X-Git-Url: http://git.heureux-cyclage.org/?a=blobdiff_plain;f=includes%2Fapi%2FApiLogin.php;h=108ce814e5b32e6e1d564d9c97f8a7dc153b5e0e;hb=59254f1bc827cec0872a27d222a3d1f4f9beadda;hp=f5cf4042e82def4c02494bf833b571f0803d7bd4;hpb=cb38c11c8496b509895e1ff9bcce5b5f42b07bb6;p=lhc%2Fweb%2Fwiklou.git

diff --git a/includes/api/ApiLogin.php b/includes/api/ApiLogin.php
index f5cf4042e8..108ce814e5 100644
--- a/includes/api/ApiLogin.php
+++ b/includes/api/ApiLogin.php
@@ -5,7 +5,8 @@
  *
  * API for MediaWiki 1.8+
  *
- * Copyright (C) 2006 Yuri Astrakhan <Firstname><Lastname>@gmail.com
+ * Copyright (C) 2006-2007 Yuri Astrakhan <Firstname><Lastname>@gmail.com,
+ * Daniel Cannon (cannon dot danielc at gmail dot com)
  *
  * This program is free software; you can redistribute it and/or modify
  * it under the terms of the GNU General Public License as published by
@@ -29,7 +30,9 @@ if (!defined('MEDIAWIKI')) {
 }
 
 /**
- * @addtogroup API
+ * Unit to authenticate log-in attempts to the current wiki.
+ *
+ * @ingroup API
  */
 class ApiLogin extends ApiBase {
 
@@ -37,10 +40,23 @@ class ApiLogin extends ApiBase {
 		parent :: __construct($main, $action, 'lg');
 	}
 
+	/**
+	 * Executes the log-in attempt using the parameters passed. If
+	 * the log-in succeeeds, it attaches a cookie to the session
+	 * and outputs the user id, username, and session token. If a
+	 * log-in fails, as the result of a bad password, a nonexistant
+	 * user, or any other reason, the host is cached with an expiry
+	 * and no log-in attempts will be accepted until that expiry
+	 * is reached. The expiry is $this->mLoginThrottle.
+	 *
+	 * @access public
+	 */
 	public function execute() {
 		$name = $password = $domain = null;
 		extract($this->extractRequestParams());
 
+		$result = array ();
+
 		$params = new FauxRequest(array (
 			'wpName' => $name,
 			'wpPassword' => $password,
@@ -48,20 +64,30 @@ class ApiLogin extends ApiBase {
 			'wpRemember' => ''
 		));
 
-		$result = array ();
+		// Init session if necessary
+		if( session_id() == '' ) {
+			wfSetupSession();
+		}
 
 		$loginForm = new LoginForm($params);
-		switch ($loginForm->authenticateUserData()) {
+		switch ($authRes = $loginForm->authenticateUserData()) {
 			case LoginForm :: SUCCESS :
-				global $wgUser;
+				global $wgUser, $wgCookiePrefix;
 
 				$wgUser->setOption('rememberpassword', 1);
 				$wgUser->setCookies();
 
+				// Run hooks. FIXME: split back and frontend from this hook.
+				// FIXME: This hook should be placed in the backend
+				$injected_html = '';
+				wfRunHooks('UserLoginComplete', array(&$wgUser, &$injected_html));
+
 				$result['result'] = 'Success';
-				$result['lguserid'] = $_SESSION['wsUserID'];
-				$result['lgusername'] = $_SESSION['wsUserName'];
-				$result['lgtoken'] = $_SESSION['wsToken'];
+				$result['lguserid'] = $wgUser->getId();
+				$result['lgusername'] = $wgUser->getName();
+				$result['lgtoken'] = $wgUser->getToken();
+				$result['cookieprefix'] = $wgCookiePrefix;
+				$result['sessionid'] = session_id();
 				break;
 
 			case LoginForm :: NO_NAME :
@@ -82,14 +108,25 @@ class ApiLogin extends ApiBase {
 			case LoginForm :: EMPTY_PASS :
 				$result['result'] = 'EmptyPass';
 				break;
+			case LoginForm :: CREATE_BLOCKED :
+				$result['result'] = 'CreateBlocked';
+				$result['details'] = 'Your IP address is blocked from account creation';
+				break;
+			case LoginForm :: THROTTLED :
+				global $wgPasswordAttemptThrottle;
+				$result['result'] = 'Throttled';
+				$result['wait'] = $wgPasswordAttemptThrottle['seconds'];
+				break;
 			default :
-				ApiBase :: dieDebug(__METHOD__, 'Unhandled case value');
+				ApiBase :: dieDebug(__METHOD__, "Unhandled case value: {$authRes}");
 		}
 
 		$this->getResult()->addValue(null, 'login', $result);
 	}
 
-	protected function getAllowedParams() {
+	public function mustBePosted() { return true; }
+
+	public function getAllowedParams() {
 		return array (
 			'name' => null,
 			'password' => null,
@@ -97,7 +134,7 @@ class ApiLogin extends ApiBase {
 		);
 	}
 
-	protected function getParamDescription() {
+	public function getParamDescription() {
 		return array (
 			'name' => 'User Name',
 			'password' => 'Password',
@@ -105,12 +142,16 @@ class ApiLogin extends ApiBase {
 		);
 	}
 
-	protected function getDescription() {
+	public function getDescription() {
 		return array (
-			'This module is used to login and get the authentication tokens.'
+			'This module is used to login and get the authentication tokens. ',
+			'In the event of a successful log-in, a cookie will be attached',
+			'to your session. In the event of a failed log-in, you will not ',
+			'be able to attempt another log-in through this method for 5 seconds.',
+			'This is to prevent password guessing by automated password crackers.'
 		);
 	}
-	
+
 	protected function getExamples() {
 		return array(
 			'api.php?action=login&lgname=user&lgpassword=password'
@@ -121,4 +162,3 @@ class ApiLogin extends ApiBase {
 		return __CLASS__ . ': $Id$';
 	}
 }
-?>