master/php/SpecialUserLogin_8php_source.html

<?php

namespace MediaWiki\Specials;


use LoginHelper;

use MediaWiki\Auth\AuthManager;

use MediaWiki\Logger\LoggerFactory;

use MediaWiki\MainConfigNames;

use MediaWiki\SpecialPage\LoginSignupSpecialPage;

use MediaWiki\SpecialPage\SpecialPage;

use MediaWiki\User\UserIdentity;

use MediaWiki\User\UserIdentityUtils;

use StatusValue;


class SpecialUserLogin extends LoginSignupSpecialPage {

    protected static $allowedActions = [

        AuthManager::ACTION_LOGIN,

        AuthManager::ACTION_LOGIN_CONTINUE

    ];


    protected static $messages = [

        'authform-newtoken' => 'nocookiesforlogin',

        'authform-notoken' => 'sessionfailure',

        'authform-wrongtoken' => 'sessionfailure',

    ];


    private UserIdentityUtils $identityUtils;


    public function __construct( AuthManager $authManager, UserIdentityUtils $identityUtils ) {

        parent::__construct( 'Userlogin' );

        $this->setAuthManager( $authManager );

        $this->identityUtils = $identityUtils;

    }


    public function doesWrites() {

        return true;

    }


    public function isListed() {

        return $this->getAuthManager()->canAuthenticateNow();

    }


    protected function getLoginSecurityLevel() {

        return false;

    }


    protected function getDefaultAction( $subPage ) {

        return AuthManager::ACTION_LOGIN;

    }


    public function getDescription() {

        return $this->msg( 'login' );

    }


    public function setHeaders() {

        // override the page title if we are doing a forced reauthentication

        parent::setHeaders();

        if ( $this->securityLevel && $this->getUser()->isRegistered() ) {

            $this->getOutput()->setPageTitleMsg( $this->msg( 'login-security' ) );

        }

    }


    protected function isSignup() {

        return false;

    }


    protected function beforeExecute( $subPage ) {

        if ( $subPage === 'signup' || $this->getRequest()->getText( 'type' ) === 'signup' ) {

            // B/C for old account creation URLs

            $title = SpecialPage::getTitleFor( 'CreateAccount' );

            $query = array_diff_key( $this->getRequest()->getQueryValues(),

                array_fill_keys( [ 'type', 'title' ], true ) );

            $url = $title->getFullURL( $query, false, PROTO_CURRENT );

            $this->getOutput()->redirect( $url );

            return false;

        }

        return parent::beforeExecute( $subPage );

    }


    protected function successfulAction( $direct = false, $extraMessages = null ) {

        $secureLogin = $this->getConfig()->get( MainConfigNames::SecureLogin );


        $user = $this->targetUser ?: $this->getUser();

        $session = $this->getRequest()->getSession();


        $injected_html = '';

        if ( $direct ) {

            $user->touch();


            $this->clearToken();


            if ( $user->requiresHTTPS() ) {

                $this->mStickHTTPS = true;

            }

            $session->setForceHTTPS( $secureLogin && $this->mStickHTTPS );


            // If the user does not have a session cookie at this point, they probably need to

            // do something to their browser.

            if ( !$this->hasSessionCookie() ) {

                $this->mainLoginForm( [ /*?*/ ], $session->getProvider()->whyNoSession() );

                // TODO something more specific? This used to use nocookieslogin

                return;

            }


            # Run any hooks; display injected HTML if any, else redirect

            $this->getHookRunner()->onUserLoginComplete(

                $user, $injected_html, $direct );

        }


        if ( $injected_html !== '' || $extraMessages ) {

            $this->showSuccessPage( 'success', $this->msg( 'loginsuccesstitle' ),

                'loginsuccess', $injected_html, $extraMessages );

        } else {

            $helper = new LoginHelper( $this->getContext() );

            $helper->showReturnToPage( 'successredirect', $this->mReturnTo, $this->mReturnToQuery,

                $this->mStickHTTPS, $this->mReturnToAnchor );

