'AtomFeed' => __DIR__ . '/includes/Feed.php',
'AtomicSectionUpdate' => __DIR__ . '/includes/deferred/AtomicSectionUpdate.php',
'AttachLatest' => __DIR__ . '/maintenance/attachLatest.php',
+ 'AuthManagerSpecialPage' => __DIR__ . '/includes/specialpage/AuthManagerSpecialPage.php',
'AuthPlugin' => __DIR__ . '/includes/AuthPlugin.php',
'AuthPluginUser' => __DIR__ . '/includes/AuthPlugin.php',
'AutoLoader' => __DIR__ . '/includes/AutoLoader.php',
'FSFileOpHandle' => __DIR__ . '/includes/filebackend/FSFileBackend.php',
'FSLockManager' => __DIR__ . '/includes/filebackend/lockmanager/FSLockManager.php',
'FSRepo' => __DIR__ . '/includes/filerepo/FSRepo.php',
+ 'FakeAuthTemplate' => __DIR__ . '/includes/specialpage/LoginSignupSpecialPage.php',
'FakeConverter' => __DIR__ . '/languages/FakeConverter.php',
'FakeMaintenance' => __DIR__ . '/maintenance/Maintenance.php',
'FakeResultWrapper' => __DIR__ . '/includes/db/DatabaseUtility.php',
'LogPager' => __DIR__ . '/includes/logging/LogPager.php',
'LoggedOutEditToken' => __DIR__ . '/includes/user/LoggedOutEditToken.php',
'LoggedUpdateMaintenance' => __DIR__ . '/maintenance/Maintenance.php',
- 'LoginForm' => __DIR__ . '/includes/specials/SpecialUserlogin.php',
+ 'LoginForm' => __DIR__ . '/includes/specialpage/LoginSignupSpecialPage.php',
+ 'LoginFormAuthManager' => __DIR__ . '/includes/specialpage/LoginSignupSpecialPage.php',
+ 'LoginFormPreAuthManager' => __DIR__ . '/includes/specials/pre-authmanager/SpecialUserlogin.php',
+ 'LoginHelper' => __DIR__ . '/includes/specials/helpers/LoginHelper.php',
+ 'LoginSignupSpecialPage' => __DIR__ . '/includes/specialpage/LoginSignupSpecialPage.php',
'LonelyPagesPage' => __DIR__ . '/includes/specials/SpecialLonelypages.php',
'LongPagesPage' => __DIR__ . '/includes/specials/SpecialLongpages.php',
'MIMEsearchPage' => __DIR__ . '/includes/specials/SpecialMIMEsearch.php',
'MediaWiki\\Auth\\CreateFromLoginAuthenticationRequest' => __DIR__ . '/includes/auth/CreateFromLoginAuthenticationRequest.php',
'MediaWiki\\Auth\\CreatedAccountAuthenticationRequest' => __DIR__ . '/includes/auth/CreatedAccountAuthenticationRequest.php',
'MediaWiki\\Auth\\CreationReasonAuthenticationRequest' => __DIR__ . '/includes/auth/CreationReasonAuthenticationRequest.php',
+ 'MediaWiki\\Auth\\EmailNotificationSecondaryAuthenticationProvider' => __DIR__ . '/includes/auth/EmailNotificationSecondaryAuthenticationProvider.php',
'MediaWiki\\Auth\\LegacyHookPreAuthenticationProvider' => __DIR__ . '/includes/auth/LegacyHookPreAuthenticationProvider.php',
'MediaWiki\\Auth\\LocalPasswordPrimaryAuthenticationProvider' => __DIR__ . '/includes/auth/LocalPasswordPrimaryAuthenticationProvider.php',
'MediaWiki\\Auth\\PasswordAuthenticationRequest' => __DIR__ . '/includes/auth/PasswordAuthenticationRequest.php',
'PasswordError' => __DIR__ . '/includes/password/PasswordError.php',
'PasswordFactory' => __DIR__ . '/includes/password/PasswordFactory.php',
'PasswordPolicyChecks' => __DIR__ . '/includes/password/PasswordPolicyChecks.php',
+ 'PasswordReset' => __DIR__ . '/includes/user/PasswordReset.php',
'PatchSql' => __DIR__ . '/maintenance/patchSql.php',
'PathRouter' => __DIR__ . '/includes/PathRouter.php',
'PathRouterPatternReplacer' => __DIR__ . '/includes/PathRouter.php',
'SpecialCachedPage' => __DIR__ . '/includes/specials/SpecialCachedPage.php',
'SpecialCategories' => __DIR__ . '/includes/specials/SpecialCategories.php',
'SpecialChangeContentModel' => __DIR__ . '/includes/specials/SpecialChangeContentModel.php',
+ 'SpecialChangeCredentials' => __DIR__ . '/includes/specials/SpecialChangeCredentials.php',
'SpecialChangeEmail' => __DIR__ . '/includes/specials/SpecialChangeEmail.php',
+ 'SpecialChangeEmailPreAuthManager' => __DIR__ . '/includes/specials/pre-authmanager/SpecialChangeEmail.php',
'SpecialChangePassword' => __DIR__ . '/includes/specials/SpecialChangePassword.php',
+ 'SpecialChangePasswordPreAuthManager' => __DIR__ . '/includes/specials/pre-authmanager/SpecialChangePassword.php',
'SpecialComparePages' => __DIR__ . '/includes/specials/SpecialComparePages.php',
'SpecialContributions' => __DIR__ . '/includes/specials/SpecialContributions.php',
'SpecialCreateAccount' => __DIR__ . '/includes/specials/SpecialCreateAccount.php',
+ 'SpecialCreateAccountPreAuthManager' => __DIR__ . '/includes/specials/pre-authmanager/SpecialCreateAccount.php',
'SpecialDiff' => __DIR__ . '/includes/specials/SpecialDiff.php',
'SpecialEditTags' => __DIR__ . '/includes/specials/SpecialEditTags.php',
'SpecialEditWatchlist' => __DIR__ . '/includes/specials/SpecialEditWatchlist.php',
'SpecialFilepath' => __DIR__ . '/includes/specials/SpecialFilepath.php',
'SpecialImport' => __DIR__ . '/includes/specials/SpecialImport.php',
'SpecialJavaScriptTest' => __DIR__ . '/includes/specials/SpecialJavaScriptTest.php',
+ 'SpecialLinkAccounts' => __DIR__ . '/includes/specials/SpecialLinkAccounts.php',
'SpecialListAdmins' => __DIR__ . '/includes/specials/SpecialListusers.php',
'SpecialListBots' => __DIR__ . '/includes/specials/SpecialListusers.php',
'SpecialListFiles' => __DIR__ . '/includes/specials/SpecialListfiles.php',
'SpecialPageLanguage' => __DIR__ . '/includes/specials/SpecialPageLanguage.php',
'SpecialPagesWithProp' => __DIR__ . '/includes/specials/SpecialPagesWithProp.php',
'SpecialPasswordReset' => __DIR__ . '/includes/specials/SpecialPasswordReset.php',
+ 'SpecialPasswordResetPreAuthManager' => __DIR__ . '/includes/specials/pre-authmanager/SpecialPasswordReset.php',
'SpecialPermanentLink' => __DIR__ . '/includes/specials/SpecialPermanentLink.php',
'SpecialPreferences' => __DIR__ . '/includes/specials/SpecialPreferences.php',
'SpecialPrefixindex' => __DIR__ . '/includes/specials/SpecialPrefixindex.php',
'SpecialRecentChangesLinked' => __DIR__ . '/includes/specials/SpecialRecentchangeslinked.php',
'SpecialRedirect' => __DIR__ . '/includes/specials/SpecialRedirect.php',
'SpecialRedirectToSpecial' => __DIR__ . '/includes/specialpage/RedirectSpecialPage.php',
+ 'SpecialRemoveCredentials' => __DIR__ . '/includes/specials/SpecialRemoveCredentials.php',
'SpecialResetTokens' => __DIR__ . '/includes/specials/SpecialResetTokens.php',
'SpecialRevisionDelete' => __DIR__ . '/includes/specials/SpecialRevisiondelete.php',
'SpecialRunJobs' => __DIR__ . '/includes/specials/SpecialRunJobs.php',
'SpecialTrackingCategories' => __DIR__ . '/includes/specials/SpecialTrackingCategories.php',
'SpecialUnblock' => __DIR__ . '/includes/specials/SpecialUnblock.php',
'SpecialUndelete' => __DIR__ . '/includes/specials/SpecialUndelete.php',
+ 'SpecialUnlinkAccounts' => __DIR__ . '/includes/specials/SpecialUnlinkAccounts.php',
'SpecialUnlockdb' => __DIR__ . '/includes/specials/SpecialUnlockdb.php',
'SpecialUpload' => __DIR__ . '/includes/specials/SpecialUpload.php',
'SpecialUploadStash' => __DIR__ . '/includes/specials/SpecialUploadStash.php',
'SpecialUploadStashTooLargeException' => __DIR__ . '/includes/specials/SpecialUploadStash.php',
- 'SpecialUserlogout' => __DIR__ . '/includes/specials/SpecialUserlogout.php',
+ 'SpecialUserLogin' => __DIR__ . '/includes/specials/SpecialUserLogin.php',
+ 'SpecialUserLogout' => __DIR__ . '/includes/specials/SpecialUserLogout.php',
+ 'SpecialUserlogoutPreAuthManager' => __DIR__ . '/includes/specials/pre-authmanager/SpecialUserlogout.php',
'SpecialVersion' => __DIR__ . '/includes/specials/SpecialVersion.php',
'SpecialWatchlist' => __DIR__ . '/includes/specials/SpecialWatchlist.php',
'SpecialWhatLinksHere' => __DIR__ . '/includes/specials/SpecialWhatlinkshere.php',
$autoblockip: The IP going to be autoblocked.
&$block: The block from which the autoblock is coming.
-'AbortChangePassword': Return false to cancel password change.
-$user: the User object to which the password change is occuring
-$mOldpass: the old password provided by the user
-$newpass: the new password provided by the user
-&$abortMsg: the message identifier for abort reason
-
'AbortDiffCache': Can be used to cancel the caching of a diff.
&$diffEngine: DifferenceEngine object
&$fields: HTMLForm descriptor array
$article: Article object
-'AddNewAccount': After a user account is created.
+'AddNewAccount': DEPRECATED! Use LocalUserCreated.
+After a user account is created.
$user: the User object that was created. (Parameter added in 1.7)
$byEmail: true when account was created "by email" (added in 1.12)
redirect was followed.
&$article: target article (object)
+'AuthChangeFormFields': After converting a field information array obtained
+from a set of AuthenticationRequest classes into a form descriptor; hooks
+can tweak the array to change how login etc. forms should look.
+$requests: array of AuthenticationRequests the fields are created from
+$fieldInfo: field information array (union of all AuthenticationRequest::getFieldInfo() responses).
+&$formDescriptor: HTMLForm descriptor. The special key 'weight' can be set
+ to change the order of the fields.
+$action: one of the AuthManager::ACTION_* constants.
+
'AuthManagerLoginAuthenticateAudit': A login attempt either succeeded or failed
for a reason other than misconfiguration or session loss. No return data is
accepted; this hook is for auditing only.
&$link: Returned value. When set to a non-null value by a hook subscriber
this value will be used as the anchor instead of Linker::link
-'ChangePasswordForm': For extensions that need to add a field to the
-ChangePassword form via the Preferences form.
+'ChangeAuthenticationDataAudit': Called when user changes his password.
+No return data is accepted; this hook is for auditing only.
+$req: AuthenticationRequest object describing the change (and target user)
+$status: StatusValue with the result of the action
+
+'ChangePasswordForm': DEPRECATED! Use AuthChangeFormFields or security levels.
+For extensions that need to add a field to the ChangePassword form via the
+Preferences form.
&$extraFields: An array of arrays that hold fields like would be passed to the
pretty function.
&$messages: Already added messages (inclusive messages from
LoginForm::$validErrorMessages)
-'LoginPasswordResetMessage': User is being requested to reset their password on
-login. Use this hook to change the Message that will be output on
-Special:ChangePassword.
-&$msg: Message object that will be shown to the user
-$username: Username of the user who's password was expired.
-
'LoginUserMigrated': DEPRECATED! Create a PreAuthenticationProvider instead.
Called during login to allow extensions the opportunity to inform a user that
their username doesn't exist for a specific reason, instead of letting the
$oldaddr: old email address (string)
$newaddr: new email address (string)
-'PrefsPasswordAudit': Called when user changes his password.
-$user: User (object) changing his password
-$newPass: new password
-$error: error (string) 'badretype', 'wrongpassword', 'error' or 'success'
-
'ProtectionForm::buildForm': Called after all protection type fieldsets are made
in the form.
$article: the title being (un)protected
&$user: User (object) that will clear the message
$oldid: ID of the talk page revision being viewed (0 means the most recent one)
-'UserCreateForm': change to manipulate the login form
+'UserCreateForm': DEPRECATED! Create an AuthenticationProvider instead.
+Manipulate the login form.
&$template: SimpleTemplate instance for the form
'UserEffectiveGroups': Called in User::getEffectiveGroups().
'UserLoggedIn': Called after a user is logged in
$user: User object for the logged-in user
-'UserLoginComplete': After a user has logged in.
+'UserLoginComplete': Show custom content after a user has logged in via the web interface.
+For functionality that needs to run after any login (API or web) use UserLoggedIn.
&$user: the user object that was created on login
&$inject_html: Any HTML to inject after the "logged in" message.
-'UserLoginForm': change to manipulate the login form
-&$template: SimpleTemplate instance for the form
+'UserLoginForm': DEPRECATED! Create an AuthenticationProvider instead.
+Manipulate the login form.
+&$template: QuickTemplate instance for the form
'UserLogout': Before a user logs out.
&$user: the user object that is about to be logged out
// 'class' => MediaWiki\Auth\ConfirmLinkSecondaryAuthenticationProvider::class,
// 'sort' => 100,
// ],
+ MediaWiki\Auth\EmailNotificationSecondaryAuthenticationProvider::class => [
+ 'class' => MediaWiki\Auth\EmailNotificationSecondaryAuthenticationProvider::class,
+ 'sort' => 200,
+ ],
],
];
'default' => true,
];
+/**
+ * List of AuthenticationRequest class names which are not changeable through
+ * Special:ChangeCredentials and the changeauthenticationdata API.
+ * This is only enforced on the client level; AuthManager itself (e.g.
+ * AuthManager::allowsAuthenticationDataChange calls) is not affected.
+ * Class names are checked for exact match (not for subclasses).
+ * @since 1.27
+ * @var string[]
+ */
+$wgChangeCredentialsBlacklist = [
+ \MediaWiki\Auth\TemporaryPasswordAuthenticationRequest::class
+];
+
+/**
+ * List of AuthenticationRequest class names which are not removable through
+ * Special:RemoveCredentials and the removeauthenticationdata API.
+ * This is only enforced on the client level; AuthManager itself (e.g.
+ * AuthManager::allowsAuthenticationDataChange calls) is not affected.
+ * Class names are checked for exact match (not for subclasses).
+ * @since 1.27
+ * @var string[]
+ */
+$wgRemoveCredentialsBlacklist = [
+ \MediaWiki\Auth\PasswordAuthenticationRequest::class,
+];
+
/**
* For compatibility with old installations set to false
* @deprecated since 1.24 will be removed in future
// Log-in link
'{{fullurl:Special:UserLogin|returnto={{FULLPAGENAMEE}}}}',
// Sign-up link
- '{{fullurl:Special:UserLogin/signup|returnto={{FULLPAGENAMEE}}}}' ]
+ '{{fullurl:Special:CreateAccount|returnto={{FULLPAGENAMEE}}}}' ]
);
} else {
$wgOut->wrapWikiMsg( "<div id=\"mw-anon-preview-warning\" class=\"warningbox\">\n$1</div>",
*
* @file
*/
+use MediaWiki\Auth\AuthManager;
+use MediaWiki\Auth\PasswordAuthenticationRequest;
/**
* We're now using the HTMLForm object with some customisation to generate the
* @return void
*/
static function profilePreferences( $user, IContextSource $context, &$defaultPreferences ) {
- global $wgAuth, $wgContLang, $wgParser;
+ global $wgAuth, $wgContLang, $wgParser, $wgDisableAuthManager;
$config = $context->getConfig();
// retrieving user name for GENDER and misc.
$canEditPrivateInfo = $user->isAllowed( 'editmyprivateinfo' );
// Actually changeable stuff
+ $realnameChangeAllowed = $wgDisableAuthManager ? $wgAuth->allowPropChange( 'realname' )
+ : AuthManager::singleton()->allowsPropertyChange( 'realname' );
$defaultPreferences['realname'] = [
// (not really "private", but still shouldn't be edited without permission)
- 'type' => $canEditPrivateInfo && $wgAuth->allowPropChange( 'realname' ) ? 'text' : 'info',
+ 'type' => $canEditPrivateInfo && $realnameChangeAllowed ? 'text' : 'info',
'default' => $user->getRealName(),
'section' => 'personal/info',
'label-message' => 'yourrealname',
'help-message' => 'prefs-help-realname',
];
- if ( $canEditPrivateInfo && $wgAuth->allowPasswordChange() ) {
+ $allowPasswordChange = $wgDisableAuthManager ? $wgAuth->allowPasswordChange()
+ : AuthManager::singleton()->allowsAuthenticationDataChange(
+ new PasswordAuthenticationRequest(), false );
+ if ( $canEditPrivateInfo && $allowPasswordChange ) {
$link = Linker::link( SpecialPage::getTitleFor( 'ChangePassword' ),
$context->msg( 'prefs-resetpass' )->escaped(), [],
[ 'returnto' => SpecialPage::getTitleFor( 'Preferences' )->getPrefixedText() ] );
'default' => $oldsigHTML,
'section' => 'personal/signature',
];
+ $nicknameChangeAllowed = $wgDisableAuthManager ? $wgAuth->allowPropChange( 'nickname' )
+ : AuthManager::singleton()->allowsPropertyChange( 'nickname' );
$defaultPreferences['nickname'] = [
- 'type' => $wgAuth->allowPropChange( 'nickname' ) ? 'text' : 'info',
+ 'type' => $nicknameChangeAllowed ? 'text' : 'info',
'maxlength' => $config->get( 'MaxSigChars' ),
'label-message' => 'yournick',
'validation-callback' => [ 'Preferences', 'validateSignature' ],
}
$emailAddress = $user->getEmail() ? htmlspecialchars( $user->getEmail() ) : '';
- if ( $canEditPrivateInfo && $wgAuth->allowPropChange( 'emailaddress' ) ) {
+ $emailChangeAllowed = $wgDisableAuthManager ? $wgAuth->allowPropChange( 'emailaddress' )
+ : AuthManager::singleton()->allowsPropertyChange( 'emailaddress' );
+ if ( $canEditPrivateInfo && $emailChangeAllowed ) {
$link = Linker::link(
SpecialPage::getTitleFor( 'ChangeEmail' ),
$context->msg( $user->getEmail() ? 'prefs-changeemail' : 'prefs-setemail' )->escaped(),
// Fortunately, the realname field is MUCH simpler
// (not really "private", but still shouldn't be edited without permission)
+
if ( !in_array( 'realname', $hiddenPrefs )
&& $user->isAllowed( 'editmyprivateinfo' )
&& array_key_exists( 'realname', $formData )
--- /dev/null
+<?php
+
+namespace MediaWiki\Auth;
+
+use Config;
+use StatusValue;
+
+/**
+ * Handles email notification / email address confirmation for account creation.
+ *
+ * Set 'no-email' to true (via AuthManager::setAuthenticationSessionData) to skip this provider.
+ * Primary providers doing so are expected to take care of email address confirmation.
+ */
+class EmailNotificationSecondaryAuthenticationProvider
+ extends AbstractSecondaryAuthenticationProvider
+{
+ /** @var bool */
+ protected $sendConfirmationEmail;
+
+ /**
+ * @param array $params
+ * - sendConfirmationEmail: (bool) send an email asking the user to confirm their email
+ * address after a successful registration
+ */
+ public function __construct( $params = [] ) {
+ if ( isset( $params['sendConfirmationEmail'] ) ) {
+ $this->sendConfirmationEmail = (bool)$params['sendConfirmationEmail'];
+ }
+ }
+
+ public function setConfig( Config $config ) {
+ parent::setConfig( $config );
+
+ if ( $this->sendConfirmationEmail === null ) {
+ $this->sendConfirmationEmail = $this->config->get( 'EnableEmail' )
+ && $this->config->get( 'EmailAuthentication' );
+ }
+ }
+
+ public function getAuthenticationRequests( $action, array $options ) {
+ return [];
+ }
+
+ public function beginSecondaryAuthentication( $user, array $reqs ) {
+ return AuthenticationResponse::newAbstain();
+ }
+
+ public function beginSecondaryAccountCreation( $user, $creator, array $reqs ) {
+ if (
+ $this->sendConfirmationEmail
+ && $user->getEmail()
+ && !$this->manager->getAuthenticationSessionData( 'no-email' )
+ ) {
+ $status = $user->sendConfirmationMail();
+ $user->saveSettings();
+ if ( $status->isGood() ) {
+ // TODO show 'confirmemail_oncreate' success message
+ } else {
+ // TODO show 'confirmemail_sendfailed' error message
+ $this->logger->warning( 'Could not send confirmation email: ' .
+ $status->getWikiText( false, false, 'en' ) );
+ }
+ }
+
+ return AuthenticationResponse::newPass();
+ }
+}
* 'exception-nologin' as a title and 'exception-nologin-text' for the message.
*
* @note In order for this exception to redirect, the error message passed to the
- * constructor has to be explicitly added to LoginForm::validErrorMessages or with
+ * constructor has to be explicitly added to LoginHelper::validErrorMessages or with
* the LoginFormValidErrorMessages hook. Otherwise, the user will just be shown the message
* rather than redirected.
*
public function report() {
// If an unsupported message is used, don't try redirecting to Special:Userlogin,
// since the message may not be compatible.
- if ( !in_array( $this->msg, LoginForm::getValidErrorMessages() ) ) {
+ if ( !in_array( $this->msg, LoginHelper::getValidErrorMessages() ) ) {
parent::report();
}
$loginlink = $this->getUser()->isAllowed( 'createaccount' ) && $useCombinedLoginLink
? 'nav-login-createaccount'
: 'pt-login';
- $is_signup = $request->getText( 'type' ) == 'signup';
- $login_url = [
- 'text' => $this->msg( $loginlink )->text(),
- 'href' => self::makeSpecialUrl( 'Userlogin', $returnto ),
- 'active' => $title->isSpecial( 'Userlogin' )
- && ( $loginlink == 'nav-login-createaccount' || !$is_signup ),
- ];
- $createaccount_url = [
- 'text' => $this->msg( 'pt-createaccount' )->text(),
- 'href' => self::makeSpecialUrl( 'Userlogin', "$returnto&type=signup" ),
- 'active' => $title->isSpecial( 'Userlogin' ) && $is_signup,
- ];
+ // TODO remove this after AuthManager is stable
+ global $wgDisableAuthManager;
+ if ( $wgDisableAuthManager ) {
+ $is_signup = $request->getText( 'type' ) == 'signup';
+ $login_url = [
+ 'text' => $this->msg( $loginlink )->text(),
+ 'href' => self::makeSpecialUrl( 'Userlogin', $returnto ),
+ 'active' => $title->isSpecial( 'Userlogin' )
+ && ( $loginlink == 'nav-login-createaccount' || !$is_signup ),
+ ];
+ $createaccount_url = [
+ 'text' => $this->msg( 'pt-createaccount' )->text(),
+ 'href' => self::makeSpecialUrl( 'Userlogin', "$returnto&type=signup" ),
+ 'active' => $title->isSpecial( 'Userlogin' ) && $is_signup,
+ ];
+ } else {
+ $login_url = [
+ 'text' => $this->msg( $loginlink )->text(),
+ 'href' => self::makeSpecialUrl( 'Userlogin', $returnto ),
+ 'active' => $title->isSpecial( 'Userlogin' ) ||
+ $title->isSpecial( 'CreateAccount' ) && $useCombinedLoginLink,
+ ];
+ $createaccount_url = [
+ 'text' => $this->msg( 'pt-createaccount' )->text(),
+ 'href' => self::makeSpecialUrl( 'CreateAccount', $returnto ),
+ 'active' => $title->isSpecial( 'CreateAccount' ),
+ ];
+ }
// No need to show Talk and Contributions to anons if they can't contribute!
if ( User::groupHasPermission( '*', 'edit' ) ) {
--- /dev/null
+<?php
+
+use MediaWiki\Auth\AuthenticationRequest;
+use MediaWiki\Auth\AuthenticationResponse;
+use MediaWiki\Auth\AuthManager;
+use MediaWiki\Logger\LoggerFactory;
+use MediaWiki\Session\SessionManager;
+use MediaWiki\Session\Token;
+
+/**
+ * A special page subclass for authentication-related special pages. It generates a form from
+ * a set of AuthenticationRequest objects, submits the result to AuthManager and
+ * partially handles the response.
+ */
+abstract class AuthManagerSpecialPage extends SpecialPage {
+ /** @var string[] The list of actions this special page deals with. Subclasses should override
+ * this. */
+ protected static $allowedActions = [
+ AuthManager::ACTION_LOGIN, AuthManager::ACTION_LOGIN_CONTINUE,
+ AuthManager::ACTION_CREATE, AuthManager::ACTION_CREATE_CONTINUE,
+ AuthManager::ACTION_LINK, AuthManager::ACTION_LINK_CONTINUE,
+ AuthManager::ACTION_CHANGE, AuthManager::ACTION_REMOVE, AuthManager::ACTION_UNLINK,
+ ];
+
+ /** @var array Customized messages */
+ protected static $messages = [];
+
+ /** @var string one of the AuthManager::ACTION_* constants. */
+ protected $authAction;
+
+ /** @var AuthenticationRequest[] */
+ protected $authRequests;
+
+ /** @var string Subpage of the special page. */
+ protected $subPage;
+
+ /** @var bool True if the current request is a result of returning from a redirect flow. */
+ protected $isReturn;
+
+ /** @var WebRequest|null If set, will be used instead of the real request. Used for redirection. */
+ protected $savedRequest;
+
+ /**
+ * Change the form descriptor that determines how a field will look in the authentication form.
+ * Called from fieldInfoToFormDescriptor().
