$u->setEmail( $this->mEmail );
$u->setRealName( $this->mRealName );
- SessionManager::singleton()->invalidateSessionsForUser( $u );
+ $u->setToken();
Hooks::run( 'LocalUserCreated', [ $u, $autocreate ] );
$oldUser = $u;
*/
public static function incrementLoginThrottle( $username ) {
global $wgPasswordAttemptThrottle, $wgRequest;
- $username = User::getCanonicalName( $username, 'usable' ) ?: $username;
+ $canUsername = User::getCanonicalName( $username, 'usable' );
+ $username = $canUsername !== false ? $canUsername : $username;
$throttleCount = 0;
if ( is_array( $wgPasswordAttemptThrottle ) ) {
*/
public static function clearLoginThrottle( $username ) {
global $wgRequest, $wgPasswordAttemptThrottle;
- $username = User::getCanonicalName( $username, 'usable' ) ?: $username;
+ $canUsername = User::getCanonicalName( $username, 'usable' );
+ $username = $canUsername !== false ? $canUsername : $username;
if ( is_array( $wgPasswordAttemptThrottle ) ) {
$throttleConfig = $wgPasswordAttemptThrottle;
protected function resetLoginForm( Message $msg ) {
// Allow hooks to explain this password reset in more detail
Hooks::run( 'LoginPasswordResetMessage', [ &$msg, $this->mUsername ] );
- $reset = new SpecialChangePassword();
+ $reset = new SpecialChangePasswordPreAuthManager();
$derivative = new DerivativeContext( $this->getContext() );
$derivative->setTitle( $reset->getPageTitle() );
$reset->setContext( $derivative );
# Run any hooks; display injected HTML if any, else redirect
$currentUser = $this->getUser();
$injected_html = '';
- Hooks::run( 'UserLoginComplete', [ &$currentUser, &$injected_html ] );
+ $direct = RequestContext::getMain()->getRequest()->wasPosted();
+ Hooks::run( 'UserLoginComplete', [ &$currentUser, &$injected_html, $direct ] );
if ( $injected_html !== '' ) {
$this->displaySuccessfulAction( 'success', $this->msg( 'loginsuccesstitle' ),
$currentUser = $this->getUser();
$injected_html = '';
$welcome_creation_msg = 'welcomecreation-msg';
+ $direct = RequestContext::getMain()->getRequest()->wasPosted();
- Hooks::run( 'UserLoginComplete', [ &$currentUser, &$injected_html ] );
+ Hooks::run( 'UserLoginComplete', [ &$currentUser, &$injected_html, $direct ] );
/**
* Let any extensions change what message is shown.
}
SessionManager::getGlobalSession()->resetId();
+ SessionManager::getGlobalSession()->resetAllTokens();
}
/**