        }

    }


    protected function getToken() {

        return $this->getRequest()->getSession()->getToken( '', 'login' );

    }


    protected function clearToken() {

        $this->getRequest()->getSession()->resetToken( 'login' );

    }


    protected function getTokenName() {

        return 'wpLoginToken';

    }


    protected function getGroupName() {

        return 'login';

    }


    protected function logAuthResult( $success, UserIdentity $performer, $status = null ) {

        LoggerFactory::getInstance( 'authevents' )->info( 'Login attempt', [

            'event' => 'login',

            'successful' => $success,

            'accountType' => $this->identityUtils->getShortUserTypeInternal( $performer ),

            'status' => strval( $status ),

        ] );

    }


}


class_alias( SpecialUserLogin::class, 'SpecialUserLogin' );

PROTO_CURRENT
const PROTO_CURRENT
Definition Defines.php:236

$success
$success
Definition NoLocalSettings.php:45

LoginHelper
Helper functions for the login form that need to be shared with other special pages (such as CentralA...
Definition LoginHelper.php:16

MediaWiki\Auth\AuthManager
This serves as the entry point to the authentication system.
Definition AuthManager.php:121

MediaWiki\Logger\LoggerFactory
Create PSR-3 logger objects.
Definition LoggerFactory.php:46

MediaWiki\MainConfigNames
A class containing constants representing the names of configuration variables.
Definition MainConfigNames.php:22

MediaWiki\MainConfigNames\SecureLogin
const SecureLogin
Name constant for the SecureLogin setting, for use with Config::get()
Definition MainConfigNames.php:2703

MediaWiki\SpecialPage\AuthManagerSpecialPage\$subPage
string $subPage
Subpage of the special page.
Definition AuthManagerSpecialPage.php:59

MediaWiki\SpecialPage\AuthManagerSpecialPage\getRequest
getRequest()
Get the WebRequest being used for this instance.
Definition AuthManagerSpecialPage.php:92

MediaWiki\SpecialPage\LoginSignupSpecialPage
Holds shared logic for login and account creation pages.
Definition LoginSignupSpecialPage.php:63

MediaWiki\SpecialPage\LoginSignupSpecialPage\showSuccessPage
showSuccessPage( $type, $title, $msgname, $injected_html, $extraMessages)
Show the success page.
Definition LoginSignupSpecialPage.php:534

MediaWiki\SpecialPage\LoginSignupSpecialPage\mainLoginForm
mainLoginForm(array $requests, $msg='', $msgtype='error')
Definition LoginSignupSpecialPage.php:573

MediaWiki\SpecialPage\LoginSignupSpecialPage\hasSessionCookie
hasSessionCookie()
Check if a session cookie is present.
Definition LoginSignupSpecialPage.php:1223

MediaWiki\SpecialPage\SpecialPage
Parent class for all special pages.
Definition SpecialPage.php:68

MediaWiki\SpecialPage\SpecialPage\getTitleFor
static getTitleFor( $name, $subpage=false, $fragment='')
Get a localised Title object for a specified special page name If you don't need a full Title object,...
Definition SpecialPage.php:156

MediaWiki\SpecialPage\SpecialPage\getUser
getUser()
Shortcut to get the User executing this instance.
Definition SpecialPage.php:907

MediaWiki\SpecialPage\SpecialPage\setAuthManager
setAuthManager(AuthManager $authManager)
Set the injected AuthManager from the special page constructor.
Definition SpecialPage.php:578

MediaWiki\SpecialPage\SpecialPage\getConfig
getConfig()
Shortcut to get main config object.
Definition SpecialPage.php:972

MediaWiki\SpecialPage\SpecialPage\getContext
getContext()
Gets the context this SpecialPage is executed in.
Definition SpecialPage.php:871

MediaWiki\SpecialPage\SpecialPage\msg
msg( $key,... $params)
Wrapper around wfMessage that sets the current context.
Definition SpecialPage.php:1008

MediaWiki\SpecialPage\SpecialPage\getOutput
getOutput()
Get the OutputPage being used for this instance.
Definition SpecialPage.php:897