+ * @param AuthenticationRequest[] $requests
+ * @param string $fieldInfo Field information array (union of all
+ * AuthenticationRequest::getFieldInfo() responses).
+ * @param array $formDescriptor HTMLForm descriptor. The special key 'weight' can be set to
+ * change the order of the fields.
+ * @param string $action Authentication type (one of the AuthManager::ACTION_* constants)
+ * @return bool
+ */
+ public function onAuthChangeFormFields(
+ array $requests, array $fieldInfo, array &$formDescriptor, $action
+ ) {
+ return true;
+ }
+
+ protected function getLoginSecurityLevel() {
+ return $this->getName();
+ }
+
+ public function getRequest() {
+ return $this->savedRequest ?: $this->getContext()->getRequest();
+ }
+
+ /**
+ * Override the POST data, GET data from the real request is preserved.
+ *
+ * Used to preserve POST data over a HTTP redirect.
+ *
+ * @param array $data
+ * @param bool $wasPosted
+ */
+ protected function setRequest( array $data, $wasPosted = null ) {
+ $request = $this->getContext()->getRequest();
+ if ( $wasPosted === null ) {
+ $wasPosted = $request->wasPosted();
+ }
+ $this->savedRequest = new DerivativeRequest( $request, $data + $request->getQueryValues(),
+ $wasPosted );
+ }
+
+ protected function beforeExecute( $subPage ) {
+ $this->getOutput()->disallowUserJs();
+
+ return $this->handleReturnBeforeExecute( $subPage )
+ && $this->handleReauthBeforeExecute( $subPage );
+ }
+
+ /**
+ * Handle redirection from the /return subpage.
+ *
+ * This is used in the redirect flow where we need
+ * to be able to process data that was sent via a GET request. We set the /return subpage as
+ * the reentry point so we know we need to treat GET as POST, but we don't want to handle all
+ * future GETs as POSTs so we need to normalize the URL. (Also we don't want to show any
+ * received parameters around in the URL; they are ugly and might be sensitive.)
+ *
+ * Thus when on the /return subpage, we stash the request data in the session, redirect, then
+ * use the session to detect that we have been redirected, recover the data and replace the
+ * real WebRequest with a fake one that contains the saved data.
+ *
+ * @param string $subPage
+ * @return bool False if execution should be stopped.
+ */
+ protected function handleReturnBeforeExecute( $subPage ) {
+ $authManager = AuthManager::singleton();
+ $key = 'AuthManagerSpecialPage:return:' . $this->getName();
+
+ if ( $subPage === 'return' ) {
+ $this->loadAuth( $subPage );
+ $preservedParams = $this->getPreservedParams( false );
+
+ // FIXME save POST values only from request
+ $authData = array_diff_key( $this->getRequest()->getValues(),
+ $preservedParams, [ 'title' => 1 ] );
+ $authManager->setAuthenticationSessionData( $key, $authData );
+
+ $url = $this->getPageTitle()->getFullURL( $preservedParams, false, PROTO_HTTPS );
+ $this->getOutput()->redirect( $url );
+ return false;
+ }
+
+ $authData = $authManager->getAuthenticationSessionData( $key );
+ if ( $authData ) {
+ $authManager->removeAuthenticationSessionData( $key );
+ $this->isReturn = true;
+ $this->setRequest( $authData, true );
+ }
+
+ return true;
+ }
+
+ /**
+ * Handle redirection when the user needs to (re)authenticate.
+ *
+ * Send the user to the login form if needed; in case the request was a POST, stash in the
+ * session and simulate it once the user gets back.
+ *
+ * @param string $subPage
+ * @return bool False if execution should be stopped.
+ * @throws ErrorPageError When the user is not allowed to use this page.
+ */
+ protected function handleReauthBeforeExecute( $subPage ) {
+ $authManager = AuthManager::singleton();
+ $request = $this->getRequest();
+ $key = 'AuthManagerSpecialPage:reauth:' . $this->getName();
+
+ $securityLevel = $this->getLoginSecurityLevel();
+ if ( $securityLevel ) {
+ $securityStatus = AuthManager::singleton()
+ ->securitySensitiveOperationStatus( $securityLevel );
+ if ( $securityStatus === AuthManager::SEC_REAUTH ) {
+ $queryParams = array_diff_key( $request->getQueryValues(), [ 'title' => true ] );
+
+ if ( $request->wasPosted() ) {
+ // unique ID in case the same special page is open in multiple browser tabs
+ $uniqueId = MWCryptRand::generateHex( 6 );
+ $key = $key . ':' . $uniqueId;
+
+ $queryParams = [ 'authUniqueId' => $uniqueId ] + $queryParams;
+ $authData = array_diff_key( $request->getValues(),
+ $this->getPreservedParams( false ), [ 'title' => 1 ] );
+ $authManager->setAuthenticationSessionData( $key, $authData );
+ }
+
+ $title = SpecialPage::getTitleFor( 'Userlogin' );
+ $url = $title->getFullURL( [
+ 'returnto' => $this->getFullTitle()->getPrefixedDBkey(),
+ 'returntoquery' => wfArrayToCgi( $queryParams ),
+ 'force' => $securityLevel,
+ ], false, PROTO_HTTPS );
+
+ $this->getOutput()->redirect( $url );
+ return false;
+ } elseif ( $securityStatus !== AuthManager::SEC_OK ) {
+ throw new ErrorPageError( 'cannotauth-not-allowed-title', 'cannotauth-not-allowed' );
+ }
+ }
+
+ $uniqueId = $request->getVal( 'authUniqueId' );
+ if ( $uniqueId ) {
+ $key = $key . ':' . $uniqueId;
+ $authData = $authManager->getAuthenticationSessionData( $key );
+ if ( $authData ) {
+ $authManager->removeAuthenticationSessionData( $key );
+ $this->setRequest( $authData, true );
+ }
+ }
+
+ return true;
+ }
+
+ /**
+ * Get the default action for this special page, if none is given via URL/POST data.
+ * Subclasses should override this (or override loadAuth() so this is never called).
+ * @param string $subPage Subpage of the special page.
+ * @return string an AuthManager::ACTION_* constant.
+ */
+ protected function getDefaultAction( $subPage ) {
+ throw new BadMethodCallException( 'Subclass did not implement getDefaultAction' );
+ }
+
+ /**
+ * Return custom message key.
+ * Allows subclasses to customize messages.
+ * @return string
+ */
+ protected function messageKey( $defaultKey ) {
+ return array_key_exists( $defaultKey, static::$messages )
+ ? static::$messages[$defaultKey] : $defaultKey;
+ }
+
+ /**
+ * Allows blacklisting certain request types.
+ * @return array A list of AuthenticationRequest subclass names
+ */
+ protected function getRequestBlacklist() {
+ return [];
+ }
+
+ /**
+ * Load or initialize $authAction, $authRequests and $subPage.
+ * Subclasses should call this from execute() or otherwise ensure the variables are initialized.
+ * @param string $subPage Subpage of the special page.
+ * @param string $authAction Override auth action specified in request (this is useful
+ * when the form needs to be changed from <action> to <action>_CONTINUE after a successful
+ * authentication step)
+ * @param bool $reset Regenerate the requests even if a cached version is available
+ */
+ protected function loadAuth( $subPage, $authAction = null, $reset = false ) {
+ // Do not load if already loaded, to cut down on the number of getAuthenticationRequests
+ // calls. This is important for requests which have hidden information so any
+ // getAuthenticationRequests call would mean putting data into some cache.
+ if (
+ !$reset && $this->subPage === $subPage && $this->authAction
+ && ( !$authAction || $authAction === $this->authAction )
+ ) {
+ return;
+ }
+
+ $request = $this->getRequest();
+ $this->subPage = $subPage;
+ $this->authAction = $authAction ?: $request->getText( 'authAction' );
+ if ( !in_array( $this->authAction, static::$allowedActions, true ) ) {
+ $this->authAction = $this->getDefaultAction( $subPage );
+ if ( $request->wasPosted() ) {
+ $continueAction = $this->getContinueAction( $this->authAction );
+ if ( in_array( $continueAction, static::$allowedActions, true ) ) {
+ $this->authAction = $continueAction;
+ }
+ }
+ }
+
+ $allReqs = AuthManager::singleton()->getAuthenticationRequests(
+ $this->authAction, $this->getUser() );
+ $this->authRequests = array_filter( $allReqs, function ( $req ) use ( $subPage ) {
+ return !in_array( get_class( $req ), $this->getRequestBlacklist(), true );
+ } );
+ }
+
+ /**
+ * Returns true if this is not the first step of the authentication.
+ * @return bool
+ */
+ protected function isContinued() {
+ return in_array( $this->authAction, [
+ AuthManager::ACTION_LOGIN_CONTINUE,
+ AuthManager::ACTION_CREATE_CONTINUE,
+ AuthManager::ACTION_LINK_CONTINUE,
+ ], true );
+ }
+
+ /**
+ * Gets the _CONTINUE version of an action.
+ * @param string $action An AuthManager::ACTION_* constant.
+ * @return string An AuthManager::ACTION_*_CONTINUE constant.
+ */
+ protected function getContinueAction( $action ) {
+ switch ( $action ) {
+ case AuthManager::ACTION_LOGIN:
+ $action = AuthManager::ACTION_LOGIN_CONTINUE;
+ break;
+ case AuthManager::ACTION_CREATE:
+ $action = AuthManager::ACTION_CREATE_CONTINUE;
+ break;
+ case AuthManager::ACTION_LINK:
+ $action = AuthManager::ACTION_LINK_CONTINUE;
+ break;
+ }
+ return $action;
+ }
+
+ /**
+ * Checks whether AuthManager is ready to perform the action.
+ * ACTION_CHANGE needs special verification (AuthManager::allowsAuthenticationData*) which is
+ * the caller's responsibility.
+ * @param string $action One of the AuthManager::ACTION_* constants in static::$allowedActions
+ * @return bool
+ * @throws LogicException if $action is invalid
+ */
+ protected function isActionAllowed( $action ) {
+ $authManager = AuthManager::singleton();
+ if ( !in_array( $action, static::$allowedActions, true ) ) {
+ throw new InvalidArgumentException( 'invalid action: ' . $action );
+ }
+
+ // calling getAuthenticationRequests can be expensive, avoid if possible
+ $requests = ( $action === $this->authAction ) ? $this->authRequests
+ : $authManager->getAuthenticationRequests( $action );
+ if ( !$requests ) {
+ // no provider supports this action in the current state
+ return false;
+ }
+
+ switch ( $action ) {
+ case AuthManager::ACTION_LOGIN:
+ case AuthManager::ACTION_LOGIN_CONTINUE:
+ return $authManager->canAuthenticateNow();
+ case AuthManager::ACTION_CREATE:
+ case AuthManager::ACTION_CREATE_CONTINUE:
+ return $authManager->canCreateAccounts();
+ case AuthManager::ACTION_LINK:
+ case AuthManager::ACTION_LINK_CONTINUE:
+ return $authManager->canLinkAccounts();
+ case AuthManager::ACTION_CHANGE:
+ case AuthManager::ACTION_REMOVE:
+ case AuthManager::ACTION_UNLINK:
+ return true;
+ default:
+ // should never reach here but makes static code analyzers happy
+ throw new InvalidArgumentException( 'invalid action: ' . $action );
+ }
+ }
+
+ /**
+ * @param string $action One of the AuthManager::ACTION_* constants
+ * @param AuthenticationRequest[] $requests
+ * @return AuthenticationResponse
+ * @throws LogicException if $action is invalid
+ */
+ protected function performAuthenticationStep( $action, array $requests ) {
+ if ( !in_array( $action, static::$allowedActions, true ) ) {
+ throw new InvalidArgumentException( 'invalid action: ' . $action );
+ }
+
+ $authManager = AuthManager::singleton();
+ $returnToUrl = $this->getPageTitle( 'return' )
+ ->getFullURL( $this->getPreservedParams( true ), false, PROTO_HTTPS );
+
+ switch ( $action ) {
+ case AuthManager::ACTION_LOGIN:
+ return $authManager->beginAuthentication( $requests, $returnToUrl );
+ case AuthManager::ACTION_LOGIN_CONTINUE:
+ return $authManager->continueAuthentication( $requests );
+ case AuthManager::ACTION_CREATE:
+ return $authManager->beginAccountCreation( $this->getUser(), $requests,
+ $returnToUrl );
+ case AuthManager::ACTION_CREATE_CONTINUE:
+ return $authManager->continueAccountCreation( $requests );
+ case AuthManager::ACTION_LINK:
+ return $authManager->beginAccountLink( $this->getUser(), $requests, $returnToUrl );
+ case AuthManager::ACTION_LINK_CONTINUE:
+ return $authManager->continueAccountLink( $requests );
+ case AuthManager::ACTION_CHANGE:
+ case AuthManager::ACTION_REMOVE:
+ case AuthManager::ACTION_UNLINK:
+ if ( count( $requests ) > 1 ) {
+ throw new InvalidArgumentException( 'only one auth request can be changed at a time' );
+ } elseif ( !$requests ) {
+ throw new InvalidArgumentException( 'no auth request' );
+ }
+ $req = reset( $requests );
+ $status = $authManager->allowsAuthenticationDataChange( $req );
+ Hooks::run( 'ChangeAuthenticationDataAudit', [ $req, $status ] );
+ if ( !$status->isOK() ) {
+ return AuthenticationResponse::newFail( $status->getMessage() );
+ }
+ $authManager->changeAuthenticationData( $req );
+ return AuthenticationResponse::newPass();
+ default:
+ // should never reach here but makes static code analyzers happy
+ throw new InvalidArgumentException( 'invalid action: ' . $action );
+ }
+ }
+
+ /**
+ * Attempts to do an authentication step with the submitted data.
+ * Subclasses should probably call this from execute().
+ * @return false|Status
+ * - false if there was no submit at all
+ * - a good Status wrapping an AuthenticationResponse if the form submit was successful.
+ * This does not necessarily mean that the authentication itself was successful; see the
+ * response for that.
+ * - a bad Status for form errors.
+ */
+ protected function trySubmit() {
+ $status = false;
+
+ $form = $this->getAuthForm( $this->authRequests, $this->authAction );
+ $form->setSubmitCallback( [ $this, 'handleFormSubmit' ] );
+
+ if ( $this->getRequest()->wasPosted() ) {
+ // handle tokens manually; $form->tryAuthorizedSubmit only works for logged-in users
+ $requestTokenValue = $this->getRequest()->getVal( $this->getTokenName() );
+ $sessionToken = $this->getToken();
+ if ( $sessionToken->wasNew() ) {
+ return Status::newFatal( $this->messageKey( 'authform-newtoken' ) );
+ } elseif ( !$requestTokenValue ) {
+ return Status::newFatal( $this->messageKey( 'authform-notoken' ) );
+ } elseif ( !$sessionToken->match( $requestTokenValue ) ) {
+ return Status::newFatal( $this->messageKey( 'authform-wrongtoken' ) );
+ }
+
+ $form->prepareForm();
+ $status = $form->trySubmit();
+
+ // HTMLForm submit return values are a mess; let's ensure it is false or a Status
+ // FIXME this probably should be in HTMLForm
+ if ( $status === true ) {
+ // not supposed to happen since our submit handler should always return a Status
+ throw new UnexpectedValueException( 'HTMLForm::trySubmit() returned true' );
+ } elseif ( $status === false ) {
+ // form was not submitted; nothing to do
+ } elseif ( $status instanceof Status ) {
+ // already handled by the form; nothing to do
+ } elseif ( $status instanceof StatusValue ) {
+ // in theory not an allowed return type but nothing stops the submit handler from
+ // accidentally returning it so best check and fix
+ $status = Status::wrap( $status );
+ } elseif ( is_string( $status ) ) {
+ $status = Status::newFatal( new RawMessage( '$1', $status ) );
+ } elseif ( is_array( $status ) ) {
+ if ( is_string( reset( $status ) ) ) {
+ $status = call_user_func_array( 'Status::newFatal', $status );
+ } elseif ( is_array( reset( $status ) ) ) {
+ $status = Status::newGood();
+ foreach ( $status as $message ) {
+ call_user_func_array( [ $status, 'fatal' ], $message );
+ }
+ } else {
+ throw new UnexpectedValueException( 'invalid HTMLForm::trySubmit() return value: '
+ . 'first element of array is ' . gettype( reset( $status ) ) );
+ }
+ } else {
+ // not supposed to happen but HTMLForm does not actually verify the return type
+ // from the submit callback; better safe then sorry
+ throw new UnexpectedValueException( 'invalid HTMLForm::trySubmit() return type: '
+ . gettype( $status ) );
+ }
+
+ if ( ( !$status || !$status->isOK() ) && $this->isReturn ) {
+ // This is awkward. There was a form validation error, which means the data was not
+ // passed to AuthManager. Normally we would display the form with an error message,
+ // but for the data we received via the redirect flow that would not be helpful at all.
+ // Let's just submit the data to AuthManager directly instead.
+ LoggerFactory::getInstance( 'authmanager' )
+ ->warning( 'Validation error on return', [ 'data' => $form->mFieldData,
+ 'status' => $status->getWikiText() ] );
+ $status = $this->handleFormSubmit( $form->mFieldData );
+ }
+ }
+
+ $changeActions = [
+ AuthManager::ACTION_CHANGE, AuthManager::ACTION_REMOVE, AuthManager::ACTION_UNLINK
+ ];
+ if ( in_array( $this->authAction, $changeActions, true ) && $status && !$status->isOK() ) {
+ Hooks::run( 'ChangeAuthenticationDataAudit', [ reset( $this->authRequests ), $status ] );
+ }
+
+ return $status;
+ }
+
+ /**
+ * Submit handler callback for HTMLForm
+ * @private
+ * @param $data array Submitted data
+ * @return Status
+ */
+ public function handleFormSubmit( $data ) {
+ $requests = AuthenticationRequest::loadRequestsFromSubmission( $this->authRequests, $data );
+ $response = $this->performAuthenticationStep( $this->authAction, $requests );
+
+ // we can't handle FAIL or similar as failure here since it might require changing the form
+ return Status::newGood( $response );
+ }
+
+ /**
+ * Returns URL query parameters which can be used to reload the page (or leave and return) while
+ * preserving all information that is necessary for authentication to continue. These parameters
+ * will be preserved in the action URL of the form and in the return URL for redirect flow.
+ * @param bool $withToken Include CSRF token
+ * @return array
+ */
+ protected function getPreservedParams( $withToken = false ) {
+ $params = [];
+ if ( $this->authAction !== $this->getDefaultAction( $this->subPage ) ) {
+ $params['authAction'] = $this->getContinueAction( $this->authAction );
+ }
+ if ( $withToken ) {
+ $params[$this->getTokenName()] = $this->getToken()->toString();
+ }
+ return $params;
+ }
+
+ /**
+ * Generates a HTMLForm descriptor array from a set of authentication requests.
+ * @param AuthenticationRequest[] $requests
+ * @param string $action AuthManager action name (one of the AuthManager::ACTION_* constants)
+ * @return array
+ */
+ protected function getAuthFormDescriptor( $requests, $action ) {
+ $fieldInfo = AuthenticationRequest::mergeFieldInfo( $requests );
+ $formDescriptor = $this->fieldInfoToFormDescriptor( $requests, $fieldInfo, $action );
+
+ $this->addTabIndex( $formDescriptor );
+
+ return $formDescriptor;
+ }
+
+ /**
+ * @param AuthenticationRequest[] $requests
+ * @param string $action AuthManager action name (one of the AuthManager::ACTION_* constants)
+ * @return HTMLForm
+ */
+ protected function getAuthForm( array $requests, $action ) {
+ $formDescriptor = $this->getAuthFormDescriptor( $requests, $action );
+ $context = $this->getContext();
+ if ( $context->getRequest() !== $this->getRequest() ) {
+ // We have overridden the request, need to make sure the form uses that too.
+ $context = new DerivativeContext( $this->getContext() );
+ $context->setRequest( $this->getRequest() );
+ }
+ $form = HTMLForm::factory( 'ooui', $formDescriptor, $context );
+ $form->setAction( $this->getFullTitle()->getFullURL( $this->getPreservedParams() ) );
+ $form->addHiddenField( $this->getTokenName(), $this->getToken()->toString() );
+ $form->addHiddenField( 'authAction', $this->authAction );
+ $form->suppressDefaultSubmit( !$this->needsSubmitButton( $formDescriptor ) );
+
+ return $form;
+ }
+
+ /**
+ * Display the form.
+ * @param false|Status|StatusValue $status A form submit status, as in HTMLForm::trySubmit()
+ */
+ protected function displayForm( $status ) {
+ if ( $status instanceof StatusValue ) {
+ $status = Status::wrap( $status );
+ }
+ $form = $this->getAuthForm( $this->authRequests, $this->authAction );
+ $form->prepareForm()->displayForm( $status );
+ }
+
+ /**
+ * Returns true if the form has fields which take values. If all available providers use the
+ * redirect flow, the form might contain nothing but submit buttons, in which case we should
+ * not add an extra submit button which does nothing.
+ *
+ * @param array $formDescriptor A HTMLForm descriptor
+ * @return bool
+ */
+ protected function needsSubmitButton( $formDescriptor ) {
+ return (bool)array_filter( $formDescriptor, function ( $item ) {
+ $class = false;
+ if ( array_key_exists( 'class', $item ) ) {
+ $class = $item['class'];
+ } elseif ( array_key_exists( 'type', $item ) ) {
+ $class = HTMLForm::$typeMappings[$item['type']];
+ }
+ return !in_array( $class, [ 'HTMLInfoField', 'HTMLSubmitField' ], true );
+ } );
+ }
+
+ /**
+ * Adds a sequential tabindex starting from 1 to all form elements. This way the user can
+ * use the tab key to traverse the form without having to step through all links and such.
+ * @param $formDescriptor
+ */
+ protected function addTabIndex( &$formDescriptor ) {
+ $i = 1;
+ foreach ( $formDescriptor as $field => &$definition ) {
+ $class = false;
+ if ( array_key_exists( 'class', $definition ) ) {
+ $class = $definition['class'];
+ } elseif ( array_key_exists( 'type', $definition ) ) {
+ $class = HTMLForm::$typeMappings[$definition['type']];
+ }
+ if ( $class !== 'HTMLInfoField' ) {
+ $definition['tabindex'] = $i;
+ $i++;
+ }
+ }
+ }
+
+ /**
+ * Returns the CSRF token.
+ * @return Token
+ */
+ protected function getToken() {
+ return $this->getRequest()->getSession()->getToken( 'AuthManagerSpecialPage:'
+ . $this->getName() );
+ }
+
+ /**
+ * Returns the name of the CSRF token (under which it should be found in the POST or GET data).
+ * @return string
+ */
+ protected function getTokenName() {
+ return 'wpAuthToken';
+ }
+
+ /**
+ * Turns a field info array into a form descriptor. Behavior can be modified by the
+ * AuthChangeFormFields hook.
+ * @param AuthenticationRequest[] $requests
+ * @param array $fieldInfo Field information, in the format used by
+ * AuthenticationRequest::getFieldInfo()
+ * @param string $action One of the AuthManager::ACTION_* constants
+ * @return array A form descriptor that can be passed to HTMLForm
+ */
+ protected function fieldInfoToFormDescriptor( array $requests, array $fieldInfo, $action ) {
+ $formDescriptor = [];
+ foreach ( $fieldInfo as $fieldName => $singleFieldInfo ) {
+ $formDescriptor[$fieldName] = self::mapSingleFieldInfo( $singleFieldInfo, $fieldName );
+ }
+
+ $requestSnapshot = serialize( $requests );
+ $this->onAuthChangeFormFields( $requests, $fieldInfo, $formDescriptor, $action );
+ \Hooks::run( 'AuthChangeFormFields', [ $requests, $fieldInfo, &$formDescriptor, $action ] );
+ if ( $requestSnapshot !== serialize( $requests ) ) {
+ LoggerFactory::getInstance( 'authentication' )->warning(
+ 'AuthChangeFormFields hook changed auth requests' );
+ }
+
+ // Process the special 'weight' property, which is a way for AuthChangeFormFields hook
+ // subscribers (who only see one field at a time) to influence ordering.
+ self::sortFormDescriptorFields( $formDescriptor );
+
+ return $formDescriptor;
+ }
+
+ /**
+ * Maps an authentication field configuration for a single field (as returned by
+ * AuthenticationRequest::getFieldInfo()) to a HTMLForm field descriptor.
+ * @param array $singleFieldInfo
+ * @return array
+ */
+ protected static function mapSingleFieldInfo( $singleFieldInfo, $fieldName ) {
+ $type = self::mapFieldInfoTypeToFormDescriptorType( $singleFieldInfo['type'] );
+ $descriptor = [
+ 'type' => $type,
+ // Do not prefix input name with 'wp'. This is important for the redirect flow.
+ 'name' => $fieldName,
+ ];
+
+ if ( $type === 'submit' && isset( $singleFieldInfo['label'] ) ) {
+ $descriptor['default'] = wfMessage( $singleFieldInfo['label'] )->plain();
+ } elseif ( $type !== 'submit' ) {
+ $descriptor += array_filter( [
+ // help-message is omitted as it is usually not really useful for a web interface
+ 'label-message' => self::getField( $singleFieldInfo, 'label' ),
+ ] );
+
+ if ( isset( $singleFieldInfo['options'] ) ) {
+ $descriptor['options'] = array_flip( array_map( function ( $message ) {
+ /** @var $message Message */
+ return $message->parse();
+ }, $singleFieldInfo['options'] ) );
+ }
+
+ if ( isset( $singleFieldInfo['value'] ) ) {
+ $descriptor['default'] = $singleFieldInfo['value'];
+ }
+
+ if ( empty( $singleFieldInfo['optional'] ) ) {
+ $descriptor['required'] = true;
+ }
+ }
+
+ return $descriptor;
+ }
+
+ /**
+ * Sort the fields of a form descriptor by their 'weight' property. (Fields with higher weight
+ * are shown closer to the bottom; weight defaults to 0. Negative weight is allowed.)
+ * Keep order if weights are equal.
+ * @param array $formDescriptor
+ * @return array
+ */
+ protected static function sortFormDescriptorFields( array &$formDescriptor ) {
+ $i = 0;
+ foreach ( $formDescriptor as &$field ) {
+ $field['__index'] = $i++;
+ }
+ uasort( $formDescriptor, function ( $first, $second ) {
+ return self::getField( $first, 'weight', 0 ) - self::getField( $second, 'weight', 0 )
+ ?: $first['__index'] - $second['__index'];
+ } );
+ foreach ( $formDescriptor as &$field ) {
+ unset( $field['__index'] );
+ }
+ }
+
+ /**
+ * Get an array value, or a default if it does not exist.
