->checkPasswordValidity( $params['password'] );
64  $r['validity'] = $validity->isGood() ? 'Good' : ( $validity->isOK() ? 'Change' : 'Invalid' );
65  $messages = array_merge(
66  $this->getErrorFormatter()->arrayFromStatus( $validity, 'error' ),
67  $this->getErrorFormatter()->arrayFromStatus( $validity, 'warning' )
68  );
69  if ( $messages ) {
70  $r['validitymessages'] = $messages;
71  }
72 
73  $this->getHookRunner()->onApiValidatePassword( $this, $r );
74 
75  $this->getResult()->addValue( null, $this->getModuleName(), $r );
76  }
77 
78  public function mustBePosted() {
79  return true;
80  }
81 
82  public function getAllowedParams() {
83  return [
84  'password' => [
85  ParamValidator::PARAM_TYPE => 'password',
86  ParamValidator::PARAM_REQUIRED => true
87  ],
88  'user' => [
89  ParamValidator::PARAM_TYPE => 'user',
90  UserDef::PARAM_ALLOWED_USER_TYPES => [ 'name', 'id' ],
91  ],
92  'email' => null,
93  'realname' => null,
94  ];
95  }
96 
97  protected function getExamplesMessages() {
98  return [
99  'action=validatepassword&password=foobar'
100  => 'apihelp-validatepassword-example-1',
101  'action=validatepassword&password=querty&user=Example'
102  => 'apihelp-validatepassword-example-2',
103  ];
104  }
105 
106  public function getHelpUrls() {
107  return 'https://www.mediawiki.org/wiki/Special:MyLanguage/API:Validatepassword';
108  }
109 }
wfEscapeWikiText
wfEscapeWikiText( $text)
Escapes the given text so that it may be output using addWikiText() without any linking,...
Definition: GlobalFunctions.php:1168
ApiBase
This abstract class implements many basic API functions, and is the base of all API classes.
Definition: ApiBase.php:63
ApiBase\dieWithError
dieWithError( $msg, $code=null, $data=null, $httpCode=0)
Abort execution with an error.
Definition: ApiBase.php:1516
ApiBase\encodeParamName
encodeParamName( $paramName)
This method mangles parameter name based on the prefix supplied to the constructor.
Definition: ApiBase.php:786
ApiBase\getErrorFormatter
getErrorFormatter()
Definition: ApiBase.php:679
ApiBase\requirePostedParameters
requirePostedParameters( $params, $prefix='prefix')
Die if any of the specified parameters were found in the query part of the URL rather than the HTTP p...
Definition: ApiBase.php:1035
ApiBase\getResult
getResult()
Get the result object.
Definition: ApiBase.php:668
ApiBase\extractRequestParams
extractRequestParams( $options=[])
Using getAllowedParams(), this function makes an array of the values provided by the user,...
Definition: ApiBase.php:808
ApiBase\getModuleName
getModuleName()
Get the name of the module being executed by this instance.
Definition: ApiBase.php:529
ApiBase\getHookRunner
getHookRunner()
Get an ApiHookRunner for running core API hooks.
Definition: ApiBase.php:753
ApiMain
This is the main API class, used for both external and internal processing.
Definition: ApiMain.php:64
ApiValidatePassword\getExamplesMessages
getExamplesMessages()
Returns usage examples for this module.
Definition: ApiValidatePassword.php:97
ApiValidatePassword\getAllowedParams
getAllowedParams()
Returns an array of allowed parameters (parameter name) => (default value) or (parameter name) => (ar...
Definition: ApiValidatePassword.php:82
ApiValidatePassword\execute
execute()
Evaluates the parameters, performs the requested query, and sets up the result.
Definition: ApiValidatePassword.php:34
ApiValidatePassword\mustBePosted
mustBePosted()
Indicates whether this module must be called with a POST request.
Definition: ApiValidatePassword.php:78
ApiValidatePassword\__construct
__construct(ApiMain $mainModule, string $moduleName, AuthManager $authManager, UserFactory $userFactory)
Definition: ApiValidatePassword.php:23
ApiValidatePassword\getHelpUrls
getHelpUrls()
Return links to more detailed help pages about the module.
Definition: ApiValidatePassword.php:106
MediaWiki\Auth\AuthManager
This serves as the entry point to the authentication system.
Definition: AuthManager.php:106
MediaWiki\User\UserFactory
Creates User objects.
Definition: UserFactory.php:41
Wikimedia\ParamValidator\ParamValidator
Service for formatting and validating API parameters.
Definition: ParamValidator.php:42
MediaWiki\User\UserRigorOptions
Shared interface for rigor levels when dealing with User methods.
Definition: UserRigorOptions.php:30
true
return true
Definition: router.php:90