MediaWiki\SpecialPage\SpecialPage\getAuthManager
getAuthManager()
Definition SpecialPage.php:588

MediaWiki\SpecialPage\SpecialPage\getHookRunner
getHookRunner()
Definition SpecialPage.php:1217

MediaWiki\Specials\SpecialUserLogin
Implements Special:UserLogin.
Definition SpecialUserLogin.php:39

MediaWiki\Specials\SpecialUserLogin\$messages
static $messages
Definition SpecialUserLogin.php:47

MediaWiki\Specials\SpecialUserLogin\getToken
getToken()
Returns the CSRF token.
Definition SpecialUserLogin.php:157

MediaWiki\Specials\SpecialUserLogin\beforeExecute
beforeExecute( $subPage)
Gets called before.SpecialPage::execute. Return false to prevent calling execute() (since 1....
Definition SpecialUserLogin.php:93

MediaWiki\Specials\SpecialUserLogin\isListed
isListed()
Whether this special page is listed in Special:SpecialPages.
Definition SpecialUserLogin.php:65

MediaWiki\Specials\SpecialUserLogin\isSignup
isSignup()
Definition SpecialUserLogin.php:89

MediaWiki\Specials\SpecialUserLogin\getTokenName
getTokenName()
Returns the name of the CSRF token (under which it should be found in the POST or GET data).
Definition SpecialUserLogin.php:165

MediaWiki\Specials\SpecialUserLogin\successfulAction
successfulAction( $direct=false, $extraMessages=null)
Run any hooks registered for logins, then HTTP redirect to $this->mReturnTo (or Main Page if that's u...
Definition SpecialUserLogin.php:117

MediaWiki\Specials\SpecialUserLogin\getLoginSecurityLevel
getLoginSecurityLevel()
Definition SpecialUserLogin.php:69

MediaWiki\Specials\SpecialUserLogin\$allowedActions
static $allowedActions
Definition SpecialUserLogin.php:41

MediaWiki\Specials\SpecialUserLogin\doesWrites
doesWrites()
Indicates whether POST requests to this special page require write access to the wiki.
Definition SpecialUserLogin.php:61

MediaWiki\Specials\SpecialUserLogin\setHeaders
setHeaders()
Sets headers - this should be called from the execute() method of all derived classes!
Definition SpecialUserLogin.php:81

MediaWiki\Specials\SpecialUserLogin\clearToken
clearToken()
Definition SpecialUserLogin.php:161

MediaWiki\Specials\SpecialUserLogin\logAuthResult
logAuthResult( $success, UserIdentity $performer, $status=null)
Logs to the authmanager-stats channel.
Definition SpecialUserLogin.php:173

MediaWiki\Specials\SpecialUserLogin\getDescription
getDescription()
Returns the name that goes in the <h1> in the special page itself, and also the name that will be l...
Definition SpecialUserLogin.php:77

MediaWiki\Specials\SpecialUserLogin\__construct
__construct(AuthManager $authManager, UserIdentityUtils $identityUtils)
Definition SpecialUserLogin.php:55

MediaWiki\Specials\SpecialUserLogin\getGroupName
getGroupName()
Under which header this special page is listed in Special:SpecialPages See messages 'specialpages-gro...
Definition SpecialUserLogin.php:169

MediaWiki\Specials\SpecialUserLogin\getDefaultAction
getDefaultAction( $subPage)
Get the default action for this special page if none is given via URL/POST data.
Definition SpecialUserLogin.php:73

MediaWiki\User\UserIdentityUtils
Convenience functions for interpreting UserIdentity objects using additional services or config.
Definition UserIdentityUtils.php:13

StatusValue
Generic operation result class Has warning/error list, boolean status and arbitrary value.
Definition StatusValue.php:52

MediaWiki\User\UserIdentity
Interface for objects representing user identity.
Definition UserIdentity.php:38

MediaWiki\Specials

$url
$url
Definition opensearch_desc.php:37