+ * @param array $array
+ * @param string $fieldName
+ * @param mixed $default
+ * @return mixed
+ */
+ protected static function getField( array $array, $fieldName, $default = null ) {
+ if ( array_key_exists( $fieldName, $array ) ) {
+ return $array[$fieldName];
+ } else {
+ return $default;
+ }
+ }
+
+ /**
+ * Maps AuthenticationRequest::getFieldInfo() types to HTMLForm types
+ * @param string $type
+ * @return string
+ * @throws \LogicException
+ */
+ protected static function mapFieldInfoTypeToFormDescriptorType( $type ) {
+ $map = [
+ 'string' => 'text',
+ 'password' => 'password',
+ 'select' => 'select',
+ 'checkbox' => 'check',
+ 'multiselect' => 'multiselect',
+ 'button' => 'submit',
+ 'hidden' => 'hidden',
+ 'null' => 'info',
+ ];
+ if ( !array_key_exists( $type, $map ) ) {
+ throw new \LogicException( 'invalid field type: ' . $type );
+ }
+ return $map[$type];
+ }
+}
--- /dev/null
+<?php
+/**
+ * Holds shared logic for login and account creation pages.
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License along
+ * with this program; if not, write to the Free Software Foundation, Inc.,
+ * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
+ * http://www.gnu.org/copyleft/gpl.html
+ *
+ * @file
+ * @ingroup SpecialPage
+ */
+
+use MediaWiki\Auth\AuthenticationRequest;
+use MediaWiki\Auth\AuthenticationResponse;
+use MediaWiki\Auth\AuthManager;
+use MediaWiki\Auth\Throttler;
+use MediaWiki\Logger\LoggerFactory;
+use MediaWiki\Session\SessionManager;
+use Psr\Log\LogLevel;
+
+/**
+ * Holds shared logic for login and account creation pages.
+ *
+ * @ingroup SpecialPage
+ */
+abstract class LoginSignupSpecialPage extends AuthManagerSpecialPage {
+ protected $mReturnTo;
+ protected $mPosted;
+ protected $mAction;
+ protected $mLanguage;
+ protected $mReturnToQuery;
+ protected $mToken;
+ protected $mStickHTTPS;
+ protected $mFromHTTP;
+ protected $mEntryError = '';
+ protected $mEntryErrorType = 'error';
+
+ protected $mLoaded = false;
+ protected $mSecureLoginUrl;
+
+ /** @var string */
+ protected $securityLevel;
+
+ /** @var bool True if the user if creating an account for someone else. Flag used for internal
+ * communication, only set at the very end. */
+ protected $proxyAccountCreation;
+ /** @var User FIXME another flag for passing data. */
+ protected $targetUser;
+
+ /** @var HTMLForm */
+ protected $authForm;
+
+ /** @var FakeAuthTemplate */
+ protected $fakeTemplate;
+
+ abstract protected function isSignup();
+
+ /**
+ * @param bool $direct True if the action was successful just now; false if that happened
+ * pre-redirection (so this handler was called already)
+ * @param StatusValue|null $extraMessages
+ * @return void
+ */
+ abstract protected function successfulAction( $direct = false, $extraMessages = null );
+
+ /**
+ * Logs to the authmanager-stats channel.
+ * @param bool $success
+ * @param string|null $status Error message key
+ */
+ abstract protected function logAuthResult( $success, $status = null );
+
+ public function __construct( $name ) {
+ global $wgUseMediaWikiUIEverywhere;
+ parent::__construct( $name );
+
+ // Override UseMediaWikiEverywhere to true, to force login and create form to use mw ui
+ $wgUseMediaWikiUIEverywhere = true;
+ }
+
+ /**
+ * Load data from request.
+ * @private
+ * @param string $subPage Subpage of Special:Userlogin
+ */
+ protected function load( $subPage ) {
+ global $wgSecureLogin;
+
+ if ( $this->mLoaded ) {
+ return;
+ }
+ $this->mLoaded = true;
+
+ $request = $this->getRequest();
+
+ $this->mPosted = $request->wasPosted();
+ $this->mIsReturn = $subPage === 'return';
+ $this->mAction = $request->getVal( 'action' );
+ $this->mFromHTTP = $request->getBool( 'fromhttp', false )
+ || $request->getBool( 'wpFromhttp', false );
+ $this->mStickHTTPS = ( !$this->mFromHTTP && $request->getProtocol() === 'https' )
+ || $request->getBool( 'wpForceHttps', false );
+ $this->mLanguage = $request->getText( 'uselang' );
+ $this->mReturnTo = $request->getVal( 'returnto', '' );
+ $this->mReturnToQuery = $request->getVal( 'returntoquery', '' );
+
+ $securityLevel = $this->getRequest()->getText( 'force' );
+ if (
+ $securityLevel && AuthManager::singleton()->securitySensitiveOperationStatus(
+ $securityLevel ) === AuthManager::SEC_REAUTH
+ ) {
+ $this->securityLevel = $securityLevel;
+ }
+
+ $this->loadAuth( $subPage );
+
+ $this->mToken = $request->getVal( $this->getTokenName() );
+
+ // Show an error or warning passed on from a previous page
+ $entryError = $this->msg( $request->getVal( 'error', '' ) );
+ $entryWarning = $this->msg( $request->getVal( 'warning', '' ) );
+ // bc: provide login link as a parameter for messages where the translation
+ // was not updated
+ $loginreqlink = Linker::linkKnown(
+ $this->getPageTitle(),
+ $this->msg( 'loginreqlink' )->escaped(),
+ [],
+ [
+ 'returnto' => $this->mReturnTo,
+ 'returntoquery' => $this->mReturnToQuery,
+ 'uselang' => $this->mLanguage,
+ 'fromhttp' => $wgSecureLogin && $this->mFromHTTP ? '1' : null,
+ ]
+ );
+
+ // Only show valid error or warning messages.
+ if ( $entryError->exists()
+ && in_array( $entryError->getKey(), LoginHelper::getValidErrorMessages(), true )
+ ) {
+ $this->mEntryErrorType = 'error';
+ $this->mEntryError = $entryError->rawParams( $loginreqlink )->parse();
+
+ } elseif ( $entryWarning->exists()
+ && in_array( $entryWarning->getKey(), LoginHelper::getValidErrorMessages(), true )
+ ) {
+ $this->mEntryErrorType = 'warning';
+ $this->mEntryError = $entryWarning->rawParams( $loginreqlink )->parse();
+ }
+
+ # 1. When switching accounts, it sucks to get automatically logged out
+ # 2. Do not return to PasswordReset after a successful password change
+ # but goto Wiki start page (Main_Page) instead ( bug 33997 )
+ $returnToTitle = Title::newFromText( $this->mReturnTo );
+ if ( is_object( $returnToTitle )
+ && ( $returnToTitle->isSpecial( 'Userlogout' )
+ || $returnToTitle->isSpecial( 'PasswordReset' ) )
+ ) {
+ $this->mReturnTo = '';
+ $this->mReturnToQuery = '';
+ }
+ }
+
+ protected function getPreservedParams( $withToken = false ) {
+ global $wgSecureLogin;
+
+ $params = parent::getPreservedParams( $withToken );
+ $params += [
+ 'returnto' => $this->mReturnTo ?: null,
+ 'returntoquery' => $this->mReturnToQuery ?: null,
+ ];
+ if ( $wgSecureLogin && !$this->isSignup() ) {
+ $params['fromhttp'] = $this->mFromHTTP ? '1' : null;
+ }
+ return $params;
+ }
+
+ /**
+ * @param string|null $subPage
+ */
+ public function execute( $subPage ) {
+ $authManager = AuthManager::singleton();
+ $session = SessionManager::getGlobalSession();
+
+ // Session data is used for various things in the authentication process, so we must make
+ // sure a session cookie or some equivalent mechanism is set.
+ $session->persist();
+
+ $this->load( $subPage );
+ $this->setHeaders();
+ $this->checkPermissions();
+
+ // Make sure it's possible to log in
+ if ( !$this->isSignup() && !$session->canSetUser() ) {
+ throw new ErrorPageError( 'cannotloginnow-title', 'cannotloginnow-text', [
+ $session->getProvider()->describe( RequestContext::getMain()->getLanguage() )
+ ] );
+ }
+
+ /*
+ * In the case where the user is already logged in, and was redirected to
+ * the login form from a page that requires login, do not show the login
+ * page. The use case scenario for this is when a user opens a large number
+ * of tabs, is redirected to the login page on all of them, and then logs
+ * in on one, expecting all the others to work properly.
+ *
+ * However, do show the form if it was visited intentionally (no 'returnto'
+ * is present). People who often switch between several accounts have grown
+ * accustomed to this behavior.
+ *
+ * Also make an exception when force=<level> is set in the URL, which means the user must
+ * reauthenticate for security reasons.
+ */
+ if ( !$this->isSignup() && !$this->mPosted && !$this->securityLevel &&
+ ( $this->mReturnTo !== '' || $this->mReturnToQuery !== '' ) &&
+ $this->getUser()->isLoggedIn()
+ ) {
+ $this->successfulAction();
+ }
+
+ // If logging in and not on HTTPS, either redirect to it or offer a link.
+ global $wgSecureLogin;
+ if ( $this->getRequest()->getProtocol() !== 'https' ) {
+ $title = $this->getFullTitle();
+ $query = $this->getPreservedParams( false ) + [
+ 'title' => null,
+ ( $this->mEntryErrorType === 'error' ? 'error'
+ : 'warning' ) => $this->mEntryError,
+ ] + $this->getRequest()->getQueryValues();
+ $url = $title->getFullURL( $query, false, PROTO_HTTPS );
+ if ( $wgSecureLogin && !$this->mFromHTTP &&
+ wfCanIPUseHTTPS( $this->getRequest()->getIP() )
+ ) {
+ // Avoid infinite redirect
+ $url = wfAppendQuery( $url, 'fromhttp=1' );
+ $this->getOutput()->redirect( $url );
+ // Since we only do this redir to change proto, always vary
+ $this->getOutput()->addVaryHeader( 'X-Forwarded-Proto' );
+
+ return;
+ } else {
+ // A wiki without HTTPS login support should set $wgServer to
+ // http://somehost, in which case the secure URL generated
+ // above won't actually start with https://
+ if ( substr( $url, 0, 8 ) === 'https://' ) {
+ $this->mSecureLoginUrl = $url;
+ }
+ }
+ }
+
+ if ( !$this->isActionAllowed( $this->authAction ) ) {
+ // FIXME how do we explain this to the user? can we handle session loss better?
+ // messages used: authpage-cannot-login, authpage-cannot-login-continue,
+ // authpage-cannot-create, authpage-cannot-create-continue
+ $this->mainLoginForm( [], 'authpage-cannot-' . $this->authAction );
+ return;
+ }
+
+ $status = $this->trySubmit();
+
+ if ( !$status || !$status->isGood() ) {
+ $this->mainLoginForm( $this->authRequests, $status ? $status->getMessage() : '', 'error' );
+ return;
+ }
+
+ /** @var AuthenticationResponse $response */
+ $response = $status->getValue();
+
+ $returnToUrl = $this->getPageTitle( 'return' )
+ ->getFullURL( $this->getPreservedParams( true ), false, PROTO_HTTPS );
+ switch ( $response->status ) {
+ case AuthenticationResponse::PASS:
+ $this->logAuthResult( true );
+ $this->proxyAccountCreation = $this->isSignup() && !$this->getUser()->isAnon();
+ $this->targetUser = User::newFromName( $response->username );
+
+ if (
+ !$this->proxyAccountCreation
+ && $response->loginRequest
+ && $authManager->canAuthenticateNow()
+ ) {
+ // successful registration; log the user in instantly
+ $response2 = $authManager->beginAuthentication( [ $response->loginRequest ],
+ $returnToUrl );
+ if ( $response2->status !== AuthenticationResponse::PASS ) {
+ LoggerFactory::getInstance( 'login' )
+ ->error( 'Could not log in after account creation' );
+ $this->successfulAction( true, Status::newFatal( 'createacct-loginerror' ) );
+ break;
+ }
+ }
+
+ if ( !$this->proxyAccountCreation ) {
+ // Ensure that the context user is the same as the session user.
+ $this->setSessionUserForCurrentRequest();
+ }
+
+ $this->successfulAction( true );
+ break;
+ case AuthenticationResponse::FAIL:
+ // fall through
+ case AuthenticationResponse::RESTART:
+ unset( $this->authForm );
+ if ( $response->status === AuthenticationResponse::FAIL ) {
+ $action = $this->getDefaultAction( $subPage );
+ $messageType = 'error';
+ } else {
+ $action = $this->getContinueAction( $this->authAction );
+ $messageType = 'warning';
+ }
+ $this->logAuthResult( false, $response->message ? $response->message->getKey() : '-' );
+ $this->loadAuth( $subPage, $action, true );
+ $this->mainLoginForm( $this->authRequests, $response->message, $messageType );
+ break;
+ case AuthenticationResponse::REDIRECT:
+ unset( $this->authForm );
+ $this->getOutput()->redirect( $response->redirectTarget );
+ break;
+ case AuthenticationResponse::UI:
+ unset( $this->authForm );
+ $this->authAction = $this->isSignup() ? AuthManager::ACTION_CREATE_CONTINUE
+ : AuthManager::ACTION_LOGIN_CONTINUE;
+ $this->authRequests = $response->neededRequests;
+ $this->mainLoginForm( $response->neededRequests, $response->message, 'warning' );
+ break;
+ default:
+ throw new LogicException( 'invalid AuthenticationResponse' );
+ }
+ }
+
+ /**
+ * Show the success page.
+ *
+ * @param string $type Condition of return to; see `executeReturnTo`
+ * @param string|Message $title Page's title
+ * @param string $msgname
+ * @param string $injected_html
+ * @param StatusValue|null $extraMessages
+ */
+ protected function showSuccessPage(
+ $type, $title, $msgname, $injected_html, $extraMessages
+ ) {
+ $out = $this->getOutput();
+ $out->setPageTitle( $title );
+ if ( $msgname ) {
+ $out->addWikiMsg( $msgname, wfEscapeWikiText( $this->getUser()->getName() ) );
+ }
+ if ( $extraMessages ) {
+ $extraMessages = Status::wrap( $extraMessages );
+ $out->addWikiText( $extraMessages->getWikiText() );
+ }
+
+ $out->addHTML( $injected_html );
+
+ $helper = new LoginHelper( $this->getContext() );
+ $helper->showReturnToPage( $type, $this->mReturnTo, $this->mReturnToQuery, $this->mStickHTTPS );
+ }
+
+ /**
+ * Add a "return to" link or redirect to it.
+ * Extensions can use this to reuse the "return to" logic after
+ * inject steps (such as redirection) into the login process.
+ *
+ * @param string $type One of the following:
+ * - error: display a return to link ignoring $wgRedirectOnLogin
+ * - signup: display a return to link using $wgRedirectOnLogin if needed
+ * - success: display a return to link using $wgRedirectOnLogin if needed
+ * - successredirect: send an HTTP redirect using $wgRedirectOnLogin if needed
+ * @param string $returnTo
+ * @param array|string $returnToQuery
+ * @param bool $stickHTTPS Keep redirect link on HTTPS
+ * @since 1.22
+ */
+ public function showReturnToPage(
+ $type, $returnTo = '', $returnToQuery = '', $stickHTTPS = false
+ ) {
+ $helper = new LoginHelper( $this->getContext() );
+ $helper->showReturnToPage( $type, $returnTo, $returnToQuery, $stickHTTPS );
+ }
+
+ /**
+ * Replace some globals to make sure the fact that the user has just been logged in is
+ * reflected in the current request.
+ * @param User $user
+ */
+ protected function setSessionUserForCurrentRequest() {
+ global $wgUser, $wgLang;
+
+ $context = RequestContext::getMain();
+ $localContext = $this->getContext();
+ if ( $context !== $localContext ) {
+ // remove AuthManagerSpecialPage context hack
+ $this->setContext( $context );
+ }
+
+ $user = $context->getRequest()->getSession()->getUser();
+
+ $wgUser = $user;
+ $context->setUser( $user );
+
+ $code = $this->getRequest()->getVal( 'uselang', $user->getOption( 'language' ) );
+ $userLang = Language::factory( $code );
+ $wgLang = $userLang;
+ $context->setLanguage( $userLang );
+ }
+
+ /**
+ * @param AuthenticationRequest[] $requests A list of AuthorizationRequest objects,
+ * used to generate the form fields. An empty array means a fatal error
+ * (authentication cannot continue).
+ * @param string|Message $msg
+ * @param string $msgtype
+ * @throws ErrorPageError
+ * @throws Exception
+ * @throws FatalError
+ * @throws MWException
+ * @throws PermissionsError
+ * @throws ReadOnlyError
+ * @private
+ */
+ protected function mainLoginForm( array $requests, $msg = '', $msgtype = 'error' ) {
+ $titleObj = $this->getPageTitle();
+ $user = $this->getUser();
+ $out = $this->getOutput();
+
+ // FIXME how to handle empty $requests - restart, or no form, just an error message?
+ // no form would be better for no session type errors, restart is better when can* fails.
+ if ( !$requests ) {
+ $this->authAction = $this->getDefaultAction( $this->subPage );
+ $this->authForm = null;
+ $requests = AuthManager::singleton()->getAuthenticationRequests( $this->authAction, $user );
+ }
+
+ // Generic styles and scripts for both login and signup form
+ $out->addModuleStyles( [
+ 'mediawiki.ui',
+ 'mediawiki.ui.button',
+ 'mediawiki.ui.checkbox',
+ 'mediawiki.ui.input',
+ 'mediawiki.special.userlogin.common.styles'
+ ] );
+ if ( $this->isSignup() ) {
+ // XXX hack pending RL or JS parse() support for complex content messages T27349
+ $out->addJsConfigVars( 'wgCreateacctImgcaptchaHelp',
+ $this->msg( 'createacct-imgcaptcha-help' )->parse() );
+
+ // Additional styles and scripts for signup form
+ $out->addModules( [
+ 'mediawiki.special.userlogin.signup.js'
+ ] );
+ $out->addModuleStyles( [
+ 'mediawiki.special.userlogin.signup.styles'
+ ] );
+ } else {
+ // Additional styles for login form
+ $out->addModuleStyles( [
+ 'mediawiki.special.userlogin.login.styles'
+ ] );
+ }
+ $out->disallowUserJs(); // just in case...
+
+ $form = $this->getAuthForm( $requests, $this->authAction, $msg, $msgtype );
+ $form->prepareForm();
+ $formHtml = $form->getHTML( $msg ? Status::newFatal( $msg ) : false );
+
+ $out->addHTML( $this->getPageHtml( $formHtml ) );
+ }
+
+ /**
+ * Add page elements which are outside the form.
+ * FIXME this should probably be a template, but use a sane language (handlebars?)
+ * @param string $formHtml
+ * @return string
+ */
+ protected function getPageHtml( $formHtml ) {
+ global $wgLoginLanguageSelector;
+
+ $loginPrompt = $this->isSignup() ? '' : Html::rawElement( 'div',
+ [ 'id' => 'userloginprompt' ], $this->msg( 'loginprompt' )->parseAsBlock() );
+ $languageLinks = $wgLoginLanguageSelector ? $this->makeLanguageSelector() : '';
+ $signupStartMsg = $this->msg( 'signupstart' );
+ $signupStart = ( $this->isSignup() && !$signupStartMsg->isDisabled() )
+ ? Html::rawElement( 'div', [ 'id' => 'signupstart' ], $signupStartMsg->parseAsBlock() ) : '';
+ if ( $languageLinks ) {
+ $languageLinks = Html::rawElement( 'div', [ 'id' => 'languagelinks' ],
+ Html::rawElement( 'p', [], $languageLinks )
+ );
+ }
+
+ $benefitsContainer = '';
+ if ( $this->isSignup() && $this->showExtraInformation() ) {
+ // messages used:
+ // createacct-benefit-icon1 createacct-benefit-head1 createacct-benefit-body1
+ // createacct-benefit-icon2 createacct-benefit-head2 createacct-benefit-body2
+ // createacct-benefit-icon3 createacct-benefit-head3 createacct-benefit-body3
+ $benefitCount = 3;
+ $benefitList = '';
+ for ( $benefitIdx = 1; $benefitIdx <= $benefitCount; $benefitIdx++ ) {
+ $headUnescaped = $this->msg( "createacct-benefit-head$benefitIdx" )->text();
+ $iconClass = $this->msg( "createacct-benefit-icon$benefitIdx" )->escaped();
+ $benefitList .= Html::rawElement( 'div', [ 'class' => "mw-number-text $iconClass" ],
+ Html::rawElement( 'h3', [],
+ $this->msg( "createacct-benefit-head$benefitIdx" )->escaped()
+ )
+ . Html::rawElement( 'p', [],
+ $this->msg( "createacct-benefit-body$benefitIdx" )->params( $headUnescaped )->escaped()
+ )
+ );
+ }
+ $benefitsContainer = Html::rawElement( 'div', [ 'class' => 'mw-createacct-benefits-container' ],
+ Html::rawElement( 'h2', [], $this->msg( 'createacct-benefit-heading' )->escaped() )
+ . Html::rawElement( 'div', [ 'class' => 'mw-createacct-benefits-list' ],
+ $benefitList
+ )
+ );
+ }
+
+ $html = Html::rawElement( 'div', [ 'class' => 'mw-ui-container' ],
+ $loginPrompt
+ . $languageLinks
+ . $signupStart
+ . Html::rawElement( 'div', [ 'id' => 'userloginForm' ],
+ $formHtml
+ )
+ . $benefitsContainer
+ );
+
+ return $html;
+ }
+
+ /**
+ * Generates a form from the given request.
+ * @param AuthenticationRequest[] $requests
+ * @param string $action AuthManager action name
+ * @param string|Message $msg
+ * @param string $msgType
+ * @return HTMLForm
+ */
+ protected function getAuthForm( array $requests, $action, $msg = '', $msgType = 'error' ) {
+ global $wgSecureLogin, $wgLoginLanguageSelector;
+ // FIXME merge this with parent
+
+ if ( isset( $this->authForm ) ) {
+ return $this->authForm;
+ }
+
+ $usingHTTPS = $this->getRequest()->getProtocol() === 'https';
+
+ // get basic form description from the auth logic
+ $fieldInfo = AuthenticationRequest::mergeFieldInfo( $requests );
+ $fakeTemplate = $this->getFakeTemplate( $msg, $msgType );
+ $this->fakeTemplate = $fakeTemplate; // FIXME there should be a saner way to pass this to the hook
+ // this will call onAuthChangeFormFields()
+ $formDescriptor = static::fieldInfoToFormDescriptor( $requests, $fieldInfo, $this->authAction );
+ $this->postProcessFormDescriptor( $formDescriptor );
+
+ $context = $this->getContext();
+ if ( $context->getRequest() !== $this->getRequest() ) {
+ // We have overridden the request, need to make sure the form uses that too.
+ $context = new DerivativeContext( $this->getContext() );
+ $context->setRequest( $this->getRequest() );
+ }
+ $form = HTMLForm::factory( 'vform', $formDescriptor, $context );
+
+ $form->addHiddenField( 'authAction', $this->authAction );
+ if ( $wgLoginLanguageSelector ) {
+ $form->addHiddenField( 'uselang', $this->mLanguage );
+ }
+ $form->addHiddenField( 'force', $this->securityLevel );
+ $form->addHiddenField( $this->getTokenName(), $this->getToken()->toString() );
+ if ( $wgSecureLogin ) {
+ // If using HTTPS coming from HTTP, then the 'fromhttp' parameter must be preserved
+ if ( !$this->isSignup() ) {
+ $form->addHiddenField( 'wpForceHttps', (int)$this->mStickHTTPS );
+ $form->addHiddenField( 'wpFromhttp', $usingHTTPS );
+ }
+ }
+
+ // set properties of the form itself
+ $form->setAction( $this->getPageTitle()->getLocalURL( $this->getReturnToQueryStringFragment() ) );
+ $form->setName( 'userlogin' . ( $this->isSignup() ? '2' : '' ) );
+ if ( $this->isSignup() ) {
+ $form->setId( 'userlogin2' );
+ }
+
+ // add pre/post text
+ // header used by ConfirmEdit, CondfirmAccount, Persona, WikimediaIncubator, SemanticSignup
+ // should be above the error message but HTMLForm doesn't support that
+ $form->addHeaderText( $fakeTemplate->html( 'header' ) );
+
+ // FIXME the old form used this for error/warning messages which does not play well with
+ // HTMLForm (maybe it could with a subclass?); for now only display it for signups
+ // (where the JS username validation needs it) and alway empty
+ if ( $this->isSignup() ) {
+ // used by the mediawiki.special.userlogin.signup.js module
+ $statusAreaAttribs = [ 'id' => 'mw-createacct-status-area' ];
+ // $statusAreaAttribs += $msg ? [ 'class' => "{$msgType}box" ] : [ 'style' => 'display: none;' ];
+ $form->addHeaderText( Html::element( 'div', $statusAreaAttribs ) );
+ }
+
+ // header used by MobileFrontend
+ $form->addHeaderText( $fakeTemplate->html( 'formheader' ) );
+
+ // blank signup footer for site customization
+ if ( $this->isSignup() && $this->showExtraInformation() ) {
+ // Use signupend-https for HTTPS requests if it's not blank, signupend otherwise
+ $signupendMsg = $this->msg( 'signupend' );
+ $signupendHttpsMsg = $this->msg( 'signupend-https' );
+ if ( !$signupendMsg->isDisabled() ) {
+ $signupendText = ( $usingHTTPS && !$signupendHttpsMsg->isBlank() )
+ ? $signupendHttpsMsg ->parse() : $signupendMsg->parse();
+ $form->addPostText( Html::rawElement( 'div', [ 'id' => 'signupend' ], $signupendText ) );
+ }
+ }
+
+ // warning header for non-standard workflows (e.g. security reauthentication)
+ if ( !$this->isSignup() && $this->getUser()->isLoggedIn() ) {
+ $reauthMessage = $this->securityLevel ? 'userlogin-reauth' : 'userlogin-loggedin';
+ $form->addHeaderText( Html::rawElement( 'div', [ 'class' => 'warningbox' ],
+ $this->msg( $reauthMessage )->params( $this->getUser()->getName() )->parse() ) );
+ }
+
+ if ( !$this->isSignup() && $this->showExtraInformation() ) {
+ $passwordReset = new PasswordReset( $this->getConfig(), AuthManager::singleton() );
+ if ( $passwordReset->isAllowed( $this->getUser() ) ) {
+ $form->addFooterText( Html::rawElement(
+ 'div',
+ [ 'class' => 'mw-ui-vform-field mw-form-related-link-container' ],
+ Linker::link(
+ SpecialPage::getTitleFor( 'PasswordReset' ),
+ $this->msg( 'userlogin-resetpassword-link' )->escaped()
+ )
+ ) );
+ }
+
+ // Don't show a "create account" link if the user can't.
