5 /* global Uint16Array */
7 var userInfoPromise
, pageviewRandomId
;
10 * Get the current user's groups or rights
13 * @return {jQuery.Promise}
15 function getUserInfo() {
16 if ( !userInfoPromise
) {
17 userInfoPromise
= new mw
.Api().getUserInfo();
19 return userInfoPromise
;
22 // mw.user with the properties options and tokens gets defined in mediawiki.js.
26 * Generate a random user session ID.
28 * This information would potentially be stored in a cookie to identify a user during a
29 * session or series of sessions. Its uniqueness should not be depended on unless the
30 * browser supports the crypto API.
32 * Known problems with Math.random():
33 * Using the Math.random function we have seen sets
34 * with 1% of non uniques among 200,000 values with Safari providing most of these.
35 * Given the prevalence of Safari in mobile the percentage of duplicates in
36 * mobile usages of this code is probably higher.
39 * We need about 80 bits to make sure that probability of collision
40 * on 155 billion is <= 1%
42 * See https://en.wikipedia.org/wiki/Birthday_attack#Mathematics
43 * n(p;H) = n(0.01,2^80)= sqrt (2 * 2^80 * ln(1/(1-0.01)))
45 * @return {string} 80 bit integer in hex format, padded
47 generateRandomSessionId: function () {
49 hexRnds
= new Array( 5 ),
51 crypto
= window
.crypto
|| window
.msCrypto
;
53 if ( crypto
&& crypto
.getRandomValues
&& typeof Uint16Array
=== 'function' ) {
55 // Fill an array with 5 random values, each of which is 16 bits.
56 // Note that Uint16Array is array-like but does not implement Array.
57 rnds
= new Uint16Array( 5 );
58 crypto
.getRandomValues( rnds
);
62 // 0x10000 is 2^16 so the operation below will return a number
63 // between 2^16 and zero
64 for ( i
= 0; i
< 5; i
++ ) {
65 rnds
[ i
] = Math
.floor( Math
.random() * 0x10000 );
68 // Convert the 5 16bit-numbers into 20 characters (4 hex chars per 16 bits)
69 for ( i
= 0; i
< 5; i
++ ) {
70 // Add 0x1000 before converting to hex and strip the extra character
71 // after converting to keep the leading zeros.
72 hexRnds
[ i
] = ( rnds
[ i
] + 0x10000 ).toString( 16 ).slice( 1 );
75 // Concatenation of two random integers with entropy n and m
76 // returns a string with entropy n+m if those strings are independent
77 return hexRnds
.join( '' );
81 * A sticky generateRandomSessionId for the current JS execution context,
82 * cached within this class (also known as a page view token).
85 * @return {string} 64 bit integer in hex format, padded
87 getPageviewToken: function () {
88 if ( !pageviewRandomId
) {
89 pageviewRandomId
= mw
.user
.generateRandomSessionId();
92 return pageviewRandomId
;
96 * Get the current user's database id
98 * Not to be confused with #id.
100 * @return {number} Current user's id, or 0 if user is anonymous
103 return mw
.config
.get( 'wgUserId' ) || 0;
107 * Get the current user's name
109 * @return {string|null} User name string or null if user is anonymous
111 getName: function () {
112 return mw
.config
.get( 'wgUserName' );
116 * Get date user registered, if available
118 * @return {boolean|null|Date} False for anonymous users, null if data is
119 * unavailable, or Date for when the user registered.
121 getRegistration: function () {
123 if ( mw
.user
.isAnon() ) {
126 registration
= mw
.config
.get( 'wgUserRegistration' );
127 // Registration may be unavailable if the user signed up before MediaWiki
128 // began tracking this.
129 return !registration
? null : new Date( registration
);
133 * Whether the current user is anonymous
137 isAnon: function () {
138 return mw
.user
.getName() === null;
142 * Get an automatically generated random ID (persisted in sessionStorage)
144 * This ID is ephemeral for everyone, staying in their browser only until they
145 * close their browsing session.
147 * @return {string} Random session ID
149 sessionId: function () {
150 var sessionId
= mw
.storage
.session
.get( 'mwuser-sessionId' );
152 sessionId
= mw
.user
.generateRandomSessionId();
153 mw
.storage
.session
.set( 'mwuser-sessionId', sessionId
);
159 * Get the current user's name or the session ID
161 * Not to be confused with #getId.
163 * @return {string} User name or random session ID
166 return mw
.user
.getName() || mw
.user
.sessionId();
170 * Get the current user's groups
172 * @param {Function} [callback]
173 * @return {jQuery.Promise}
175 getGroups: function ( callback
) {
176 var userGroups
= mw
.config
.get( 'wgUserGroups', [] );
178 // Uses promise for backwards compatibility
179 return $.Deferred().resolve( userGroups
).done( callback
);
183 * Get the current user's rights
185 * @param {Function} [callback]
186 * @return {jQuery.Promise}
188 getRights: function ( callback
) {
189 return getUserInfo().then(
190 function ( userInfo
) { return userInfo
.rights
; },
191 function () { return []; }
197 * @method stickyRandomId
198 * @deprecated since 1.32 use getPageviewToken instead
200 mw
.log
.deprecate( mw
.user
, 'stickyRandomId', mw
.user
.getPageviewToken
, 'Please use getPageviewToken instead' );
202 }( mediaWiki
, jQuery
) );