+ if ( $this->showCreateAccountLink() ) {
+ // link to the other action
+ $linkTitle = $this->getTitleFor( $this->isSignup() ? 'Userlogin' :'CreateAccount' );
+ $linkq = $this->getReturnToQueryStringFragment();
+ // Pass any language selection on to the mode switch link
+ if ( $wgLoginLanguageSelector && $this->mLanguage ) {
+ $linkq .= '&uselang=' . $this->mLanguage;
+ }
+ $createOrLoginHref = $linkTitle->getLocalURL( $linkq );
+
+ if ( $this->getUser()->isLoggedIn() ) {
+ $createOrLoginHtml = Html::rawElement( 'div',
+ [ 'class' => 'mw-ui-vform-field' ],
+ Html::element( 'a',
+ [
+ 'id' => 'mw-createaccount-join',
+ 'href' => $createOrLoginHref,
+ // put right after all auth inputs in the tab order
+ 'tabindex' => 100,
+ ],
+ $this->msg( 'userlogin-createanother' )->escaped()
+ )
+ );
+ } else {
+ $createOrLoginHtml = Html::rawElement( 'div',
+ [ 'id' => 'mw-createaccount-cta',
+ 'class' => 'mw-ui-vform-field' ],
+ $this->msg( 'userlogin-noaccount' )->escaped()
+ . Html::element( 'a',
+ [
+ 'id' => 'mw-createaccount-join',
+ 'href' => $createOrLoginHref,
+ 'class' => 'mw-ui-button',
+ 'tabindex' => 100,
+ ],
+ $this->msg( 'userlogin-joinproject' )->escaped()
+ )
+ );
+ }
+ $form->addFooterText( $createOrLoginHtml );
+ }
+ }
+
+ $form->suppressDefaultSubmit();
+
+ $this->authForm = $form;
+
+ return $form;
+ }
+
+ /**
+ * Temporary B/C method to handle extensions using the UserLoginForm/UserCreateForm hooks.
+ * @param string|Message $msg
+ * @param string $msgType
+ * @return FakeAuthTemplate
+ */
+ protected function getFakeTemplate( $msg, $msgType ) {
+ global $wgAuth, $wgEnableEmail, $wgHiddenPrefs, $wgEmailConfirmToEdit, $wgEnableUserEmail,
+ $wgSecureLogin, $wgLoginLanguageSelector, $wgPasswordResetRoutes;
+
+ // make a best effort to get the value of fields which used to be fixed in the old login
+ // template but now might or might not exist depending on what providers are used
+ $request = $this->getRequest();
+ $data = (object) [
+ 'mUsername' => $request->getText( 'wpName' ),
+ 'mPassword' => $request->getText( 'wpPassword' ),
+ 'mRetype' => $request->getText( 'wpRetype' ),
+ 'mEmail' => $request->getText( 'wpEmail' ),
+ 'mRealName' => $request->getText( 'wpRealName' ),
+ 'mDomain' => $request->getText( 'wpDomain' ),
+ 'mReason' => $request->getText( 'wpReason' ),
+ 'mRemember' => $request->getCheck( 'wpRemember' ),
+ ];
+
+ // Preserves a bunch of logic from the old code that was rewritten in getAuthForm().
+ // There is no code reuse to make this easier to remove .
+ // If an extension tries to change any of these values, they are out of luck - we only
+ // actually use the domain/usedomain/domainnames, extraInput and extrafields keys.
+
+ $titleObj = $this->getPageTitle();
+ $user = $this->getUser();
+ $template = new FakeAuthTemplate();
+
+ // Pre-fill username (if not creating an account, bug 44775).
+ if ( $data->mUsername == '' && $this->isSignup() ) {
+ if ( $user->isLoggedIn() ) {
+ $data->mUsername = $user->getName();
+ } else {
+ $data->mUsername = $this->getRequest()->getSession()->suggestLoginUsername();
+ }
+ }
+
+ if ( $this->isSignup() ) {
+ // Must match number of benefits defined in messages
+ $template->set( 'benefitCount', 3 );
+
+ $q = 'action=submitlogin&type=signup';
+ $linkq = 'type=login';
+ } else {
+ $q = 'action=submitlogin&type=login';
+ $linkq = 'type=signup';
+ }
+
+ if ( $this->mReturnTo !== '' ) {
+ $returnto = '&returnto=' . wfUrlencode( $this->mReturnTo );
+ if ( $this->mReturnToQuery !== '' ) {
+ $returnto .= '&returntoquery=' .
+ wfUrlencode( $this->mReturnToQuery );
+ }
+ $q .= $returnto;
+ $linkq .= $returnto;
+ }
+
+ # Don't show a "create account" link if the user can't.
+ if ( $this->showCreateAccountLink() ) {
+ # Pass any language selection on to the mode switch link
+ if ( $wgLoginLanguageSelector && $this->mLanguage ) {
+ $linkq .= '&uselang=' . $this->mLanguage;
+ }
+ // Supply URL, login template creates the button.
+ $template->set( 'createOrLoginHref', $titleObj->getLocalURL( $linkq ) );
+ } else {
+ $template->set( 'link', '' );
+ }
+
+ $resetLink = $this->isSignup()
+ ? null
+ : is_array( $wgPasswordResetRoutes )
+ && in_array( true, array_values( $wgPasswordResetRoutes ), true );
+
+ $template->set( 'header', '' );
+ $template->set( 'formheader', '' );
+ $template->set( 'skin', $this->getSkin() );
+
+ $template->set( 'name', $data->mUsername );
+ $template->set( 'password', $data->mPassword );
+ $template->set( 'retype', $data->mRetype );
+ $template->set( 'createemailset', false ); // no easy way to get that from AuthManager
+ $template->set( 'email', $data->mEmail );
+ $template->set( 'realname', $data->mRealName );
+ $template->set( 'domain', $data->mDomain );
+ $template->set( 'reason', $data->mReason );
+ $template->set( 'remember', $data->mRemember );
+
+ $template->set( 'action', $titleObj->getLocalURL( $q ) );
+ $template->set( 'message', $msg );
+ $template->set( 'messagetype', $msgType );
+ $template->set( 'createemail', $wgEnableEmail && $user->isLoggedIn() );
+ $template->set( 'userealname', !in_array( 'realname', $wgHiddenPrefs, true ) );
+ $template->set( 'useemail', $wgEnableEmail );
+ $template->set( 'emailrequired', $wgEmailConfirmToEdit );
+ $template->set( 'emailothers', $wgEnableUserEmail );
+ $template->set( 'canreset', $wgAuth->allowPasswordChange() );
+ $template->set( 'resetlink', $resetLink );
+ $template->set( 'canremember', $request->getSession()->getProvider()
+ ->getRememberUserDuration() !== null );
+ $template->set( 'usereason', $user->isLoggedIn() );
+ $template->set( 'cansecurelogin', ( $wgSecureLogin ) );
+ $template->set( 'stickhttps', (int)$this->mStickHTTPS );
+ $template->set( 'loggedin', $user->isLoggedIn() );
+ $template->set( 'loggedinuser', $user->getName() );
+ $template->set( 'token', $this->getToken()->toString() );
+
+ $action = $this->isSignup() ? 'signup' : 'login';
+ $wgAuth->modifyUITemplate( $template, $action );
+
+ $oldTemplate = $template;
+ $hookName = $this->isSignup() ? 'UserCreateForm' : 'UserLoginForm';
+ Hooks::run( $hookName, [ &$template ] );
+ if ( $oldTemplate !== $template ) {
+ wfDeprecated( "reference in $hookName hook", '1.27' );
+ }
+
+ return $template;
+
+ }
+
+ public function onAuthChangeFormFields(
+ array $requests, array $fieldInfo, array &$formDescriptor, $action
+ ) {
+ $coreFieldDescriptors = $this->getFieldDefinitions( $this->fakeTemplate );
+ $specialFields = array_merge( [ 'extraInput', 'linkcontainer' ],
+ array_keys( $this->fakeTemplate->getExtraInputDefinitions() ) );
+
+ // keep the ordering from getCoreFieldDescriptors() where there is no explicit weight
+ foreach ( $coreFieldDescriptors as $fieldName => $coreField ) {
+ $requestField = isset( $formDescriptor[$fieldName] ) ?
+ $formDescriptor[$fieldName] : [];
+
+ // remove everything that is not in the fieldinfo, is not marked as a supplemental field
+ // to something in the fieldinfo, and is not a generic or B/C field or a submit button
+ if (
+ !isset( $fieldInfo[$fieldName] )
+ && (
+ !isset( $coreField['baseField'] )
+ || !isset( $fieldInfo[$coreField['baseField']] )
+ ) && !in_array( $fieldName, $specialFields, true )
+ && $coreField['type'] !== 'submit'
+ ) {
+ $coreFieldDescriptors[$fieldName] = null;
+ continue;
+ }
+
+ // core message labels should always take priority
+ if (
+ isset( $coreField['label'] )
+ || isset( $coreField['label-message'] )
+ || isset( $coreField['label-raw'] )
+ ) {
+ unset( $requestField['label'], $requestField['label-message'], $coreField['label-raw'] );
+ }
+
+ $coreFieldDescriptors[$fieldName] += $requestField;
+ }
+
+ $formDescriptor = array_filter( $coreFieldDescriptors + $formDescriptor );
+ return true;
+ }
+
+ /**
+ * Show extra information such as password recovery information, link from login to signup,
+ * CTA etc? Such information should only be shown on the "landing page", ie. when the user
+ * is at the first step of the authentication process.
+ * @return bool
+ */
+ protected function showExtraInformation() {
+ return $this->authAction !== $this->getContinueAction( $this->authAction )
+ && !$this->securityLevel;
+ }
+
+ /**
+ * Create a HTMLForm descriptor for the core login fields.
+ * @param FakeAuthTemplate $template B/C data (not used but needed by getBCFieldDefinitions)
+ * @return array
+ */
+ protected function getFieldDefinitions( $template ) {
+ global $wgEmailConfirmToEdit;
+
+ $isLoggedIn = $this->getUser()->isLoggedIn();
+ $continuePart = $this->isContinued() ? 'continue-' : '';
+ $anotherPart = $isLoggedIn ? 'another-' : '';
+ $expiration = $this->getRequest()->getSession()->getProvider()
+ ->getRememberUserDuration();
+ $expirationDays = ceil( $expiration / ( 3600 * 24 ) );
+ $secureLoginLink = '';
+ if ( $this->mSecureLoginUrl ) {
+ $secureLoginLink = Html::element( 'a', [
+ 'href' => $this->mSecureLoginUrl,
+ 'class' => 'mw-ui-flush-right mw-secure',
+ ], $this->msg( 'userlogin-signwithsecure' )->text() );
+ }
+
+ if ( $this->isSignup() ) {
+ $fieldDefinitions = [
+ 'username' => [
+ 'label-message' => 'userlogin-yourname',
+ // FIXME help-message does not match old formatting
+ 'help-message' => 'createacct-helpusername',
+ 'id' => 'wpName2',
+ 'placeholder-message' => $isLoggedIn ? 'createacct-another-username-ph'
+ : 'userlogin-yourname-ph',
+ ],
+ 'mailpassword' => [
+ // create account without providing password, a temporary one will be mailed
+ 'type' => 'check',
+ 'label-message' => 'createaccountmail',
+ 'name' => 'wpCreateaccountMail',
+ 'id' => 'wpCreateaccountMail',
+ ],
+ 'password' => [
+ 'id' => 'wpPassword2',
+ 'placeholder-message' => 'createacct-yourpassword-ph',
+ 'hide-if' => [ '===', 'wpCreateaccountMail', '1' ],
+ ],
+ 'domain' => [],
+ 'retype' => [
+ 'baseField' => 'password',
+ 'type' => 'password',
+ 'label-message' => 'createacct-yourpasswordagain',
+ 'id' => 'wpRetype',
+ 'cssclass' => 'loginPassword',
+ 'size' => 20,
+ 'validation-callback' => function ( $value, $alldata ) {
+ if ( empty( $alldata['mailpassword'] ) && !empty( $alldata['password'] ) ) {
+ if ( !$value ) {
+ return $this->msg( 'htmlform-required' );
+ } elseif ( $value !== $alldata['password'] ) {
+ return $this->msg( 'badretype' );
+ }
+ }
+ return true;
+ },
+ 'hide-if' => [ '===', 'wpCreateaccountMail', '1' ],
+ 'placeholder-message' => 'createacct-yourpasswordagain-ph',
+ ],
+ 'email' => [
+ 'type' => 'email',
+ 'label-message' => $wgEmailConfirmToEdit ? 'createacct-emailrequired'
+ : 'createacct-emailoptional',
+ 'id' => 'wpEmail',
+ 'cssclass' => 'loginText',
+ 'size' => '20',
+ // FIXME will break non-standard providers
+ 'required' => $wgEmailConfirmToEdit,
+ 'validation-callback' => function ( $value, $alldata ) {
+ global $wgEmailConfirmToEdit;
+
+ // AuthManager will check most of these, but that will make the auth
+ // session fail and this won't, so nicer to do it this way
+ if ( !$value && $wgEmailConfirmToEdit ) {
+ // no point in allowing registration without email when email is
+ // required to edit
+ return $this->msg( 'noemailtitle' );
+ } elseif ( !$value && !empty( $alldata['mailpassword'] ) ) {
+ // cannot send password via email when there is no email address
+ return $this->msg( 'noemailcreate' );
+ } elseif ( $value && !Sanitizer::validateEmail( $value ) ) {
+ return $this->msg( 'invalidemailaddress' );
+ }
+ return true;
+ },
+ 'placeholder-message' => 'createacct-' . $anotherPart . 'email-ph',
+ ],
+ 'realname' => [
+ 'type' => 'text',
+ 'help-message' => $isLoggedIn ? 'createacct-another-realname-tip'
+ : 'prefs-help-realname',
+ 'label-message' => 'createacct-realname',
+ 'cssclass' => 'loginText',
+ 'size' => 20,
+ 'id' => 'wpRealName',
+ ],
+ 'reason' => [
+ // comment for the user creation log
+ 'type' => 'text',
+ 'label-message' => 'createacct-reason',
+ 'cssclass' => 'loginText',
+ 'id' => 'wpReason',
+ 'size' => '20',
+ 'placeholder-message' => 'createacct-reason-ph',
+ ],
+ 'extrainput' => [], // placeholder for fields coming from the template
+ 'createaccount' => [
+ // submit button
+ 'type' => 'submit',
+ 'default' => $this->msg( 'createacct-' . $anotherPart . $continuePart .
+ 'submit' )->text(),
+ 'name' => 'wpCreateaccount',
+ 'id' => 'wpCreateaccount',
+ 'weight' => 100,
+ ],
+ ];
+ } else {
+ $fieldDefinitions = [
+ 'username' => [
+ 'label-raw' => $this->msg( 'userlogin-yourname' )->escaped() . $secureLoginLink,
+ 'id' => 'wpName1',
+ 'placeholder-message' => 'userlogin-yourname-ph',
+ ],
+ 'password' => [
+ 'id' => 'wpPassword1',
+ 'placeholder-message' => 'userlogin-yourpassword-ph',
+ ],
+ 'domain' => [],
+ 'extrainput' => [],
+ 'rememberMe' => [
+ // option for saving the user token to a cookie
+ 'type' => 'check',
+ 'label-message' => $this->msg( 'userlogin-remembermypassword' )
+ ->numParams( $expirationDays ),
+ 'id' => 'wpRemember',
+ ],
+ 'loginattempt' => [
+ // submit button
+ 'type' => 'submit',
+ 'name' => 'wpRemember',
+ 'default' => $this->msg( 'pt-login-' . $continuePart . 'button' )->text(),
+ 'id' => 'wpLoginAttempt',
+ 'weight' => 100,
+ ],
+ 'linkcontainer' => [
+ // help link
+ 'type' => 'info',
+ 'cssclass' => 'mw-form-related-link-container',
+ 'id' => 'mw-userlogin-help',
+ 'raw' => true,
+ 'default' => Html::element( 'a', [
+ 'href' => Skin::makeInternalOrExternalUrl( wfMessage( 'helplogin-url' )
+ ->inContentLanguage()
+ ->text() ),
+ ], $this->msg( 'userlogin-helplink2' )->text() ),
+ 'weight' => 200,
+ ],
+ ];
+ }
+ $fieldDefinitions['username'] += [
+ 'type' => 'text',
+ 'name' => 'wpName',
+ 'cssclass' => 'loginText',
+ 'size' => 20,
+ // 'required' => true,
+ ];
+ $fieldDefinitions['password'] += [
+ 'type' => 'password',
+ // 'label-message' => 'userlogin-yourpassword', // would override the changepassword label
+ 'name' => 'wpPassword',
+ 'cssclass' => 'loginPassword',
+ 'size' => 20,
+ // 'required' => true,
+ ];
+
+ if ( !$this->showExtraInformation() ) {
+ unset( $fieldDefinitions['linkcontainer'] );
+ }
+
+ $fieldDefinitions = $this->getBCFieldDefinitions( $fieldDefinitions, $template );
+ $fieldDefinitions = array_filter( $fieldDefinitions );
+
+ return $fieldDefinitions;
+ }
+
+ /**
+ * Adds fields provided via the deprecated UserLoginForm / UserCreateForm hooks
+ * @param $fieldDefinitions array
+ * @param FakeAuthTemplate $template
+ * @return array
+ */
+ protected function getBCFieldDefinitions( $fieldDefinitions, $template ) {
+ if ( $template->get( 'usedomain', false ) ) {
+ // TODO probably should be translated to the new domain notation in AuthManager
+ $fieldDefinitions['domain'] = [
+ 'type' => 'select',
+ 'label-message' => 'yourdomainname',
+ 'options' => array_combine( $template->get( 'domainnames', [] ),
+ $template->get( 'domainnames', [] ) ),
+ 'default' => $template->get( 'domain', '' ),
+ 'name' => 'wpDomain',
+ // FIXME id => 'mw-user-domain-section' on the parent div
+ ];
+ }
+
+ // poor man's associative array_splice
+ $extraInputPos = array_search( 'extrainput', array_keys( $fieldDefinitions ), true );
+ $fieldDefinitions = array_slice( $fieldDefinitions, 0, $extraInputPos, true )
+ + $template->getExtraInputDefinitions()
+ + array_slice( $fieldDefinitions, $extraInputPos + 1, null, true );
+
+ return $fieldDefinitions;
+ }
+
+ /**
+ * Check if a session cookie is present.
+ *
+ * This will not pick up a cookie set during _this_ request, but is meant
+ * to ensure that the client is returning the cookie which was set on a
+ * previous pass through the system.
+ *
+ * @return bool
+ */
+ protected function hasSessionCookie() {
+ global $wgDisableCookieCheck, $wgInitialSessionId;
+
+ return $wgDisableCookieCheck || (
+ $wgInitialSessionId &&
+ $this->getRequest()->getSession()->getId() === (string)$wgInitialSessionId
+ );
+ }
+
+ /**
+ * Returns a string that can be appended to the URL (without encoding) to preserve the
+ * return target. Does not include leading '?'/'&'.
+ */
+ protected function getReturnToQueryStringFragment() {
+ $returnto = '';
+ if ( $this->mReturnTo !== '' ) {
+ $returnto = 'returnto=' . wfUrlencode( $this->mReturnTo );
+ if ( $this->mReturnToQuery !== '' ) {
+ $returnto .= '&returntoquery=' . wfUrlencode( $this->mReturnToQuery );
+ }
+ }
+ return $returnto;
+ }
+
+ /**
+ * Whether the login/create account form should display a link to the
+ * other form (in addition to whatever the skin provides).
+ * @return bool
+ */
+ private function showCreateAccountLink() {
+ if ( $this->isSignup() ) {
+ return true;
+ } elseif ( $this->getUser()->isAllowed( 'createaccount' ) ) {
+ return true;
+ } else {
+ return false;
+ }
+ }
+
+ protected function getTokenName() {
+ return $this->isSignup() ? 'wpCreateaccountToken' : 'wpLoginToken';
+ }
+
+ /**
+ * Produce a bar of links which allow the user to select another language
+ * during login/registration but retain "returnto"
+ *
+ * @return string
+ */
+ protected function makeLanguageSelector() {
+ $msg = $this->msg( 'loginlanguagelinks' )->inContentLanguage();
+ if ( $msg->isBlank() ) {
+ return '';
+ }
+ $langs = explode( "\n", $msg->text() );
+ $links = [];
+ foreach ( $langs as $lang ) {
+ $lang = trim( $lang, '* ' );
+ $parts = explode( '|', $lang );
+ if ( count( $parts ) >= 2 ) {
+ $links[] = $this->makeLanguageSelectorLink( $parts[0], trim( $parts[1] ) );
+ }
+ }
+
+ return count( $links ) > 0 ? $this->msg( 'loginlanguagelabel' )->rawParams(
+ $this->getLanguage()->pipeList( $links ) )->escaped() : '';
+ }
+
+ /**
+ * Create a language selector link for a particular language
+ * Links back to this page preserving type and returnto
+ *
+ * @param string $text Link text
+ * @param string $lang Language code
+ * @return string
+ */
+ protected function makeLanguageSelectorLink( $text, $lang ) {
+ if ( $this->getLanguage()->getCode() == $lang ) {
+ // no link for currently used language
+ return htmlspecialchars( $text );
+ }
+ $query = [ 'uselang' => $lang ];
+ if ( $this->mReturnTo !== '' ) {
+ $query['returnto'] = $this->mReturnTo;
+ $query['returntoquery'] = $this->mReturnToQuery;
+ }
+
+ $attr = [];
+ $targetLanguage = Language::factory( $lang );
+ $attr['lang'] = $attr['hreflang'] = $targetLanguage->getHtmlCode();
+
+ return Linker::linkKnown(
+ $this->getPageTitle(),
+ htmlspecialchars( $text ),
+ $attr,
+ $query
+ );
+ }
+
+ protected function getGroupName() {
+ return 'login';
+ }
+
+ /**
+ * @param array $formDescriptor
+ */
+ protected function postProcessFormDescriptor( &$formDescriptor ) {
+ // Pre-fill username (if not creating an account, T46775).
+ if (
+ isset( $formDescriptor['username'] ) &&
+ !isset( $formDescriptor['username']['default'] ) &&
+ !$this->isSignup()
+ ) {
+ $user = $this->getUser();
+ if ( $user->isLoggedIn() ) {
+ $formDescriptor['username']['default'] = $user->getName();
+ } else {
+ $formDescriptor['username']['default'] =
+ $this->getRequest()->getSession()->suggestLoginUsername();
+ }
+ }
+
+ // don't show a submit button if there is nothing to submit (i.e. the only form content
+ // is other submit buttons, for redirect flows)
+ if ( !$this->needsSubmitButton( $formDescriptor ) ) {
+ unset( $formDescriptor['createaccount'], $formDescriptor['loginattempt'] );
+ }
+
+ if ( !$this->isSignup() ) {
+ // FIXME HACK don't focus on non-empty field
+ // maybe there should be an autofocus-if similar to hide-if?
+ if (
+ isset( $formDescriptor['username'] )
+ && empty( $formDescriptor['username']['default'] )
+ && !$this->getRequest()->getCheck( 'wpName' )
+ ) {
+ $formDescriptor['username']['autofocus'] = true;
+ } elseif ( isset( $formDescriptor['password'] ) ) {
+ $formDescriptor['password']['autofocus'] = true;
+ }
+ }
+
+ $this->addTabIndex( $formDescriptor );
+ }
+}
+
+/**
+ * B/C class to try handling login/signup template modifications even though login/signup does not
+ * actually happen through a template anymore. Just collects extra field definitions and allows
+ * some other class to do decide what to do with threm..
+ * TODO find the right place for adding extra fields and kill this
+ */
+class FakeAuthTemplate extends BaseTemplate {
+ public function execute() {
+ throw new LogicException( 'not used' );
+ }
+
+ /**
+ * Extensions (AntiSpoof and TitleBlacklist) call this in response to
+ * UserCreateForm hook to add checkboxes to the create account form.
+ */
+ public function addInputItem( $name, $value, $type, $msg, $helptext = false ) {
+ // use the same indexes as UserCreateForm just in case someone adds an item manually
+ $this->data['extrainput'][] = [
+ 'name' => $name,
+ 'value' => $value,
+ 'type' => $type,
+ 'msg' => $msg,
+ 'helptext' => $helptext,
+ ];
+ }
+
+ /**
+ * Turns addInputItem-style field definitions into HTMLForm field definitions.
+ * @return array
+ */
+ public function getExtraInputDefinitions() {
+ $definitions = [];
+
+ foreach ( $this->get( 'extrainput', [] ) as $field ) {
+ $definition = [
+ 'type' => $field['type'] === 'checkbox' ? 'check' : $field['type'],
+ 'name' => $field['name'],
+ 'value' => $field['value'],
+ 'id' => $field['name'],
+ ];
+ if ( $field['msg'] ) {
+ $definition['label-message'] = $this->getMsg( $field['msg'] );
+ }
+ if ( $field['helptext'] ) {
+ $definition['help'] = $this->msgWiki( $field['helptext'] );
+ }
+
+ // the array key doesn't matter much when name is defined explicitly but
+ // let's try and follow HTMLForm conventions
+ $name = preg_replace( '/^wp(?=[A-Z])/', '', $field['name'] );
+ $definitions[$name] = $definition;
+ }
+
+ if ( $this->haveData( 'extrafields' ) ) {
+ $definitions['extrafields'] = [
+ 'type' => 'info',
+ 'raw' => true,
+ 'default' => $this->get( 'extrafields' ),
+ ];
+ }
+
+ return $definitions;
+ }
+}
+
+/**
+ * A horrible hack to handle AuthManager's feature flag. For other special pages this is done in
+ * SpecialPageFactory, but LoginForm is used directly by some extensions. Will be killed as soon
+ * as AuthManager is stable.
+ */
+class LoginForm extends SpecialPage {
+ private $realLoginForm;
+
+ public function __construct( $request = null ) {
+ global $wgDisableAuthManager;
+ if ( $wgDisableAuthManager ) {
+ $this->realLoginForm = new LoginFormPreAuthManager( $request );
+ } else {
+ $this->realLoginForm = new LoginFormAuthManager( $request );
+ }
+ }
+
+ // proxy everything
+
+ public function __get( $name ) {
+ return $this->realLoginForm->$name;
+ }
+
+ public function __set( $name, $value ) {
+ $this->realLoginForm->$name = $value;
+ }
+
+ public function __call( $name, $args ) {
+ return call_user_func_array( [ $this->realLoginForm, $name ], $args );
+ }
+
+ public static function __callStatic( $name, $args ) {
+ global $wgDisableAuthManager;
+ return call_user_func_array( [ $wgDisableAuthManager ? LoginFormPreAuthManager::class
+ : LoginFormAuthManager::class, $name ], $args );
+ }
+
+ // all public SpecialPage methods need to be proxied explicitly
+
+ public function getName() {
+ return call_user_func_array( [ $this->realLoginForm, __FUNCTION__ ], func_get_args() );
+ }
+ public function getRestriction() {
+ return call_user_func_array( [ $this->realLoginForm, __FUNCTION__ ], func_get_args() );
+ }
+ public function isListed() {
+ return call_user_func_array( [ $this->realLoginForm, __FUNCTION__ ], func_get_args() );
+ }
+ public function setListed( $listed ) {
+ return call_user_func_array( [ $this->realLoginForm, __FUNCTION__ ], func_get_args() );
+ }
+ public function listed( $x = null ) {
+ return call_user_func_array( [ $this->realLoginForm, __FUNCTION__ ], func_get_args() );
+ }
+ public function isIncludable() {
+ return call_user_func_array( [ $this->realLoginForm, __FUNCTION__ ], func_get_args() );
+ }
+ public function including( $x = null ) {
+ return call_user_func_array( [ $this->realLoginForm, __FUNCTION__ ], func_get_args() );
+ }
+ public function getLocalName() {
+ return call_user_func_array( [ $this->realLoginForm, __FUNCTION__ ], func_get_args() );
+ }
+ public function isExpensive() {
+ return call_user_func_array( [ $this->realLoginForm, __FUNCTION__ ], func_get_args() );
+ }
+ public function isCached() {
+ return call_user_func_array( [ $this->realLoginForm, __FUNCTION__ ], func_get_args() );
+ }
+ public function isRestricted() {
+ return call_user_func_array( [ $this->realLoginForm, __FUNCTION__ ], func_get_args() );
+ }
+ public function userCanExecute( User $user ) {
+ return call_user_func_array( [ $this->realLoginForm, __FUNCTION__ ], func_get_args() );
+ }
+ public function displayRestrictionError() {
+ return call_user_func_array( [ $this->realLoginForm, __FUNCTION__ ], func_get_args() );
+ }
+ public function checkPermissions() {
+ return call_user_func_array( [ $this->realLoginForm, __FUNCTION__ ], func_get_args() );
+ }
+ public function checkReadOnly() {
+ return call_user_func_array( [ $this->realLoginForm, __FUNCTION__ ], func_get_args() );
+ }
+ public function requireLogin(
+ $reasonMsg = 'exception-nologin-text', $titleMsg = 'exception-nologin'
+ ) {
+ return call_user_func_array( [ $this->realLoginForm, __FUNCTION__ ], func_get_args() );
+ }
+ public function prefixSearchSubpages( $search, $limit, $offset ) {
+ return call_user_func_array( [ $this->realLoginForm, __FUNCTION__ ], func_get_args() );
+ }
+ public function execute( $subPage ) {
+ return call_user_func_array( [ $this->realLoginForm, __FUNCTION__ ], func_get_args() );
+ }
+ public function getDescription() {
+ return call_user_func_array( [ $this->realLoginForm, __FUNCTION__ ], func_get_args() );
+ }
+ function getTitle( $subpage = false ) {
+ return call_user_func_array( [ $this->realLoginForm, __FUNCTION__ ], func_get_args() );
+ }
+ function getPageTitle( $subpage = false ) {
+ return call_user_func_array( [ $this->realLoginForm, __FUNCTION__ ], func_get_args() );
+ }
+ public function setContext( $context ) {
+ return call_user_func_array( [ $this->realLoginForm, __FUNCTION__ ], func_get_args() );
+ }
+ public function getContext() {
+ return call_user_func_array( [ $this->realLoginForm, __FUNCTION__ ], func_get_args() );
+ }
+ public function getRequest() {
+ return call_user_func_array( [ $this->realLoginForm, __FUNCTION__ ], func_get_args() );
+ }
+ public function getOutput() {
+ return call_user_func_array( [ $this->realLoginForm, __FUNCTION__ ], func_get_args() );
+ }
+ public function getUser() {
+ return call_user_func_array( [ $this->realLoginForm, __FUNCTION__ ], func_get_args() );
+ }
+ public function getSkin() {
+ return call_user_func_array( [ $this->realLoginForm, __FUNCTION__ ], func_get_args() );
+ }
+ public function getLanguage() {
+ return call_user_func_array( [ $this->realLoginForm, __FUNCTION__ ], func_get_args() );
+ }
+ public function getConfig() {
+ return call_user_func_array( [ $this->realLoginForm, __FUNCTION__ ], func_get_args() );
+ }
+ public function getFullTitle() {
+ return call_user_func_array( [ $this->realLoginForm, __FUNCTION__ ], func_get_args() );
+ }
+ public function getFinalGroupName() {
+ return call_user_func_array( [ $this->realLoginForm, __FUNCTION__ ], func_get_args() );
+ }
+ public function doesWrites() {
+ return call_user_func_array( [ $this->realLoginForm, __FUNCTION__ ], func_get_args() );
+ }
+
+ // no way to proxy constants and static properties
+
+ const SUCCESS = 0;
+ const NO_NAME = 1;
+ const ILLEGAL = 2;
+ const WRONG_PLUGIN_PASS = 3;
+ const NOT_EXISTS = 4;
+ const WRONG_PASS = 5;
+ const EMPTY_PASS = 6;
+ const RESET_PASS = 7;
+ const ABORTED = 8;
+ const CREATE_BLOCKED = 9;
+ const THROTTLED = 10;
+ const USER_BLOCKED = 11;
+ const NEED_TOKEN = 12;
+ const WRONG_TOKEN = 13;
+ const USER_MIGRATED = 14;
+
+ public static $statusCodes = [
+ self::SUCCESS => 'success',
+ self::NO_NAME => 'no_name',
+ self::ILLEGAL => 'illegal',
+ self::WRONG_PLUGIN_PASS => 'wrong_plugin_pass',
+ self::NOT_EXISTS => 'not_exists',
+ self::WRONG_PASS => 'wrong_pass',
+ self::EMPTY_PASS => 'empty_pass',
+ self::RESET_PASS => 'reset_pass',
+ self::ABORTED => 'aborted',
+ self::CREATE_BLOCKED => 'create_blocked',
+ self::THROTTLED => 'throttled',
+ self::USER_BLOCKED => 'user_blocked',
+ self::NEED_TOKEN => 'need_token',
+ self::WRONG_TOKEN => 'wrong_token',
+ self::USER_MIGRATED => 'user_migrated',
+ ];
+
+ public static $validErrorMessages = [
+ 'exception-nologin-text',
+ 'watchlistanontext',
+ 'changeemail-no-info',
+ 'resetpass-no-info',
+ 'confirmemail_needlogin',
+ 'prefsnologintext2',
+ ];
+}
+
+/**
+ * LoginForm as a special page has been replaced by SpecialUserLogin and SpecialCreateAccount,
+ * but some extensions called its public methods directly, so the class is retained as a
+ * B/C wrapper. Anything that used it before should use AuthManager instead.
+ */
+class LoginFormAuthManager extends SpecialPage {
+ const SUCCESS = 0;
+ const NO_NAME = 1;
+ const ILLEGAL = 2;
+ const WRONG_PLUGIN_PASS = 3;
+ const NOT_EXISTS = 4;
+ const WRONG_PASS = 5;
+ const EMPTY_PASS = 6;
+ const RESET_PASS = 7;
+ const ABORTED = 8;
+ const CREATE_BLOCKED = 9;
+ const THROTTLED = 10;
+ const USER_BLOCKED = 11;
+ const NEED_TOKEN = 12;
+ const WRONG_TOKEN = 13;
+ const USER_MIGRATED = 14;
+
+ public static $statusCodes = [
+ self::SUCCESS => 'success',
+ self::NO_NAME => 'no_name',
+ self::ILLEGAL => 'illegal',
+ self::WRONG_PLUGIN_PASS => 'wrong_plugin_pass',
+ self::NOT_EXISTS => 'not_exists',
+ self::WRONG_PASS => 'wrong_pass',
+ self::EMPTY_PASS => 'empty_pass',
+ self::RESET_PASS => 'reset_pass',
+ self::ABORTED => 'aborted',
+ self::CREATE_BLOCKED => 'create_blocked',
+ self::THROTTLED => 'throttled',
+ self::USER_BLOCKED => 'user_blocked',
+ self::NEED_TOKEN => 'need_token',
+ self::WRONG_TOKEN => 'wrong_token',
+ self::USER_MIGRATED => 'user_migrated',
+ ];
+
+ /**
+ * @param WebRequest $request
+ */
+ public function __construct( $request = null ) {
+ wfDeprecated( 'LoginForm', '1.27' );
+ parent::__construct();
+ }
+
+ /**
+ * @deprecated since 1.27 - call LoginHelper::getValidErrorMessages instead.
+ */
+ public static function getValidErrorMessages() {
+ return LoginHelper::getValidErrorMessages();
+ }
+
+ /**
+ * @deprecated since 1.27 - don't use LoginForm, use AuthManager instead
+ */
+ public static function incrementLoginThrottle( $username ) {
+ wfDeprecated( __METHOD__, "1.27" );
+ global $wgRequest;
+ $username = User::getCanonicalName( $username, 'usable' ) ?: $username;
+ $throttler = new Throttler();
+ return $throttler->increase( $username, $wgRequest->getIP(), __METHOD__ );
+ }
+
+ /**
+ * @deprecated since 1.27 - don't use LoginForm, use AuthManager instead
+ */
+ public static function incLoginThrottle( $username ) {
+ wfDeprecated( __METHOD__, "1.27" );
+ $res = self::incrementLoginThrottle( $username );
+ return is_array( $res ) ? true : 0;
+ }
+
+ /**
+ * @deprecated since 1.27 - don't use LoginForm, use AuthManager instead
+ */
+ public static function clearLoginThrottle( $username ) {
+ wfDeprecated( __METHOD__, "1.27" );
+ global $wgRequest;
+ $username = User::getCanonicalName( $username, 'usable' ) ?: $username;
+ $throttler = new Throttler();
+ return $throttler->clear( $username, $wgRequest->getIP() );
+ }
+
+ /**
+ * @deprecated since 1.27 - don't use LoginForm, use AuthManager instead
+ */
+ public static function getLoginToken() {
+ wfDeprecated( __METHOD__, '1.27' );
+ global $wgRequest;
+ return $wgRequest->getSession()->getToken( '', 'login' )->toString();
+ }
+
+ /**
+ * @deprecated since 1.27 - don't use LoginForm, use AuthManager instead
+ */
+ public static function setLoginToken() {
+ wfDeprecated( __METHOD__, '1.27' );
+ }
+
+ /**
+ * @deprecated since 1.27 - don't use LoginForm, use AuthManager instead
+ */
+ public static function clearLoginToken() {
+ wfDeprecated( __METHOD__, '1.27' );
+ global $wgRequest;
+ $wgRequest->getSession()->resetToken( 'login' );
+ }
+
+ /**
+ * @deprecated since 1.27 - don't use LoginForm, use AuthManager instead
+ */
+ public static function getCreateaccountToken() {
+ wfDeprecated( __METHOD__, '1.27' );
+ global $wgRequest;
+ return $wgRequest->getSession()->getToken( '', 'createaccount' )->toString();
+ }
+
+ /**
+ * @deprecated since 1.27 - don't use LoginForm, use AuthManager instead
+ */
+ public static function setCreateaccountToken() {
+ wfDeprecated( __METHOD__, '1.27' );
+ }
+
+ /**
+ * @deprecated since 1.27 - don't use LoginForm, use AuthManager instead
+ */
+ public static function clearCreateaccountToken() {
+ wfDeprecated( __METHOD__, '1.27' );
+ global $wgRequest;
+ $wgRequest->getSession()->resetToken( 'createaccount' );
+ }
+}
* @ingroup SpecialPage
*/
+use MediaWiki\Auth\AuthManager;
+
/**
* Parent class for all special pages.
*
}
}
+ /**
+ * Tells if the special page does something security-sensitive and needs extra defense against
+ * a stolen account (e.g. a reauthentication). What exactly that will mean is decided by the
+ * authentication framework.
+ * @return bool|string False or the argument for AuthManager::securitySensitiveOperationStatus().
+ * Typically a special page needing elevated security would return its name here.
+ */
+ protected function getLoginSecurityLevel() {
+ return false;
+ }
+
+ /**
+ * Verifies that the user meets the security level, possibly reauthenticating them in the process.
+ *
+ * This should be used when the page does something security-sensitive and needs extra defense
+ * against a stolen account (e.g. a reauthentication). The authentication framework will make
+ * an extra effort to make sure the user account is not compromised. What that exactly means
+ * will depend on the system and user settings; e.g. the user might be required to log in again
+ * unless their last login happened recently, or they might be given a second-factor challenge.
+ *
+ * Calling this method will result in one if these actions:
+ * - return true: all good.
+ * - return false and set a redirect: caller should abort; the redirect will take the user
+ * to the login page for reauthentication, and back.
+ * - throw an exception if there is no way for the user to meet the requirements without using
+ * a different access method (e.g. this functionality is only available from a specific IP).
+ *
+ * Note that this does not in any way check that the user is authorized to use this special page
+ * (use checkPermissions() for that).
+ *
+ * @param string $level A security level. Can be an arbitrary string, defaults to the page name.
+ * @return bool False means a redirect to the reauthentication page has been set and processing
+ * of the special page should be aborted.
+ * @throws ErrorPageError If the security level cannot be met, even with reauthentication.
+ */
+ protected function checkLoginSecurityLevel( $level = null ) {
+ $level = $level ?: $this->getName();
+ $securityStatus = AuthManager::singleton()->securitySensitiveOperationStatus( $level );
+ if ( $securityStatus === AuthManager::SEC_OK ) {
+ return true;
+ } elseif ( $securityStatus === AuthManager::SEC_REAUTH ) {
+ $request = $this->getRequest();
+ $title = SpecialPage::getTitleFor( 'Userlogin' );
+ $query = [
+ 'returnto' => $this->getFullTitle()->getPrefixedDBkey(),
+ 'returntoquery' => wfArrayToCgi( array_diff_key( $request->getQueryValues(),
+ [ 'title' => true ] ) ),
+ 'force' => $level,
+ ];
+ $url = $title->getFullURL( $query, false, PROTO_HTTPS );
+
+ $this->getOutput()->redirect( $url );
+ return false;
+ }
+
+ $titleMessage = wfMessage( 'specialpage-securitylevel-not-allowed-title' );
+ $errorMessage = wfMessage( 'specialpage-securitylevel-not-allowed' );
+ throw new ErrorPageError( $titleMessage, $errorMessage );
+ }
+
/**
* Return an array of subpages beginning with $search that this special page will accept.
*
public function execute( $subPage ) {
$this->setHeaders();
$this->checkPermissions();
+ $this->checkLoginSecurityLevel( $this->getLoginSecurityLevel() );
$this->outputHeader();
}
'PagesWithProp' => 'SpecialPagesWithProp',
'TrackingCategories' => 'SpecialTrackingCategories',
- // Login/create account
- 'Userlogin' => 'LoginForm',
- 'CreateAccount' => 'SpecialCreateAccount',
+ // Authentication
+ 'Userlogin' => 'SpecialUserLogin',
+ 'Userlogout' => 'SpecialUserLogoutPreAuthManager',
+ 'CreateAccount' => 'SpecialCreateAccountPreAuthManager',
+ 'LinkAccounts' => 'SpecialLinkAccounts',
+ 'UnlinkAccounts' => 'SpecialUnlinkAccounts',
+ 'ChangeCredentials' => 'SpecialChangeCredentials',
+ 'RemoveCredentials' => 'SpecialRemoveCredentials',
// Users and rights
'Activeusers' => 'SpecialActiveUsers',
'Block' => 'SpecialBlock',
'Unblock' => 'SpecialUnblock',
'BlockList' => 'SpecialBlockList',
- 'ChangePassword' => 'SpecialChangePassword',
+ 'ChangePassword' => 'SpecialChangePasswordPreAuthManager',
'BotPasswords' => 'SpecialBotPasswords',
- 'PasswordReset' => 'SpecialPasswordReset',
+ 'PasswordReset' => 'SpecialPasswordResetPreAuthManager',
'DeletedContributions' => 'DeletedContributionsPage',
'Preferences' => 'SpecialPreferences',
'ResetTokens' => 'SpecialResetTokens',
'Revisiondelete' => 'SpecialRevisionDelete',
'RunJobs' => 'SpecialRunJobs',
'Specialpages' => 'SpecialSpecialpages',
- 'Userlogout' => 'SpecialUserlogout',
];
private static $list;
global $wgDisableInternalSearch, $wgEmailAuthentication;
global $wgEnableEmail, $wgEnableJavaScriptTest;
global $wgPageLanguageUseDB, $wgContentHandlerUseDB;
+ global $wgDisableAuthManager;
if ( !is_array( self::$list ) ) {
}
if ( $wgEnableEmail ) {
- self::$list['ChangeEmail'] = 'SpecialChangeEmail';
+ self::$list['ChangeEmail'] = 'SpecialChangeEmailPreAuthManager';
}
if ( $wgEnableJavaScriptTest ) {
self::$list['ChangeContentModel'] = 'SpecialChangeContentModel';
}
+ // horrible hack to allow selection between old and new classes via a feature flag - T110756
+ // will be removed once AuthManager is stable
+ if ( !$wgDisableAuthManager ) {
+ self::$list = array_map( function ( $class ) {
+ return preg_replace( '/PreAuthManager$/', '', $class );
+ }, self::$list );
+ } else {
+ self::$list['Userlogin'] = 'LoginForm';
+ self::$list = array_diff_key( self::$list, array_fill_keys( [
+ 'LinkAccounts', 'UnlinkAccounts', 'ChangeCredentials', 'RemoveCredentials',
+ ], true ) );
+ }
+
// Add extension special pages
self::$list = array_merge( self::$list, $wgSpecialPages );
--- /dev/null
+<?php
+
+use MediaWiki\Auth\AuthenticationRequest;
+use MediaWiki\Auth\AuthenticationResponse;
+use MediaWiki\Auth\AuthManager;
+use MediaWiki\Session\SessionManager;
+
+/**
+ * Special change to change credentials (such as the password).
+ *
+ * Also does most of the work for SpecialRemoveCredentials.
+ */
+class SpecialChangeCredentials extends AuthManagerSpecialPage {
+ protected static $allowedActions = [ AuthManager::ACTION_CHANGE ];
+
+ protected static $messagePrefix = 'changecredentials';
+
+ /** Change action needs user data; remove action does not */
+ protected static $loadUserData = true;
+
+ public function __construct( $name = 'ChangeCredentials' ) {
+ parent::__construct( $name, 'editmyprivateinfo' );
+ }
+
+ protected function getGroupName() {
+ return 'users';
+ }
+
+ public function isListed() {
+ $this->loadAuth( '' );
+ return (bool)$this->authRequests;
+ }
+
+ public function doesWrites() {
+ return true;
+ }
+
+ protected function getDefaultAction( $subPage ) {
+ return AuthManager::ACTION_CHANGE;
+ }
+
+ protected function getPreservedParams( $withToken = false ) {
+ $request = $this->getRequest();
+ $params = parent::getPreservedParams( $withToken );
+ $params += [
+ 'returnto' => $request->getVal( 'returnto' ),
+ 'returntoquery' => $request->getVal( 'returntoquery' ),
+ ];
+ return $params;
+ }
+
+ public function onAuthChangeFormFields(
+ array $requests, array $fieldInfo, array &$formDescriptor, $action
+ ) {
+ // This method is never called for remove actions.
+
+ $extraFields = [];
+ Hooks::run( 'ChangePasswordForm', [ &$extraFields ], '1.27' );
+ foreach ( $extraFields as $extra ) {
+ list( $name, $label, $type, $default ) = $extra;
+ $formDescriptor[$name] = [
+ 'type' => $type,
+ 'name' => $name,
+ 'label-message' => $label,
+ 'default' => $default,
+ ];
+
+ }
+
+ return parent::onAuthChangeFormFields( $requests, $fieldInfo, $formDescriptor, $action );
+ }
+
+ public function execute( $subPage ) {
+ $this->setHeaders();
+ $this->outputHeader();
+
+ $this->loadAuth( $subPage );
+
+ if ( !$subPage ) {
+ $this->showSubpageList();
+ return;
+ }
+
+ if ( $this->getRequest()->getCheck( 'wpCancel' ) ) {
+ $returnUrl = $this->getReturnUrl() ?: Title::newMainPage()->getFullURL();
+ $this->getOutput()->redirect( $returnUrl );
+ return;
+ }
+
+ if ( !$this->authRequests ) {
+ // messages used: changecredentials-invalidsubpage, removecredentials-invalidsubpage
+ $this->showSubpageList( $this->msg( static::$messagePrefix . '-invalidsubpage', $subPage ) );
+ return;
+ }
+
+ $status = $this->trySubmit();
+
+ if ( $status === false || !$status->isOK() ) {
+ $this->displayForm( $status );
+ return;
+ }
+
+ $response = $status->getValue();
+
+ switch ( $response->status ) {
+ case AuthenticationResponse::PASS:
+ $this->success();
+ break;
+ case AuthenticationResponse::FAIL:
+ $this->displayForm( Status::newFatal( $response->message ) );
+ break;
+ default:
+ throw new LogicException( 'invalid AuthenticationResponse' );
+ }
+ }
+
+ protected function loadAuth( $subPage, $authAction = null, $reset = false ) {
+ parent::loadAuth( $subPage, $authAction );
+ if ( $subPage ) {
+ $this->authRequests = array_filter( $this->authRequests, function ( $req ) use ( $subPage ) {
+ return $req->getUniqueId() === $subPage;
+ } );
+ if ( count( $this->authRequests ) > 1 ) {
+ throw new LogicException( 'Multiple AuthenticationRequest objects with same ID!' );
+ }
+ }
+ }
+
+ protected function getAuthFormDescriptor( $requests, $action ) {
+ if ( !static::$loadUserData ) {
+ return [];
+ } else {
+ return parent::getAuthFormDescriptor( $requests, $action );
+ }
+ }
+
+ protected function getAuthForm( array $requests, $action ) {
+ $form = parent::getAuthForm( $requests, $action );
+ $req = reset( $requests );
+ $info = $req->describeCredentials();
+
+ $form->addPreText(
+ Html::openElement( 'dl' )
+ . Html::element( 'dt', [], wfMessage( 'credentialsform-provider' ) )
+ . Html::element( 'dd', [], $info['provider'] )
+ . Html::element( 'dt', [], wfMessage( 'credentialsform-account' ) )
+ . Html::element( 'dd', [], $info['account'] )
+ . Html::closeElement( 'dl' )
+ );
+
+ // messages used: changecredentials-submit removecredentials-submit
+ // changecredentials-submit-cancel removecredentials-submit-cancel
+ $form->setSubmitTextMsg( static::$messagePrefix . '-submit' );
+ $form->addButton( [
+ 'name' => 'wpCancel',
+ 'value' => $this->msg( static::$messagePrefix . '-submit-cancel' )->text()
+ ] );
+
+ return $form;
+ }
+
+ protected function needsSubmitButton( $formDescriptor ) {
+ // Change/remove forms show are built from a single AuthenticationRequest and do not allow
+ // for redirect flow; they always need a submit button.
+ return true;
+ }
+
+ public function handleFormSubmit( $data ) {
+ // remove requests do not accept user input
+ $requests = $this->authRequests;
+ if ( static::$loadUserData ) {
+ $requests = AuthenticationRequest::loadRequestsFromSubmission( $this->authRequests, $data );
+ }
+
+ $response = $this->performAuthenticationStep( $this->authAction, $requests );
+
+ // we can't handle FAIL or similar as failure here since it might require changing the form
+ return Status::newGood( $response );
+ }
+
+ /**
+ * @param Message|null $error
+ */
+ protected function showSubpageList( $error = null ) {
+ $out = $this->getOutput();
+
+ if ( $error ) {
+ $out->addHTML( $error->parse() );
+ }
+
+ $groupedRequests = [];
+ foreach ( $this->authRequests as $req ) {
+ $info = $req->describeCredentials();
+ $groupedRequests[(string)$info['provider']][] = $req;
+ }
+
+ $out->addHTML( Html::openElement( 'dl' ) );
+ foreach ( $groupedRequests as $group => $members ) {
+ $out->addHTML( Html::element( 'dt', [], $group ) );
+ foreach ( $members as $req ) {
+ /** @var AuthenticationRequest $req */
+ $info = $req->describeCredentials();
+ $out->addHTML( Html::rawElement( 'dd', [],
+ Linker::link( $this->getPageTitle( $req->getUniqueId() ),
+ htmlspecialchars( $info['account'], ENT_QUOTES ) )
+ ) );
+ }
+ }
+ $out->addHTML( Html::closeElement( 'dl' ) );
+ }
+
+ protected function success() {
+ $session = $this->getRequest()->getSession();
+ $user = $this->getUser();
+ $out = $this->getOutput();
+ $returnUrl = $this->getReturnUrl();
+
+ // change user token and update the session
+ SessionManager::singleton()->invalidateSessionsForUser( $user );
+ $session->setUser( $user );
+ $session->resetId();
+
+ if ( $returnUrl ) {
+ $out->redirect( $returnUrl );
+ } else {
+ // messages used: changecredentials-success removecredentials-success
+ $out->wrapWikiMsg( "<div class=\"successbox\">\n$1\n</div>", static::$messagePrefix
+ . '-success' );
+ $out->returnToMain();
+ }
+ }
+
+ /**
+ * @return string|null
+ */
+ protected function getReturnUrl() {
+ $request = $this->getRequest();
+ $returnTo = $request->getText( 'returnto' );
+ $returnToQuery = $request->getText( 'returntoquery', '' );
+
+ if ( !$returnTo ) {
+ return null;
+ }
+
+ $title = Title::newFromText( $returnTo );
+ return $title->getFullURL( $returnToQuery );
+ }
+
+ protected function getRequestBlacklist() {
+ return $this->getConfig()->get( 'ChangeCredentialsBlacklist' );
+ }
+}
* @ingroup SpecialPage
*/
+use MediaWiki\Auth\AuthManager;
+
/**
* Let users change their email address.
*
* @return bool
*/
public function isListed() {
- global $wgAuth;
-
- return $wgAuth->allowPropChange( 'emailaddress' );
+ return AuthManager::singleton()->allowsPropertyChange( 'emailaddress' );
}
/**
* @param string $par
*/
function execute( $par ) {
+ $this->checkLoginSecurityLevel();
+
$out = $this->getOutput();
$out->disallowUserJs();
}
protected function checkExecutePermissions( User $user ) {
- global $wgAuth;
- if ( !$wgAuth->allowPropChange( 'emailaddress' ) ) {
+ if ( !AuthManager::singleton()->allowsPropertyChange( 'emailaddress' ) ) {
throw new ErrorPageError( 'changeemail', 'cannotchangeemail' );
}
],
];
- if ( $this->getConfig()->get( 'RequirePasswordforEmailChange' ) ) {
- $fields['Password'] = [
- 'type' => 'password',
- 'label-message' => 'changeemail-password'
- ];
- }
-
return $fields;
}
$form->addHiddenFields( $this->getRequest()->getValues( 'returnto', 'returntoquery' ) );
$form->addHeaderText( $this->msg( 'changeemail-header' )->parseAsBlock() );
- if ( $this->getConfig()->get( 'RequirePasswordforEmailChange' ) ) {
- $form->addHeaderText( $this->msg( 'changeemail-passwordrequired' )->parseAsBlock() );
- }
}
public function onSubmit( array $data ) {
- $password = isset( $data['Password'] ) ? $data['Password'] : null;
- $status = $this->attemptChange( $this->getUser(), $password, $data['NewEmail'] );
+ $status = $this->attemptChange( $this->getUser(), $data['NewEmail'] );
$this->status = $status;
/**
* @param User $user
- * @param string $pass
* @param string $newaddr
* @return Status
*/
- private function attemptChange( User $user, $pass, $newaddr ) {
+ private function attemptChange( User $user, $newaddr ) {
+ $authManager = AuthManager::singleton();
+
if ( $newaddr != '' && !Sanitizer::validateEmail( $newaddr ) ) {
return Status::newFatal( 'invalidemailaddress' );
}
return Status::newFatal( 'changeemail-nochange' );
}
- $throttleInfo = LoginForm::incrementLoginThrottle( $user->getName() );
- if ( $throttleInfo ) {
- $lang = $this->getLanguage();
- return Status::newFatal(
- 'changeemail-throttled',
- $lang->formatDuration( $throttleInfo['wait'] )
- );
- }
-
- if ( $this->getConfig()->get( 'RequirePasswordforEmailChange' )
- && !$user->checkTemporaryPassword( $pass )
- && !$user->checkPassword( $pass )
- ) {
- return Status::newFatal( 'wrongpassword' );
- }
-
- LoginForm::clearLoginThrottle( $user->getName() );
-
$oldaddr = $user->getEmail();
$status = $user->setEmailWithConfirmation( $newaddr );
if ( !$status->isGood() ) {
* @ingroup SpecialPage
*/
+use MediaWiki\Auth\PasswordAuthenticationRequest;
+
/**
* Let users recover their password.
*
* @ingroup SpecialPage
*/
-class SpecialChangePassword extends FormSpecialPage {
- protected $mUserName;
- protected $mDomain;
-
- // Optional Wikitext Message to show above the password change form
- protected $mPreTextMessage = null;
-
- // label for old password input
- protected $mOldPassMsg = null;
-
+class SpecialChangePassword extends SpecialRedirectToSpecial {
public function __construct() {
- parent::__construct( 'ChangePassword', 'editmyprivateinfo' );
- $this->listed( false );
- }
-
- public function doesWrites() {
- return true;
- }
-
- /**
- * Main execution point
- * @param string|null $par
- */
- function execute( $par ) {
- $this->getOutput()->disallowUserJs();
-
- parent::execute( $par );
- }
-
- protected function checkExecutePermissions( User $user ) {
- parent::checkExecutePermissions( $user );
-
- if ( !$this->getRequest()->wasPosted() ) {
- $this->requireLogin( 'resetpass-no-info' );
- }
- }
-
- /**
- * Set a message at the top of the Change Password form
- * @since 1.23
- * @param Message $msg Message to parse and add to the form header
- */
- public function setChangeMessage( Message $msg ) {
- $this->mPreTextMessage = $msg;
- }
-
- /**
- * Set a message at the top of the Change Password form
- * @since 1.23
- * @param string $msg Message label for old/temp password field
- */
- public function setOldPasswordMessage( $msg ) {
- $this->mOldPassMsg = $msg;
- }
-
- protected function getFormFields() {
- $user = $this->getUser();
- $request = $this->getRequest();
-
- $oldpassMsg = $this->mOldPassMsg;
- if ( $oldpassMsg === null ) {
- $oldpassMsg = $user->isLoggedIn() ? 'oldpassword' : 'resetpass-temp-password';
- }
-
- $fields = [
- 'Name' => [
- 'type' => 'info',
- 'label-message' => 'username',
- 'default' => $request->getVal( 'wpName', $user->getName() ),
- ],
- 'Password' => [
- 'type' => 'password',
- 'label-message' => $oldpassMsg,
- ],
- 'NewPassword' => [
- 'type' => 'password',
- 'label-message' => 'newpassword',
- ],
- 'Retype' => [
- 'type' => 'password',
- 'label-message' => 'retypenew',
- ],
- ];
-
- if ( !$this->getUser()->isLoggedIn() ) {
- $fields['LoginOnChangeToken'] = [
- 'type' => 'hidden',
- 'label' => 'Change Password Token',
- 'default' => LoginForm::getLoginToken()->toString(),
- ];
- }
-
- $extraFields = [];
- Hooks::run( 'ChangePasswordForm', [ &$extraFields ] );
- foreach ( $extraFields as $extra ) {
- list( $name, $label, $type, $default ) = $extra;
- $fields[$name] = [
- 'type' => $type,
- 'name' => $name,
- 'label-message' => $label,
- 'default' => $default,
- ];
- }
-
- if ( !$user->isLoggedIn() ) {
- $fields['Remember'] = [
- 'type' => 'check',
- 'label' => $this->msg( 'remembermypassword' )
- ->numParams(
- ceil( $this->getConfig()->get( 'CookieExpiration' ) / ( 3600 * 24 ) )
- )->text(),
- 'default' => $request->getVal( 'wpRemember' ),
- ];
- }
-
- return $fields;
- }
-
- protected function alterForm( HTMLForm $form ) {
- $form->setId( 'mw-resetpass-form' );
- $form->setTableId( 'mw-resetpass-table' );
- $form->setWrapperLegendMsg( 'resetpass_header' );
- $form->setSubmitTextMsg(
- $this->getUser()->isLoggedIn()
- ? 'resetpass-submit-loggedin'
- : 'resetpass_submit'
- );
- $form->addButton( [
- 'name' => 'wpCancel',
- 'value' => $this->msg( 'resetpass-submit-cancel' )->text()
- ] );
- $form->setHeaderText( $this->msg( 'resetpass_text' )->parseAsBlock() );
- if ( $this->mPreTextMessage instanceof Message ) {
- $form->addPreText( $this->mPreTextMessage->parseAsBlock() );
- }
- $form->addHiddenFields(
- $this->getRequest()->getValues( 'wpName', 'wpDomain', 'returnto', 'returntoquery' ) );
- }
-
- public function onSubmit( array $data ) {
- global $wgAuth;
-
- $request = $this->getRequest();
-
- if ( $request->getCheck( 'wpLoginToken' ) ) {
- // This comes from Special:Userlogin when logging in with a temporary password
- return false;
- }
-
- if ( !$this->getUser()->isLoggedIn()
- && !LoginForm::getLoginToken()->match( $request->getVal( 'wpLoginOnChangeToken' ) )
- ) {
- // Potential CSRF (bug 62497)
- return false;
- }
-
- if ( $request->getCheck( 'wpCancel' ) ) {
- $returnto = $request->getVal( 'returnto' );
- $titleObj = $returnto !== null ? Title::newFromText( $returnto ) : null;
- if ( !$titleObj instanceof Title ) {
- $titleObj = Title::newMainPage();
- }
- $query = $request->getVal( 'returntoquery' );
- $this->getOutput()->redirect( $titleObj->getFullURL( $query ) );
-
- return true;
- }
-
- $this->mUserName = $request->getVal( 'wpName', $this->getUser()->getName() );
- $this->mDomain = $wgAuth->getDomain();
-
- if ( !$wgAuth->allowPasswordChange() ) {
- throw new ErrorPageError( 'changepassword', 'resetpass_forbidden' );
- }
-
- $status = $this->attemptReset( $data['Password'], $data['NewPassword'], $data['Retype'] );
-
- return $status;
- }
-
- public function onSuccess() {
- if ( $this->getUser()->isLoggedIn() ) {
- $this->getOutput()->wrapWikiMsg(
- "<div class=\"successbox\">\n$1\n</div>",
- 'changepassword-success'
- );
- $this->getOutput()->returnToMain();
- } else {
- $request = $this->getRequest();
- LoginForm::clearLoginToken();
- $token = LoginForm::getLoginToken()->toString();
- $data = [
- 'action' => 'submitlogin',
- 'wpName' => $this->mUserName,
- 'wpDomain' => $this->mDomain,
- 'wpLoginToken' => $token,
- 'wpPassword' => $request->getVal( 'wpNewPassword' ),
- ] + $request->getValues( 'wpRemember', 'returnto', 'returntoquery' );
- $login = new LoginForm( new DerivativeRequest( $request, $data, true ) );
- $login->setContext( $this->getContext() );
- $login->execute( null );
- }
- }
-
- /**
- * Checks the new password if it meets the requirements for passwords and set
- * it as a current password, otherwise set the passed Status object to fatal
- * and doesn't change anything
- *
- * @param string $oldpass The current (temporary) password.
- * @param string $newpass The password to set.
- * @param string $retype The string of the retype password field to check with newpass
- * @return Status
- */
- protected function attemptReset( $oldpass, $newpass, $retype ) {
- $isSelf = ( $this->mUserName === $this->getUser()->getName() );
- if ( $isSelf ) {
- $user = $this->getUser();
- } else {
- $user = User::newFromName( $this->mUserName );
- }
-
- if ( !$user || $user->isAnon() ) {
- return Status::newFatal( $this->msg( 'nosuchusershort', $this->mUserName ) );
- }
-
- if ( $newpass !== $retype ) {
- Hooks::run( 'PrefsPasswordAudit', [ $user, $newpass, 'badretype' ] );
- return Status::newFatal( $this->msg( 'badretype' ) );
- }
-
- $throttleInfo = LoginForm::incrementLoginThrottle( $this->mUserName );
- if ( $throttleInfo ) {
- return Status::newFatal( $this->msg( 'changepassword-throttled' )
- ->durationParams( $throttleInfo['wait'] )
- );
- }
-
- // @todo Make these separate messages, since the message is written for both cases
- if ( !$user->checkTemporaryPassword( $oldpass ) && !$user->checkPassword( $oldpass ) ) {
- Hooks::run( 'PrefsPasswordAudit', [ $user, $newpass, 'wrongpassword' ] );
- return Status::newFatal( $this->msg( 'resetpass-wrong-oldpass' ) );
- }
-
- // User is resetting their password to their old password
- if ( $oldpass === $newpass ) {
- return Status::newFatal( $this->msg( 'resetpass-recycled' ) );
- }
-
- // Do AbortChangePassword after checking mOldpass, so we don't leak information
- // by possibly aborting a new password before verifying the old password.
- $abortMsg = 'resetpass-abort-generic';
- if ( !Hooks::run( 'AbortChangePassword', [ $user, $oldpass, $newpass, &$abortMsg ] ) ) {
- Hooks::run( 'PrefsPasswordAudit', [ $user, $newpass, 'abortreset' ] );
- return Status::newFatal( $this->msg( $abortMsg ) );
- }
-
- // Please reset throttle for successful logins, thanks!
- LoginForm::clearLoginThrottle( $this->mUserName );
-
- try {
- $user->setPassword( $newpass );
- Hooks::run( 'PrefsPasswordAudit', [ $user, $newpass, 'success' ] );
- } catch ( PasswordError $e ) {
- Hooks::run( 'PrefsPasswordAudit', [ $user, $newpass, 'error' ] );
- return Status::newFatal( new RawMessage( $e->getMessage() ) );
- }
-
- if ( $isSelf ) {
- // This is needed to keep the user connected since
- // changing the password also modifies the user's token.
- $remember = $this->getRequest()->getCookie( 'Token' ) !== null;
- $user->setCookies( null, null, $remember );
- }
- $user->saveSettings();
- $this->resetPasswordExpiration( $user );
- return Status::newGood();
- }
-
- public function requiresUnblock() {
- return false;
- }
-
- protected function getGroupName() {
- return 'users';
- }
-
- /**
- * For resetting user password expiration, until AuthManager comes along
- * @param User $user
- */
- private function resetPasswordExpiration( User $user ) {
- global $wgPasswordExpirationDays;
- $newExpire = null;
- if ( $wgPasswordExpirationDays ) {
- $newExpire = wfTimestamp(
- TS_MW,
- time() + ( $wgPasswordExpirationDays * 24 * 3600 )
- );
- }
- // Give extensions a chance to force an expiration
- Hooks::run( 'ResetPasswordExpiration', [ $this, &$newExpire ] );
- $dbw = wfGetDB( DB_MASTER );
- $dbw->update(
- 'user',
- [ 'user_password_expires' => $dbw->timestampOrNull( $newExpire ) ],
- [ 'user_id' => $user->getId() ],
- __METHOD__
- );
- }
-
- protected function getDisplayFormat() {
- return 'ooui';
+ parent::__construct( 'ChangePassword', 'ChangeCredentials',
+ PasswordAuthenticationRequest::class, [ 'returnto', 'returntoquery' ] );
}
}
<?php
/**
- * Redirect page: Special:CreateAccount --> Special:UserLogin/signup.
+ * Implements Special:CreateAccount
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* @ingroup SpecialPage
*/
+use MediaWiki\Auth\AuthManager;
+use MediaWiki\Logger\LoggerFactory;
+use Psr\Log\LogLevel;
+
/**
- * Redirect page: Special:CreateAccount --> Special:UserLogin/signup.
- * @todo FIXME: This (and the rest of the login frontend) needs to die a horrible painful death
+ * Implements Special:CreateAccount
*
* @ingroup SpecialPage
*/
-class SpecialCreateAccount extends SpecialRedirectToSpecial {
- function __construct() {
- parent::__construct(
- 'CreateAccount',
- 'Userlogin',
- 'signup',
- [ 'returnto', 'returntoquery', 'uselang' ]
- );
- }
+class SpecialCreateAccount extends LoginSignupSpecialPage {
+ protected static $allowedActions = [
+ AuthManager::ACTION_CREATE,
+ AuthManager::ACTION_CREATE_CONTINUE
+ ];
- public function doesWrites() {
- return true;
+ protected static $messages = [
+ 'authform-newtoken' => 'nocookiesfornew',
+ 'authform-notoken' => 'sessionfailure',
+ 'authform-wrongtoken' => 'sessionfailure',
+ ];
+
+ public function __construct() {
+ parent::__construct( 'CreateAccount' );
}
- // No reason to hide this link on Special:Specialpages
- public function isListed() {
+ public function doesWrites() {
return true;
}
return $user->isAllowed( 'createaccount' );
}
+ public function checkPermissions() {
+ parent::checkPermissions();
+
+ $user = $this->getUser();
+ $status = AuthManager::singleton()->checkAccountCreatePermissions( $user );
+ if ( !$status->isGood() ) {
+ throw new ErrorPageError( 'createacct-error', $status->getMessage() );
+ }
+ }
+
+ protected function getLoginSecurityLevel() {
+ return false;
+ }
+
+ protected function getDefaultAction( $subPage ) {
+ return AuthManager::ACTION_CREATE;
+ }
+
+ public function getDescription() {
+ return $this->msg( 'createaccount' )->text();
+ }
+
+ protected function isSignup() {
+ return true;
+ }
+
+ /**
+ * Run any hooks registered for logins, then display a message welcoming
+ * the user.
+ * @param bool $direct True if the action was successful just now; false if that happened
+ * pre-redirection (so this handler was called already)
+ * @param StatusValue|null $extraMessages
+ */
+ protected function successfulAction( $direct = false, $extraMessages = null ) {
+ $session = $this->getRequest()->getSession();
+ $user = $this->targetUser ?: $this->getUser();
+
+ if ( $direct ) {
+ # Only save preferences if the user is not creating an account for someone else.
+ if ( !$this->proxyAccountCreation ) {
+ Hooks::run( 'AddNewAccount', [ $user, false ] );
+
+ // If the user does not have a session cookie at this point, they probably need to
+ // do something to their browser.
+ if ( !$this->hasSessionCookie() ) {
+ $this->mainLoginForm( [ /*?*/ ], $session->getProvider()->whyNoSession() );
+ // TODO something more specific? This used to use nocookiesnew
+ // FIXME should redirect to login page instead?
+ return;
+ }
+ } else {
+ $byEmail = false; // FIXME no way to set this
+
+ Hooks::run( 'AddNewAccount', [ $user, $byEmail ] );
+
+ $out = $this->getOutput();
+ $out->setPageTitle( $this->msg( $byEmail ? 'accmailtitle' : 'accountcreated' ) );
+ if ( $byEmail ) {
+ $out->addWikiMsg( 'accmailtext', $user->getName(), $user->getEmail() );
+ } else {
+ $out->addWikiMsg( 'accountcreatedtext', $user->getName() );
+ }
+ $out->addReturnTo( $this->getPageTitle() );
+ return;
+ }
+ }
+
+ $this->clearToken();
+
+ # Run any hooks; display injected HTML
+ $injected_html = '';
+ $welcome_creation_msg = 'welcomecreation-msg';
+ Hooks::run( 'UserLoginComplete', [ &$user, &$injected_html ] );
+
+ /**
+ * Let any extensions change what message is shown.
+ * @see https://www.mediawiki.org/wiki/Manual:Hooks/BeforeWelcomeCreation
+ * @since 1.18
+ */
+ Hooks::run( 'BeforeWelcomeCreation', [ &$welcome_creation_msg, &$injected_html ] );
+
+ $this->showSuccessPage( 'signup', $this->msg( 'welcomeuser', $this->getUser()->getName() ),
+ $welcome_creation_msg, $injected_html, $extraMessages );
+ }
+
+ protected function getToken() {
+ return $this->getRequest()->getSession()->getToken( '', 'createaccount' );
+ }
+
+ protected function clearToken() {
+ return $this->getRequest()->getSession()->resetToken( 'createaccount' );
+ }
+
+ protected function getTokenName() {
+ return 'wpCreateaccountToken';
+ }
+
protected function getGroupName() {
return 'login';
}
+
+ protected function logAuthResult( $success, $status = null ) {
+ LoggerFactory::getInstance( 'authmanager-stats' )->info( 'Account creation attempt', [
+ 'event' => 'accountcreation',
+ 'successful' => $success,
+ 'status' => $status,
+ ] );
+ }
}
--- /dev/null
+<?php
+
+use MediaWiki\Auth\AuthenticationRequest;
+use MediaWiki\Auth\AuthenticationResponse;
+use MediaWiki\Auth\AuthManager;
+
+/**
+ * Links/unlinks external accounts to the current user.
+ *
+ * To interact with this page, account providers need to register themselves with AuthManager.
+ */
+class SpecialLinkAccounts extends AuthManagerSpecialPage {
+ protected static $allowedActions = [
+ AuthManager::ACTION_LINK, AuthManager::ACTION_LINK_CONTINUE,
+ ];
+
+ public function __construct() {
+ parent::__construct( 'LinkAccounts' );
+ }
+
+ protected function getGroupName() {
+ return 'users';
+ }
+
+ public function isListed() {
+ return AuthManager::singleton()->canLinkAccounts();
+ }
+
+ protected function getRequestBlacklist() {
+ return $this->getConfig()->get( 'ChangeCredentialsBlacklist' );
+ }
+
+ /**
+ * @param null|string $subPage
+ * @throws MWException
+ * @throws PermissionsError
+ */
+ public function execute( $subPage ) {
+ $this->setHeaders();
+ $this->loadAuth( $subPage );
+
+ if ( !$this->isActionAllowed( $this->authAction ) ) {
+ if ( $this->authAction === AuthManager::ACTION_LINK ) {
+ // looks like no linking provider is installed or willing to take this user
+ $titleMessage = wfMessage( 'cannotlink-no-provider-title' );
+ $errorMessage = wfMessage( 'cannotlink-no-provider' );
+ throw new ErrorPageError( $titleMessage, $errorMessage );
+ } else {
+ // user probably back-button-navigated into an auth session that no longer exists
+ // FIXME would be nice to show a message
+ $this->getOutput()->redirect( $this->getPageTitle()->getFullURL( '', false,
+ PROTO_HTTPS ) );
+ return;
+ }
+ }
+
+ $this->outputHeader();
+
+ $status = $this->trySubmit();
+
+ if ( $status === false || !$status->isOK() ) {
+ $this->displayForm( $status );
+ return;
+ }
+
+ $response = $status->getValue();
+
+ switch ( $response->status ) {
+ case AuthenticationResponse::PASS:
+ $this->success();
+ break;
+ case AuthenticationResponse::FAIL:
+ $this->loadAuth( '', AuthManager::ACTION_LINK, true );
+ $this->displayForm( StatusValue::newFatal( $response->message ) );
+ break;
+ case AuthenticationResponse::REDIRECT:
+ $this->getOutput()->redirect( $response->redirectTarget );
+ break;
+ case AuthenticationResponse::UI:
+ $this->authAction = AuthManager::ACTION_LINK_CONTINUE;
+ $this->authRequests = $response->neededRequests;
+ $this->displayForm( StatusValue::newFatal( $response->message ) );
+ break;
+ default:
+ throw new LogicException( 'invalid AuthenticationResponse' );
+ }
+ }
+
+ protected function getDefaultAction( $subPage ) {
+ return AuthManager::ACTION_LINK;
+ }
+
+ /**
+ * @param AuthenticationRequest[] $requests
+ * @param string $action AuthManager action name, should be ACTION_LINK or ACTION_LINK_CONTINUE
+ * @return HTMLForm
+ */
+ protected function getAuthForm( array $requests, $action ) {
+ $form = parent::getAuthForm( $requests, $action );
+ $form->setSubmitTextMsg( 'linkaccounts-submit' );
+ return $form;
+ }
+
+ /**
+ * Show a success message.
+ */
+ protected function success() {
+ $this->loadAuth( '', AuthManager::ACTION_LINK, true );
+ $this->displayForm( StatusValue::newFatal( $this->msg( 'linkaccounts-success-text' ) ) );
+ }
+}
* @ingroup SpecialPage
*/
+use MediaWiki\Auth\AuthManager;
+
/**
- * Special page for requesting a password reset email
+ * Special page for requesting a password reset email.
+ *
+ * Requires the TemporaryPasswordPrimaryAuthenticationProvider and the
+ * EmailNotificationSecondaryAuthenticationProvider (or something providing equivalent
+ * functionality) to be enabled.
*
* @ingroup SpecialPage
*/
class SpecialPasswordReset extends FormSpecialPage {
- /**
- * @var Message
- */
- private $email;
+ /** @var PasswordReset */
+ private $passwordReset;
/**
- * @var User
+ * @var string[] Temporary storage for the passwords which have been sent out, keyed by username.
*/
- private $firstUser;
+ private $passwords = [];
/**
* @var Status
public function __construct() {
parent::__construct( 'PasswordReset', 'editmyprivateinfo' );
+ $this->passwordReset = new PasswordReset( $this->getConfig(), AuthManager::singleton() );
}
public function doesWrites() {
}
public function userCanExecute( User $user ) {
- return $this->canChangePassword( $user ) === true && parent::userCanExecute( $user );
+ return $this->passwordReset->isAllowed( $user )->isGood();
}
public function checkExecutePermissions( User $user ) {
- $error = $this->canChangePassword( $user );
- if ( is_string( $error ) ) {
- throw new ErrorPageError( 'internalerror', $error );
- } elseif ( !$error ) {
- throw new ErrorPageError( 'internalerror', 'resetpass_forbidden' );
+ $status = Status::wrap( $this->passwordReset->isAllowed( $user ) );
+ if ( !$status->isGood() ) {
+ throw new ErrorPageError( 'internalerror', $status->getMessage() );
}
parent::checkExecutePermissions( $user );
}
protected function getFormFields() {
- global $wgAuth;
$resetRoutes = $this->getConfig()->get( 'PasswordResetRoutes' );
$a = [];
if ( isset( $resetRoutes['username'] ) && $resetRoutes['username'] ) {
];
}
- if ( isset( $resetRoutes['domain'] ) && $resetRoutes['domain'] ) {
- $domains = $wgAuth->domainList();
- $a['Domain'] = [
- 'type' => 'select',
- 'options' => $domains,
- 'label-message' => 'passwordreset-domain',
- ];
- }
-
if ( $this->getUser()->isAllowed( 'passwordreset' ) ) {
$a['Capture'] = [
'type' => 'check',
if ( isset( $resetRoutes['email'] ) && $resetRoutes['email'] ) {
$i++;
}
- if ( isset( $resetRoutes['domain'] ) && $resetRoutes['domain'] ) {
- $i++;
- }
$message = ( $i > 1 ) ? 'passwordreset-text-many' : 'passwordreset-text-one';
* @param array $data
* @throws MWException
* @throws ThrottledError|PermissionsError
- * @return bool|array
+ * @return Status
*/
public function onSubmit( array $data ) {
- global $wgAuth, $wgMinimalPasswordLength;
-
- if ( isset( $data['Domain'] ) ) {
- if ( $wgAuth->validDomain( $data['Domain'] ) ) {
- $wgAuth->setDomain( $data['Domain'] );
- } else {
- $wgAuth->setDomain( 'invaliddomain' );
- }
- }
-
if ( isset( $data['Capture'] ) && !$this->getUser()->isAllowed( 'passwordreset' ) ) {
// The user knows they don't have the passwordreset permission,
// but they tried to spoof the form. That's naughty
throw new PermissionsError( 'passwordreset' );
}
- /**
- * @var $firstUser User
- * @var $users User[]
- */
-
- if ( isset( $data['Username'] ) && $data['Username'] !== '' ) {
- $method = 'username';
- $users = [ User::newFromName( $data['Username'] ) ];
- } elseif ( isset( $data['Email'] )
- && $data['Email'] !== ''
- && Sanitizer::validateEmail( $data['Email'] )
- ) {
- $method = 'email';
- $res = wfGetDB( DB_SLAVE )->select(
- 'user',
- User::selectFields(),
- [ 'user_email' => $data['Email'] ],
- __METHOD__
- );
-
- if ( $res ) {
- $users = [];
-
- foreach ( $res as $row ) {
- $users[] = User::newFromRow( $row );
- }
- } else {
- // Some sort of database error, probably unreachable
- throw new MWException( 'Unknown database error in ' . __METHOD__ );
- }
- } else {
- // The user didn't supply any data
- return false;
- }
-
- // Check for hooks (captcha etc), and allow them to modify the users list
- $error = [];
- if ( !Hooks::run( 'SpecialPasswordResetOnSubmit', [ &$users, $data, &$error ] ) ) {
- return [ $error ];
- }
-
- $this->method = $method;
-
- if ( count( $users ) == 0 ) {
- if ( $method == 'email' ) {
- // Don't reveal whether or not an email address is in use
- return true;
- } else {
- return [ 'noname' ];
- }
- }
-
- $firstUser = $users[0];
+ $username = isset( $data['Username'] ) ? $data['Username'] : null;
+ $email = isset( $data['Email'] ) ? $data['Email'] : null;
+ $capture = !empty( $data['Capture'] );
- if ( !$firstUser instanceof User || !$firstUser->getId() ) {
- // Don't parse username as wikitext (bug 65501)
- return [ [ 'nosuchuser', wfEscapeWikiText( $data['Username'] ) ] ];
+ $this->method = $username ? 'username' : 'email';
+ $this->result = Status::wrap(
+ $this->passwordReset->execute( $this->getUser(), $username, $email, $capture ) );
+ if ( $capture && $this->result->isOK() ) {
+ $this->passwords = $this->result->getValue();
}
- // Check against the rate limiter
- if ( $this->getUser()->pingLimiter( 'mailpassword' ) ) {
+ if ( $this->result->hasMessage( 'actionthrottledtext' ) ) {
throw new ThrottledError;
}
- // Check against password throttle
- foreach ( $users as $user ) {
- if ( $user->isPasswordReminderThrottled() ) {
-
- # Round the time in hours to 3 d.p., in case someone is specifying
- # minutes or seconds.
- return [ [
- 'throttled-mailpassword',
- round( $this->getConfig()->get( 'PasswordReminderResendTime' ), 3 )
- ] ];
- }
- }
-
- // All the users will have the same email address
- if ( $firstUser->getEmail() == '' ) {
- // This won't be reachable from the email route, so safe to expose the username
- return [ [ 'noemail', wfEscapeWikiText( $firstUser->getName() ) ] ];
- }
-
- // We need to have a valid IP address for the hook, but per bug 18347, we should
- // send the user's name if they're logged in.
- $ip = $this->getRequest()->getIP();
- if ( !$ip ) {
- return [ 'badipaddress' ];
- }
- $caller = $this->getUser();
- Hooks::run( 'User::mailPasswordInternal', [ &$caller, &$ip, &$firstUser ] );
- $username = $caller->getName();
- $msg = IP::isValid( $username )
- ? 'passwordreset-emailtext-ip'
- : 'passwordreset-emailtext-user';
-
- // Send in the user's language; which should hopefully be the same
- $userLanguage = $firstUser->getOption( 'language' );
-
- $passwords = [];
- foreach ( $users as $user ) {
- $password = PasswordFactory::generateRandomPasswordString( $wgMinimalPasswordLength );
- $user->setNewpassword( $password );
- $user->saveSettings();
- $passwords[] = $this->msg( 'passwordreset-emailelement', $user->getName(), $password )
- ->inLanguage( $userLanguage )->text(); // We'll escape the whole thing later
- }
- $passwordBlock = implode( "\n\n", $passwords );
-
- $this->email = $this->msg( $msg )->inLanguage( $userLanguage );
- $this->email->params(
- $username,
- $passwordBlock,
- count( $passwords ),
- '<' . Title::newMainPage()->getCanonicalURL() . '>',
- round( $this->getConfig()->get( 'NewPasswordExpiry' ) / 86400 )
- );
-
- $title = $this->msg( 'passwordreset-emailtitle' )->inLanguage( $userLanguage );
-
- $this->result = $firstUser->sendMail( $title->text(), $this->email->text() );
-
- if ( isset( $data['Capture'] ) && $data['Capture'] ) {
- // Save the user, will be used if an error occurs when sending the email
- $this->firstUser = $firstUser;
- } else {
- // Blank the email if the user is not supposed to see it
- $this->email = null;
- }
-
- if ( $this->result->isGood() ) {
- return true;
- } elseif ( isset( $data['Capture'] ) && $data['Capture'] ) {
- // The email didn't send, but maybe they knew that and that's why they captured it
- return true;
- } else {
- // @todo FIXME: The email wasn't sent, but we have already set
- // the password throttle timestamp, so they won't be able to try
- // again until it expires... :(
- return [ [ 'mailerror', $this->result->getMessage() ] ];
- }
+ return $this->result;
}
public function onSuccess() {
- if ( $this->getUser()->isAllowed( 'passwordreset' ) && $this->email != null ) {
+ if ( $this->getUser()->isAllowed( 'passwordreset' ) && $this->passwords ) {
// @todo Logging
if ( $this->result->isGood() ) {
- $this->getOutput()->addWikiMsg( 'passwordreset-emailsent-capture' );
+ $this->getOutput()->addWikiMsg( 'passwordreset-emailsent-capture2',
+ count( $this->passwords ) );
} else {
- $this->getOutput()->addWikiMsg( 'passwordreset-emailerror-capture',
- $this->result->getMessage(), $this->firstUser->getName() );
+ $this->getOutput()->addWikiMsg( 'passwordreset-emailerror-capture2',
+ $this->result->getMessage(), key( $this->passwords ), count( $this->passwords ) );
}
- $this->getOutput()->addHTML( Html::rawElement( 'pre', [], $this->email->escaped() ) );
+ $this->getOutput()->addHTML( Html::openElement( 'ul' ) );
+ foreach ( $this->passwords as $username => $pwd ) {
+ $this->getOutput()->addHTML( Html::rawElement( 'li', [],
+ htmlspecialchars( $username, ENT_QUOTES )
+ . $this->msg( 'colon-separator' )->text()
+ . htmlspecialchars( $pwd, ENT_QUOTES )
+ ) );
+ }
+ $this->getOutput()->addHTML( Html::closeElement( 'ul' ) );
}
if ( $this->method === 'email' ) {
$this->getOutput()->returnToMain();
}
- protected function canChangePassword( User $user ) {
- global $wgAuth;
- $resetRoutes = $this->getConfig()->get( 'PasswordResetRoutes' );
-
- // Maybe password resets are disabled, or there are no allowable routes
- if ( !is_array( $resetRoutes ) ||
- !in_array( true, array_values( $resetRoutes ) )
- ) {
- return 'passwordreset-disabled';
- }
-
- // Maybe the external auth plugin won't allow local password changes
- if ( !$wgAuth->allowPasswordChange() ) {
- return 'resetpass_forbidden';
- }
-
- // Maybe email features have been disabled
- if ( !$this->getConfig()->get( 'EnableEmail' ) ) {
- return 'passwordreset-emaildisabled';
- }
-
- // Maybe the user is blocked (check this here rather than relying on the parent
- // method as we have a more specific error message to use here
- if ( $user->isBlocked() ) {
- return 'blocked-mailpassword';
- }
-
- return true;
- }
-
/**
* Hide the password reset page if resets are disabled.
* @return bool
*/
- function isListed() {
- if ( $this->canChangePassword( $this->getUser() ) === true ) {
+ public function isListed() {
+ if ( $this->passwordReset->isAllowed( $this->getUser() )->isGood() ) {
return parent::isListed();
}
--- /dev/null
+<?php
+
+use MediaWiki\Auth\AuthManager;
+
+/**
+ * Special change to remove credentials (such as a two-factor token).
+ */
+class SpecialRemoveCredentials extends SpecialChangeCredentials {
+ protected static $allowedActions = [ AuthManager::ACTION_REMOVE ];
+
+ protected static $messagePrefix = 'removecredentials';
+
+ protected static $loadUserData = false;
+
+ public function __construct() {
+ parent::__construct( 'RemoveCredentials' );
+ }
+
+ protected function getDefaultAction( $subPage ) {
+ return AuthManager::ACTION_REMOVE;
+ }
+
+ protected function getRequestBlacklist() {
+ return $this->getConfig()->get( 'RemoveCredentialsBlacklist' );
+ }
+}
--- /dev/null
+<?php
+
+use MediaWiki\Auth\AuthenticationResponse;
+use MediaWiki\Auth\AuthManager;
+use MediaWiki\Session\SessionManager;
+
+class SpecialUnlinkAccounts extends AuthManagerSpecialPage {
+ protected static $allowedActions = [ AuthManager::ACTION_UNLINK ];
+
+ public function __construct() {
+ parent::__construct( 'UnlinkAccounts' );
+ }
+
+ protected function getLoginSecurityLevel() {
+ return 'UnlinkAccount';
+ }
+
+ protected function getDefaultAction( $subPage ) {
+ return AuthManager::ACTION_UNLINK;
+ }
+
+ /**
+ * Under which header this special page is listed in Special:SpecialPages.
+ */
+ protected function getGroupName() {
+ return 'users';
+ }
+
+ public function isListed() {
+ return AuthManager::singleton()->canLinkAccounts();
+ }
+
+ protected function getRequestBlacklist() {
+ return $this->getConfig()->get( 'RemoveCredentialsBlacklist' );
+ }
+
+ public function execute( $subPage ) {
+ $this->setHeaders();
+ $this->loadAuth( $subPage );
+ $this->outputHeader();
+
+ $status = $this->trySubmit();
+
+ if ( $status === false || !$status->isOK() ) {
+ $this->displayForm( $status );
+ return;
+ }
+
+ /** @var AuthenticationResponse $response */
+ $response = $status->getValue();
+
+ if ( $response->status === AuthenticationResponse::FAIL ) {
+ $this->displayForm( StatusValue::newFatal( $response->message ) );
+ return;
+ }
+
+ $status = StatusValue::newGood();
+ $status->warning( wfMessage( 'unlinkaccounts-success' ) );
+ $this->loadAuth( $subPage, null, true ); // update requests so the unlinked one doesn't show up
+
+ // Reset sessions - if the user unlinked an account because it was compromised,
+ // log attackers out from sessions obtained via that account.
+ $session = $this->getRequest()->getSession();
+ $user = $this->getUser();
+ SessionManager::singleton()->invalidateSessionsForUser( $user );
+ $session->setUser( $user );
+ $session->resetId();
+
+ $this->displayForm( $status );
+ }
+
+ public function handleFormSubmit( $data ) {
+ // unlink requests do not accept user input so repeat parent code but skip call to
+ // AuthenticationRequest::loadRequestsFromSubmission
+ $response = $this->performAuthenticationStep( $this->authAction, $this->authRequests );
+ return Status::newGood( $response );
+ }
+}
--- /dev/null
+<?php
+/**
+ * Implements Special:UserLogin
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License along
+ * with this program; if not, write to the Free Software Foundation, Inc.,
+ * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
+ * http://www.gnu.org/copyleft/gpl.html
+ *
+ * @file
+ * @ingroup SpecialPage
+ */
+
+use MediaWiki\Auth\AuthManager;
+use MediaWiki\Logger\LoggerFactory;
+use Psr\Log\LogLevel;
+
+/**
+ * Implements Special:UserLogin
+ *
+ * @ingroup SpecialPage
+ */
+class SpecialUserLogin extends LoginSignupSpecialPage {
+ protected static $allowedActions = [
+ AuthManager::ACTION_LOGIN,
+ AuthManager::ACTION_LOGIN_CONTINUE
+ ];
+
+ protected static $messages = [
+ 'authform-newtoken' => 'nocookiesforlogin',
+ 'authform-notoken' => 'sessionfailure',
+ 'authform-wrongtoken' => 'sessionfailure',
+ ];
+
+ public function __construct() {
+ parent::__construct( 'Userlogin' );
+ }
+
+ public function doesWrites() {
+ return true;
+ }
+
+ protected function getLoginSecurityLevel() {
+ return false;
+ }
+
+ protected function getDefaultAction( $subPage ) {
+ return AuthManager::ACTION_LOGIN;
+ }
+
+ public function getDescription() {
+ return $this->msg( 'login' )->text();
+ }
+
+ public function setHeaders() {
+ // override the page title if we are doing a forced reauthentication
+ parent::setHeaders();
+ if ( $this->securityLevel && $this->getUser()->isLoggedIn() ) {
+ $this->getOutput()->setPageTitle( $this->msg( 'login-security' ) );
+ }
+ }
+
+ protected function isSignup() {
+ return false;
+ }
+
+ protected function beforeExecute( $subPage ) {
+ if ( $subPage === 'signup' || $this->getRequest()->getText( 'type' ) === 'signup' ) {
+ // B/C for old account creation URLs
+ $title = SpecialPage::getTitleFor( 'CreateAccount' );
+ $query = array_diff_key( $this->getRequest()->getValues(),
+ array_fill_keys( [ 'type', 'title' ], true ) );
+ $url = $title->getFullURL( $query, false, PROTO_CURRENT );
+ $this->getOutput()->redirect( $url );
+ return false;
+ }
+ return parent::beforeExecute( $subPage );
+ }
+
+ /**
+ * Run any hooks registered for logins, then HTTP redirect to
+ * $this->mReturnTo (or Main Page if that's undefined). Formerly we had a
+ * nice message here, but that's really not as useful as just being sent to
+ * wherever you logged in from. It should be clear that the action was
+ * successful, given the lack of error messages plus the appearance of your
+ * name in the upper right.
+ * @param bool $direct True if the action was successful just now; false if that happened
+ * pre-redirection (so this handler was called already)
+ * @param StatusValue|null $extraMessages
+ */
+ protected function successfulAction( $direct = false, $extraMessages = null ) {
+ global $wgSecureLogin;
+
+ $user = $this->targetUser ?: $this->getUser();
+ $session = $this->getRequest()->getSession();
+
+ if ( $direct ) {
+ $user->touch();
+
+ $this->clearToken();
+
+ if ( $user->requiresHTTPS() ) {
+ $this->mStickHTTPS = true;
+ }
+ $session->setForceHTTPS( $wgSecureLogin && $this->mStickHTTPS );
+
+ // If the user does not have a session cookie at this point, they probably need to
+ // do something to their browser.
+ if ( !$this->hasSessionCookie() ) {
+ $this->mainLoginForm( [ /*?*/ ], $session->getProvider()->whyNoSession() );
+ // TODO something more specific? This used to use nocookieslogin
+ return;
+ }
+ }
+
+ # Run any hooks; display injected HTML if any, else redirect
+ $injected_html = '';
+ Hooks::run( 'UserLoginComplete', [ &$user, &$injected_html ] );
+
+ if ( $injected_html !== '' || $extraMessages ) {
+ $this->showSuccessPage( 'success', $this->msg( 'loginsuccesstitle' ),
+ 'loginsuccess', $injected_html, $extraMessages );
+ } else {
+ $helper = new LoginHelper( $this->getContext() );
+ $helper->showReturnToPage( 'successredirect', $this->mReturnTo, $this->mReturnToQuery,
+ $this->mStickHTTPS );
+ }
+ }
+
+ protected function getToken() {
+ return $this->getRequest()->getSession()->getToken( '', 'login' );
+ }
+
+ protected function clearToken() {
+ return $this->getRequest()->getSession()->resetToken( 'login' );
+ }
+
+ protected function getTokenName() {
+ return 'wpLoginToken';
+ }
+
+ protected function getGroupName() {
+ return 'login';
+ }
+
+ protected function logAuthResult( $success, $status = null ) {
+ LoggerFactory::getInstance( 'authmanager-stats' )->info( 'Login attempt', [
+ 'event' => 'login',
+ 'successful' => $success,
+ 'status' => $status,
+ ] );
+ }
+}
--- /dev/null
+<?php
+/**
+ * Implements Special:Userlogout
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License along
+ * with this program; if not, write to the Free Software Foundation, Inc.,
+ * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
+ * http://www.gnu.org/copyleft/gpl.html
+ *
+ * @file
+ * @ingroup SpecialPage
+ */
+
+/**
+ * Implements Special:Userlogout
+ *
+ * @ingroup SpecialPage
+ */
+class SpecialUserLogout extends UnlistedSpecialPage {
+ function __construct() {
+ parent::__construct( 'Userlogout' );
+ }
+
+ public function doesWrites() {
+ return true;
+ }
+
+ function execute( $par ) {
+ /**
+ * Some satellite ISPs use broken precaching schemes that log people out straight after
+ * they're logged in (bug 17790). Luckily, there's a way to detect such requests.
+ */
+ if ( isset( $_SERVER['REQUEST_URI'] ) && strpos( $_SERVER['REQUEST_URI'], '&' ) !== false ) {
+ wfDebug( "Special:UserLogout request {$_SERVER['REQUEST_URI']} looks suspicious, denying.\n" );
+ throw new HttpError( 400, $this->msg( 'suspicious-userlogout' ), $this->msg( 'loginerror' ) );
+ }
+
+ $this->setHeaders();
+ $this->outputHeader();
+
+ // Make sure it's possible to log out
+ $session = MediaWiki\Session\SessionManager::getGlobalSession();
+ if ( !$session->canSetUser() ) {
+ throw new ErrorPageError(
+ 'cannotlogoutnow-title',
+ 'cannotlogoutnow-text',
+ [
+ $session->getProvider()->describe( RequestContext::getMain()->getLanguage() )
+ ]
+ );
+ }
+
+ $user = $this->getUser();
+ $oldName = $user->getName();
+
+ $user->logout();
+
+ $loginURL = SpecialPage::getTitleFor( 'Userlogin' )->getFullURL(
+ $this->getRequest()->getValues( 'returnto', 'returntoquery' ) );
+
+ $out = $this->getOutput();
+ $out->addWikiMsg( 'logouttext', $loginURL );
+
+ // Hook.
+ $injected_html = '';
+ Hooks::run( 'UserLogoutComplete', [ &$user, &$injected_html, $oldName ] );
+ $out->addHTML( $injected_html );
+
+ $out->returnToMain();
+ }
+
+ protected function getGroupName() {
+ return 'login';
+ }
+}
+++ /dev/null
-<?php
-/**
- * Implements Special:UserLogin
- *
- * This program is free software; you can redistribute it and/or modify
- * it under the terms of the GNU General Public License as published by
- * the Free Software Foundation; either version 2 of the License, or
- * (at your option) any later version.
- *
- * This program is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
- * GNU General Public License for more details.
- *
- * You should have received a copy of the GNU General Public License along
- * with this program; if not, write to the Free Software Foundation, Inc.,
- * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
- * http://www.gnu.org/copyleft/gpl.html
- *
- * @file
- * @ingroup SpecialPage
- */
-use MediaWiki\Logger\LoggerFactory;
-use Psr\Log\LogLevel;
-use MediaWiki\Session\SessionManager;
-
-/**
- * Implements Special:UserLogin
- *
- * @ingroup SpecialPage
- */
-class LoginForm extends SpecialPage {
- const SUCCESS = 0;
- const NO_NAME = 1;
- const ILLEGAL = 2;
- const WRONG_PLUGIN_PASS = 3;
- const NOT_EXISTS = 4;
- const WRONG_PASS = 5;
- const EMPTY_PASS = 6;
- const RESET_PASS = 7;
- const ABORTED = 8;
- const CREATE_BLOCKED = 9;
- const THROTTLED = 10;
- const USER_BLOCKED = 11;
- const NEED_TOKEN = 12;
- const WRONG_TOKEN = 13;
- const USER_MIGRATED = 14;
-
- public static $statusCodes = [
- self::SUCCESS => 'success',
- self::NO_NAME => 'no_name',
- self::ILLEGAL => 'illegal',
- self::WRONG_PLUGIN_PASS => 'wrong_plugin_pass',
- self::NOT_EXISTS => 'not_exists',
- self::WRONG_PASS => 'wrong_pass',
- self::EMPTY_PASS => 'empty_pass',
- self::RESET_PASS => 'reset_pass',
- self::ABORTED => 'aborted',
- self::CREATE_BLOCKED => 'create_blocked',
- self::THROTTLED => 'throttled',
- self::USER_BLOCKED => 'user_blocked',
- self::NEED_TOKEN => 'need_token',
- self::WRONG_TOKEN => 'wrong_token',
- self::USER_MIGRATED => 'user_migrated',
- ];
-
- /**
- * Valid error and warning messages
- *
- * Special:Userlogin can show an error or warning message on the form when
- * coming from another page. This is done via the ?error= or ?warning= GET
- * parameters.
- *
- * This array is the list of valid message keys. All other values will be
- * ignored.
- *
- * @since 1.24
- * @var string[]
- */
- public static $validErrorMessages = [
- 'exception-nologin-text',
- 'watchlistanontext',
- 'changeemail-no-info',
- 'resetpass-no-info',
- 'confirmemail_needlogin',
- 'prefsnologintext2',
- ];
-
- public $mAbortLoginErrorMsg = null;
- /**
- * @var int How many seconds user is throttled for
- * @since 1.27
- */
- public $mThrottleWait = '?';
-
- protected $mUsername;
- protected $mPassword;
- protected $mRetype;
- protected $mReturnTo;
- protected $mCookieCheck;
- protected $mPosted;
- protected $mAction;
- protected $mCreateaccount;
- protected $mCreateaccountMail;
- protected $mLoginattempt;
- protected $mRemember;
- protected $mEmail;
- protected $mDomain;
- protected $mLanguage;
- protected $mSkipCookieCheck;
- protected $mReturnToQuery;
- protected $mToken;
- protected $mStickHTTPS;
- protected $mType;
- protected $mReason;
- protected $mRealName;
- protected $mEntryError = '';
- protected $mEntryErrorType = 'error';
-
- private $mTempPasswordUsed;
- private $mLoaded = false;
- private $mSecureLoginUrl;
-
- /** @var WebRequest */
- private $mOverrideRequest = null;
-
- /** @var WebRequest Effective request; set at the beginning of load */
- private $mRequest = null;
-
- /**
- * @param WebRequest $request
- */
- public function __construct( $request = null ) {
- global $wgUseMediaWikiUIEverywhere;
- parent::__construct( 'Userlogin' );
-
- $this->mOverrideRequest = $request;
- // Override UseMediaWikiEverywhere to true, to force login and create form to use mw ui
- $wgUseMediaWikiUIEverywhere = true;
- }
-
- public function doesWrites() {
- return true;
- }
-
- /**
- * Returns an array of all valid error messages.
- *
- * @return array
- */
- public static function getValidErrorMessages() {
- static $messages = null;
- if ( !$messages ) {
- $messages = self::$validErrorMessages;
- Hooks::run( 'LoginFormValidErrorMessages', [ &$messages ] );
- }
-
- return $messages;
- }
-
- /**
- * Loader
- */
- function load() {
- global $wgAuth, $wgHiddenPrefs, $wgEnableEmail;
-
- if ( $this->mLoaded ) {
- return;
- }
- $this->mLoaded = true;
-
- if ( $this->mOverrideRequest === null ) {
- $request = $this->getRequest();
- } else {
- $request = $this->mOverrideRequest;
- }
- $this->mRequest = $request;
-
- $this->mType = $request->getText( 'type' );
- $this->mUsername = $request->getText( 'wpName' );
- $this->mPassword = $request->getText( 'wpPassword' );
- $this->mRetype = $request->getText( 'wpRetype' );
- $this->mDomain = $request->getText( 'wpDomain' );
- $this->mReason = $request->getText( 'wpReason' );
- $this->mCookieCheck = $request->getVal( 'wpCookieCheck' );
- $this->mPosted = $request->wasPosted();
- $this->mCreateaccountMail = $request->getCheck( 'wpCreateaccountMail' )
- && $wgEnableEmail;
- $this->mCreateaccount = $request->getCheck( 'wpCreateaccount' ) && !$this->mCreateaccountMail;
- $this->mLoginattempt = $request->getCheck( 'wpLoginattempt' );
- $this->mAction = $request->getVal( 'action' );
- $this->mRemember = $request->getCheck( 'wpRemember' );
- $this->mFromHTTP = $request->getBool( 'fromhttp', false )
- || $request->getBool( 'wpFromhttp', false );
- $this->mStickHTTPS = ( !$this->mFromHTTP && $request->getProtocol() === 'https' )
- || $request->getBool( 'wpForceHttps', false );
- $this->mLanguage = $request->getText( 'uselang' );
- $this->mSkipCookieCheck = $request->getCheck( 'wpSkipCookieCheck' );
- $this->mToken = $this->mType == 'signup'
- ? $request->getVal( 'wpCreateaccountToken' )
- : $request->getVal( 'wpLoginToken' );
- $this->mReturnTo = $request->getVal( 'returnto', '' );
- $this->mReturnToQuery = $request->getVal( 'returntoquery', '' );
-
- // Show an error or warning passed on from a previous page
- $entryError = $this->msg( $request->getVal( 'error', '' ) );
- $entryWarning = $this->msg( $request->getVal( 'warning', '' ) );
- // bc: provide login link as a parameter for messages where the translation
- // was not updated
- $loginreqlink = Linker::linkKnown(
- $this->getPageTitle(),
- $this->msg( 'loginreqlink' )->escaped(),
- [],
- [
- 'returnto' => $this->mReturnTo,
- 'returntoquery' => $this->mReturnToQuery,
- 'uselang' => $this->mLanguage,
- 'fromhttp' => $this->mFromHTTP ? '1' : '0',
- ]
- );
-
- // Only show valid error or warning messages.
- if ( $entryError->exists()
- && in_array( $entryError->getKey(), self::getValidErrorMessages() )
- ) {
- $this->mEntryErrorType = 'error';
- $this->mEntryError = $entryError->rawParams( $loginreqlink )->parse();
-
- } elseif ( $entryWarning->exists()
- && in_array( $entryWarning->getKey(), self::getValidErrorMessages() )
- ) {
- $this->mEntryErrorType = 'warning';
- $this->mEntryError = $entryWarning->rawParams( $loginreqlink )->parse();
- }
-
- if ( $wgEnableEmail ) {
- $this->mEmail = $request->getText( 'wpEmail' );
- } else {
- $this->mEmail = '';
- }
- if ( !in_array( 'realname', $wgHiddenPrefs ) ) {
- $this->mRealName = $request->getText( 'wpRealName' );
- } else {
- $this->mRealName = '';
- }
-
- if ( !$wgAuth->validDomain( $this->mDomain ) ) {
- $this->mDomain = $wgAuth->getDomain();
- }
- $wgAuth->setDomain( $this->mDomain );
-
- # 1. When switching accounts, it sucks to get automatically logged out
- # 2. Do not return to PasswordReset after a successful password change
- # but goto Wiki start page (Main_Page) instead ( bug 33997 )
- $returnToTitle = Title::newFromText( $this->mReturnTo );
- if ( is_object( $returnToTitle )
- && ( $returnToTitle->isSpecial( 'Userlogout' )
- || $returnToTitle->isSpecial( 'PasswordReset' ) )
- ) {
- $this->mReturnTo = '';
- $this->mReturnToQuery = '';
- }
- }
-
- function getDescription() {
- if ( $this->mType === 'signup' ) {
- return $this->msg( 'createaccount' )->text();
- } else {
- return $this->msg( 'login' )->text();
- }
- }
-
- /**
- * @param string|null $subPage
- */
- public function execute( $subPage ) {
- // Make sure session is persisted
- $session = SessionManager::getGlobalSession();
- $session->persist();
-
- $this->load();
-
- // Check for [[Special:Userlogin/signup]]. This affects form display and
- // page title.
- if ( $subPage == 'signup' ) {
- $this->mType = 'signup';
- }
- $this->setHeaders();
-
- // Make sure it's possible to log in
- if ( $this->mType !== 'signup' && !$session->canSetUser() ) {
- throw new ErrorPageError(
- 'cannotloginnow-title',
- 'cannotloginnow-text',
- [
- $session->getProvider()->describe( RequestContext::getMain()->getLanguage() )
- ]
- );
- }
-
- /**
- * In the case where the user is already logged in, and was redirected to
- * the login form from a page that requires login, do not show the login
- * page. The use case scenario for this is when a user opens a large number
- * of tabs, is redirected to the login page on all of them, and then logs
- * in on one, expecting all the others to work properly.
- *
- * However, do show the form if it was visited intentionally (no 'returnto'
- * is present). People who often switch between several accounts have grown
- * accustomed to this behavior.
- */
- if (
- $this->mType !== 'signup' &&
- !$this->mPosted &&
- $this->getUser()->isLoggedIn() &&
- ( $this->mReturnTo !== '' || $this->mReturnToQuery !== '' )
- ) {
- $this->successfulLogin();
- }
-
- // If logging in and not on HTTPS, either redirect to it or offer a link.
- global $wgSecureLogin;
- if ( $this->mRequest->getProtocol() !== 'https' ) {
- $title = $this->getFullTitle();
- $query = [
- 'returnto' => $this->mReturnTo !== '' ? $this->mReturnTo : null,
- 'returntoquery' => $this->mReturnToQuery !== '' ?
- $this->mReturnToQuery : null,
- 'title' => null,
- ( $this->mEntryErrorType === 'error' ? 'error' : 'warning' ) => $this->mEntryError,
- ] + $this->mRequest->getQueryValues();
- $url = $title->getFullURL( $query, false, PROTO_HTTPS );
- if ( $wgSecureLogin
- && wfCanIPUseHTTPS( $this->getRequest()->getIP() )
- && !$this->mFromHTTP ) // Avoid infinite redirect
- {
- $url = wfAppendQuery( $url, 'fromhttp=1' );
- $this->getOutput()->redirect( $url );
- // Since we only do this redir to change proto, always vary
- $this->getOutput()->addVaryHeader( 'X-Forwarded-Proto' );
-
- return;
- } else {
- // A wiki without HTTPS login support should set $wgServer to
- // http://somehost, in which case the secure URL generated
- // above won't actually start with https://
- if ( substr( $url, 0, 8 ) === 'https://' ) {
- $this->mSecureLoginUrl = $url;
- }
- }
- }
-
- if ( !is_null( $this->mCookieCheck ) ) {
- $this->onCookieRedirectCheck( $this->mCookieCheck );
-
- return;
- } elseif ( $this->mPosted ) {
- if ( $this->mCreateaccount ) {
- $this->addNewAccount();
-
- return;
- } elseif ( $this->mCreateaccountMail ) {
- $this->addNewAccountMailPassword();
-
- return;
- } elseif ( ( 'submitlogin' == $this->mAction ) || $this->mLoginattempt ) {
- $this->processLogin();
-
- return;
- }
- }
- $this->mainLoginForm( $this->mEntryError, $this->mEntryErrorType );
- }
-
- /**
- * @private
- */
- function addNewAccountMailPassword() {
- if ( $this->mEmail == '' ) {
- $this->mainLoginForm( $this->msg( 'noemailcreate' )->escaped() );
-
- return;
- }
-
- $status = $this->addNewAccountInternal();
- LoggerFactory::getInstance( 'authmanager' )->info(
- 'Account creation attempt with mailed password',
- [ 'event' => 'accountcreation', 'status' => $status ]
- );
- if ( !$status->isGood() ) {
- $error = $status->getMessage();
- $this->mainLoginForm( $error->toString() );
-
- return;
- }
-
- /** @var User $u */
- $u = $status->getValue();
-
- // Wipe the initial password and mail a temporary one
- $u->setPassword( null );
- $u->saveSettings();
- $result = $this->mailPasswordInternal( $u, false, 'createaccount-title', 'createaccount-text' );
-
- Hooks::run( 'AddNewAccount', [ $u, true ] );
- $u->addNewUserLogEntry( 'byemail', $this->mReason );
-
- $out = $this->getOutput();
- $out->setPageTitle( $this->msg( 'accmailtitle' ) );
-
- if ( !$result->isGood() ) {
- $this->mainLoginForm( $this->msg( 'mailerror', $result->getWikiText() )->text() );
- } else {
- $out->addWikiMsg( 'accmailtext', $u->getName(), $u->getEmail() );
- $this->executeReturnTo( 'success' );
- }
- }
-
- /**
- * @private
- * @return bool
- */
- function addNewAccount() {
- global $wgContLang, $wgUser, $wgEmailAuthentication, $wgLoginLanguageSelector;
-
- # Create the account and abort if there's a problem doing so
- $status = $this->addNewAccountInternal();
- LoggerFactory::getInstance( 'authmanager' )->info( 'Account creation attempt', [
- 'event' => 'accountcreation',
- 'status' => $status,
- ] );
-
- if ( !$status->isGood() ) {
- $error = $status->getMessage();
- $this->mainLoginForm( $error->toString() );
-
- return false;
- }
-
- $u = $status->getValue();
-
- # Only save preferences if the user is not creating an account for someone else.
- if ( $this->getUser()->isAnon() ) {
- # If we showed up language selection links, and one was in use, be
- # smart (and sensible) and save that language as the user's preference
- if ( $wgLoginLanguageSelector && $this->mLanguage ) {
- $u->setOption( 'language', $this->mLanguage );
- } else {
-
- # Otherwise the user's language preference defaults to $wgContLang,
- # but it may be better to set it to their preferred $wgContLang variant,
- # based on browser preferences or URL parameters.
- $u->setOption( 'language', $wgContLang->getPreferredVariant() );
- }
- if ( $wgContLang->hasVariants() ) {
- $u->setOption( 'variant', $wgContLang->getPreferredVariant() );
- }
- }
-
- $out = $this->getOutput();
-
- # Send out an email authentication message if needed
- if ( $wgEmailAuthentication && Sanitizer::validateEmail( $u->getEmail() ) ) {
- $status = $u->sendConfirmationMail();
- if ( $status->isGood() ) {
- $out->addWikiMsg( 'confirmemail_oncreate' );
- } else {
- $out->addWikiText( $status->getWikiText( 'confirmemail_sendfailed' ) );
- }
- }
-
- # Save settings (including confirmation token)
- $u->saveSettings();
-
- # If not logged in, assume the new account as the current one and set
- # session cookies then show a "welcome" message or a "need cookies"
- # message as needed
- if ( $this->getUser()->isAnon() ) {
- $u->setCookies();
- $wgUser = $u;
- // This should set it for OutputPage and the Skin
- // which is needed or the personal links will be
- // wrong.
- $this->getContext()->setUser( $u );
- Hooks::run( 'AddNewAccount', [ $u, false ] );
- $u->addNewUserLogEntry( 'create' );
- if ( $this->hasSessionCookie() ) {
- $this->successfulCreation();
- } else {
- $this->cookieRedirectCheck( 'new' );
- }
- } else {
- # Confirm that the account was created
- $out->setPageTitle( $this->msg( 'accountcreated' ) );
- $out->addWikiMsg( 'accountcreatedtext', $u->getName() );
- $out->addReturnTo( $this->getPageTitle() );
- Hooks::run( 'AddNewAccount', [ $u, false ] );
- $u->addNewUserLogEntry( 'create2', $this->mReason );
- }
-
- return true;
- }
-
- /**
- * Make a new user account using the loaded data.
- * @private
- * @throws PermissionsError|ReadOnlyError
- * @return Status
- */
- public function addNewAccountInternal() {
- global $wgAuth, $wgAccountCreationThrottle, $wgEmailConfirmToEdit;
-
- // If the user passes an invalid domain, something is fishy
- if ( !$wgAuth->validDomain( $this->mDomain ) ) {
- return Status::newFatal( 'wrongpassword' );
- }
-
- // If we are not allowing users to login locally, we should be checking
- // to see if the user is actually able to authenticate to the authenti-
- // cation server before they create an account (otherwise, they can
- // create a local account and login as any domain user). We only need
- // to check this for domains that aren't local.
- if ( 'local' != $this->mDomain && $this->mDomain != '' ) {
- if (
- !$wgAuth->canCreateAccounts() &&
- (
- !$wgAuth->userExists( $this->mUsername ) ||
- !$wgAuth->authenticate( $this->mUsername, $this->mPassword )
- )
- ) {
- return Status::newFatal( 'wrongpassword' );
- }
- }
-
- if ( wfReadOnly() ) {
- throw new ReadOnlyError;
- }
-
- # Request forgery checks.
- $token = self::getCreateaccountToken();
- if ( $token->wasNew() ) {
- return Status::newFatal( 'nocookiesfornew' );
- }
-
- # The user didn't pass a createaccount token
- if ( !$this->mToken ) {
- return Status::newFatal( 'sessionfailure' );
- }
-
- # Validate the createaccount token
- if ( !$token->match( $this->mToken ) ) {
- return Status::newFatal( 'sessionfailure' );
- }
-
- # Check permissions
- $currentUser = $this->getUser();
- $creationBlock = $currentUser->isBlockedFromCreateAccount();
- if ( !$currentUser->isAllowed( 'createaccount' ) ) {
- throw new PermissionsError( 'createaccount' );
- } elseif ( $creationBlock instanceof Block ) {
- // Throws an ErrorPageError.
- $this->userBlockedMessage( $creationBlock );
-
- // This should never be reached.
- return false;
- }
-
- # Include checks that will include GlobalBlocking (Bug 38333)
- $permErrors = $this->getPageTitle()->getUserPermissionsErrors(
- 'createaccount',
- $currentUser,
- true
- );
-
- if ( count( $permErrors ) ) {
- throw new PermissionsError( 'createaccount', $permErrors );
- }
-
- $ip = $this->getRequest()->getIP();
- if ( $currentUser->isDnsBlacklisted( $ip, true /* check $wgProxyWhitelist */ ) ) {
- return Status::newFatal( 'sorbs_create_account_reason' );
- }
-
- # Now create a dummy user ($u) and check if it is valid
- $u = User::newFromName( $this->mUsername, 'creatable' );
- if ( !$u ) {
- return Status::newFatal( 'noname' );
- }
-
- $cache = ObjectCache::getLocalClusterInstance();
- # Make sure the user does not exist already
- $lock = $cache->getScopedLock( $cache->makeGlobalKey( 'account', md5( $this->mUsername ) ) );
- if ( !$lock ) {
- return Status::newFatal( 'usernameinprogress' );
- } elseif ( $u->idForName( User::READ_LOCKING ) ) {
- return Status::newFatal( 'userexists' );
- }
-
- if ( $this->mCreateaccountMail ) {
- # do not force a password for account creation by email
- # set invalid password, it will be replaced later by a random generated password
- $this->mPassword = null;
- } else {
- if ( $this->mPassword !== $this->mRetype ) {
- return Status::newFatal( 'badretype' );
- }
-
- # check for password validity, return a fatal Status if invalid
- $validity = $u->checkPasswordValidity( $this->mPassword, 'create' );
- if ( !$validity->isGood() ) {
- $validity->ok = false; // make sure this Status is fatal
- return $validity;
- }
- }
-
- # if you need a confirmed email address to edit, then obviously you
- # need an email address.
- if ( $wgEmailConfirmToEdit && strval( $this->mEmail ) === '' ) {
- return Status::newFatal( 'noemailtitle' );
- }
-
- if ( strval( $this->mEmail ) !== '' && !Sanitizer::validateEmail( $this->mEmail ) ) {
- return Status::newFatal( 'invalidemailaddress' );
- }
-
- # Set some additional data so the AbortNewAccount hook can be used for
- # more than just username validation
- $u->setEmail( $this->mEmail );
- $u->setRealName( $this->mRealName );
-
- $abortError = '';
- $abortStatus = null;
- if ( !Hooks::run( 'AbortNewAccount', [ $u, &$abortError, &$abortStatus ] ) ) {
- // Hook point to add extra creation throttles and blocks
- wfDebug( "LoginForm::addNewAccountInternal: a hook blocked creation\n" );
- if ( $abortStatus === null ) {
- // Report back the old string as a raw message status.
- // This will report the error back as 'createaccount-hook-aborted'
- // with the given string as the message.
- // To return a different error code, return a Status object.
- $abortError = new Message( 'createaccount-hook-aborted', [ $abortError ] );
- $abortError->text();
-
- return Status::newFatal( $abortError );
- } else {
- // For MediaWiki 1.23+ and updated hooks, return the Status object
- // returned from the hook.
- return $abortStatus;
- }
- }
-
- // Hook point to check for exempt from account creation throttle
- if ( !Hooks::run( 'ExemptFromAccountCreationThrottle', [ $ip ] ) ) {
- wfDebug( "LoginForm::exemptFromAccountCreationThrottle: a hook " .
- "allowed account creation w/o throttle\n" );
- } else {
- if ( ( $wgAccountCreationThrottle && $currentUser->isPingLimitable() ) ) {
- $key = wfGlobalCacheKey( 'acctcreate', 'ip', $ip );
- $value = $cache->get( $key );
- if ( !$value ) {
- $cache->set( $key, 0, $cache::TTL_DAY );
- }
- if ( $value >= $wgAccountCreationThrottle ) {
- return Status::newFatal( 'acct_creation_throttle_hit', $wgAccountCreationThrottle );
- }
- $cache->incr( $key );
- }
- }
-
- if ( !$wgAuth->addUser( $u, $this->mPassword, $this->mEmail, $this->mRealName ) ) {
- return Status::newFatal( 'externaldberror' );
- }
-
- self::clearCreateaccountToken();
-
- return $this->initUser( $u, false );
- }
-
- /**
- * Actually add a user to the database.
- * Give it a User object that has been initialised with a name.
- *
- * @param User $u
- * @param bool $autocreate True if this is an autocreation via auth plugin
- * @return Status Status object, with the User object in the value member on success
- * @private
- */
- function initUser( $u, $autocreate ) {
- global $wgAuth;
-
- $status = $u->addToDatabase();
- if ( !$status->isOK() ) {
- if ( $status->hasMessage( 'userexists' ) ) {
- // AuthManager probably just added the user.
- $u->saveSettings();
- } else {
- return $status;
- }
- }
-
- if ( $wgAuth->allowPasswordChange() ) {
- $u->setPassword( $this->mPassword );
- }
-
- $u->setEmail( $this->mEmail );
- $u->setRealName( $this->mRealName );
- SessionManager::singleton()->invalidateSessionsForUser( $u );
-
- Hooks::run( 'LocalUserCreated', [ $u, $autocreate ] );
- if ( $wgAuth && !$wgAuth instanceof MediaWiki\Auth\AuthManagerAuthPlugin ) {
- $oldUser = $u;
- $wgAuth->initUser( $u, $autocreate );
- if ( $oldUser !== $u ) {
- wfWarn( get_class( $wgAuth ) . '::initUser() replaced the user object' );
- }
- }
-
- $u->saveSettings();
-
- // Update user count
- DeferredUpdates::addUpdate( new SiteStatsUpdate( 0, 0, 0, 0, 1 ) );
-
- // Watch user's userpage and talk page
- $u->addWatch( $u->getUserPage(), User::IGNORE_USER_RIGHTS );
-
- return Status::newGood( $u );
- }
-
- /**
- * Internally authenticate the login request.
- *
- * This may create a local account as a side effect if the
- * authentication plugin allows transparent local account
- * creation.
- * @return int
- */
- public function authenticateUserData() {
- global $wgUser, $wgAuth;
-
- $this->load();
-
- if ( $this->mUsername == '' ) {
- return self::NO_NAME;
- }
-
- // We require a login token to prevent login CSRF
- // Handle part of this before incrementing the throttle so
- // token-less login attempts don't count towards the throttle
- // but wrong-token attempts do.
-
- // If the user doesn't have a login token yet, set one.
- $token = self::getLoginToken();
- if ( $token->wasNew() ) {
- return self::NEED_TOKEN;
- }
- // If the user didn't pass a login token, tell them we need one
- if ( !$this->mToken ) {
- return self::NEED_TOKEN;
- }
-
- $throttleCount = self::incrementLoginThrottle( $this->mUsername );
- if ( $throttleCount ) {
- $this->mThrottleWait = $throttleCount['wait'];
- return self::THROTTLED;
- }
-
- // Validate the login token
- if ( !$token->match( $this->mToken ) ) {
- return self::WRONG_TOKEN;
- }
-
- // Load the current user now, and check to see if we're logging in as
- // the same name. This is necessary because loading the current user
- // (say by calling getName()) calls the UserLoadFromSession hook, which
- // potentially creates the user in the database. Until we load $wgUser,
- // checking for user existence using User::newFromName($name)->getId() below
- // will effectively be using stale data.
- if ( $this->getUser()->getName() === $this->mUsername ) {
- wfDebug( __METHOD__ . ": already logged in as {$this->mUsername}\n" );
-
- return self::SUCCESS;
- }
-
- $u = User::newFromName( $this->mUsername );
- if ( $u === false ) {
- return self::ILLEGAL;
- }
-
- $msg = null;
- // Give extensions a way to indicate the username has been updated,
- // rather than telling the user the account doesn't exist.
- if ( !Hooks::run( 'LoginUserMigrated', [ $u, &$msg ] ) ) {
- $this->mAbortLoginErrorMsg = $msg;
- return self::USER_MIGRATED;
- }
-
- if ( !User::isUsableName( $u->getName() ) ) {
- return self::ILLEGAL;
- }
-
- $isAutoCreated = false;
- if ( $u->getId() == 0 ) {
- $status = $this->attemptAutoCreate( $u );
- if ( $status !== self::SUCCESS ) {
- return $status;
- } else {
- $isAutoCreated = true;
- }
- } else {
- $u->load();
- }
-
- // Give general extensions, such as a captcha, a chance to abort logins
- $abort = self::ABORTED;
- if ( !Hooks::run( 'AbortLogin', [ $u, $this->mPassword, &$abort, &$msg ] ) ) {
- if ( !in_array( $abort, array_keys( self::$statusCodes ), true ) ) {
- throw new Exception( 'Invalid status code returned from AbortLogin hook: ' . $abort );
- }
- $this->mAbortLoginErrorMsg = $msg;
- return $abort;
- }
-
- global $wgBlockDisablesLogin;
- if ( !$u->checkPassword( $this->mPassword ) ) {
- if ( $u->checkTemporaryPassword( $this->mPassword ) ) {
- /**
- * The e-mailed temporary password should not be used for actu-
- * al logins; that's a very sloppy habit, and insecure if an
- * attacker has a few seconds to click "search" on someone's
- * open mail reader.
- *
- * Allow it to be used only to reset the password a single time
- * to a new value, which won't be in the user's e-mail ar-
- * chives.
- *
- * For backwards compatibility, we'll still recognize it at the
- * login form to minimize surprises for people who have been
- * logging in with a temporary password for some time.
- *
- * As a side-effect, we can authenticate the user's e-mail ad-
- * dress if it's not already done, since the temporary password
- * was sent via e-mail.
- */
- if ( !$u->isEmailConfirmed() && !wfReadOnly() ) {
- $u->confirmEmail();
- $u->saveSettings();
- }
-
- // At this point we just return an appropriate code/ indicating
- // that the UI should show a password reset form; bot inter-
- // faces etc will probably just fail cleanly here.
- $this->mAbortLoginErrorMsg = 'resetpass-temp-emailed';
- $this->mTempPasswordUsed = true;
- $retval = self::RESET_PASS;
- } else {
- $retval = ( $this->mPassword == '' ) ? self::EMPTY_PASS : self::WRONG_PASS;
- }
- } elseif ( $wgBlockDisablesLogin && $u->isBlocked() ) {
- // If we've enabled it, make it so that a blocked user cannot login
- $retval = self::USER_BLOCKED;
- } elseif ( $this->checkUserPasswordExpired( $u ) == 'hard' ) {
- // Force reset now, without logging in
- $retval = self::RESET_PASS;
- $this->mAbortLoginErrorMsg = 'resetpass-expired';
- } else {
- Hooks::run( 'UserLoggedIn', [ $u ] );
- if ( $wgAuth && !$wgAuth instanceof MediaWiki\Auth\AuthManagerAuthPlugin ) {
- $oldUser = $u;
- $wgAuth->updateUser( $u );
- if ( $oldUser !== $u ) {
- wfWarn( get_class( $wgAuth ) . '::updateUser() replaced the user object' );
- }
- }
- $wgUser = $u;
- // This should set it for OutputPage and the Skin
- // which is needed or the personal links will be
- // wrong.
- $this->getContext()->setUser( $u );
-
- // Please reset throttle for successful logins, thanks!
- self::clearLoginThrottle( $this->mUsername );
-
- if ( $isAutoCreated ) {
- // Must be run after $wgUser is set, for correct new user log
- Hooks::run( 'AuthPluginAutoCreate', [ $u ] );
- }
-
- $retval = self::SUCCESS;
- }
- Hooks::run( 'LoginAuthenticateAudit', [ $u, $this->mPassword, $retval ] );
-
- return $retval;
- }
-
- /**
- * Increment the login attempt throttle hit count for the (username,current IP)
- * tuple unless the throttle was already reached.
- *
- * @since 1.27 Return value changed.
- * @param string $username The user name
- * @return bool|array false if below limit or an array if above limit
- * Array contains keys wait, count, and throttleIndex
- */
- public static function incrementLoginThrottle( $username ) {
- global $wgPasswordAttemptThrottle, $wgRequest;
- $username = User::getCanonicalName( $username, 'usable' ) ?: $username;
-
- $throttleCount = 0;
- if ( is_array( $wgPasswordAttemptThrottle ) ) {
- $throttleConfig = $wgPasswordAttemptThrottle;
- if ( isset( $wgPasswordAttemptThrottle['count'] ) ) {
- // old style. Convert for backwards compat.
- $throttleConfig = [ $wgPasswordAttemptThrottle ];
- }
- foreach ( $throttleConfig as $index => $specificThrottle ) {
- if ( isset( $specificThrottle['allIPs'] ) ) {
- $ip = 'All';
- } else {
- $ip = $wgRequest->getIP();
- }
- $throttleKey = wfGlobalCacheKey( 'password-throttle',
- $index, $ip, md5( $username )
- );
- $count = $specificThrottle['count'];
- $period = $specificThrottle['seconds'];
-
- $cache = ObjectCache::getLocalClusterInstance();
- $throttleCount = $cache->get( $throttleKey );
- if ( !$throttleCount ) {
- $cache->add( $throttleKey, 1, $period ); // start counter
- } elseif ( $throttleCount < $count ) {
- $cache->incr( $throttleKey );
- } elseif ( $throttleCount >= $count ) {
- $logMsg = 'Login attempt rejected because logins to '
- . '{acct} from IP {ip} have been throttled for '
- . '{period} seconds due to {count} failed attempts';
- // If we are hitting a throttle for >= 50 attempts,
- // it is much more likely to be an attack than someone
- // simply forgetting their password, so log it at a
- // higher level.
- $level = $count >= 50 ? LogLevel::WARNING : LogLevel::INFO;
- // It should be noted that once the throttle is hit,
- // every attempt to login will generate the log message
- // until the throttle expires, not just the attempt that
- // puts the throttle over the top.
- LoggerFactory::getInstance( 'password-throttle' )->log(
- $level,
- $logMsg,
- [
- 'ip' => $ip,
- 'period' => $period,
- 'acct' => $username,
- 'count' => $count,
- 'throttleIdentifier' => $index,
- 'method' => __METHOD__
- ]
- );
-
- return [
- 'throttleIndex' => $index,
- 'wait' => $period,
- 'count' => $count
- ];
- }
- }
- }
- return false;
- }
-
- /**
- * Increment the login attempt throttle hit count for the (username,current IP)
- * tuple unless the throttle was already reached.
- *
- * @deprecated Use LoginForm::incrementLoginThrottle instead
- * @param string $username The user name
- * @return bool|int true if above throttle, or 0 (prior to 1.27, returned current count)
- */
- public static function incLoginThrottle( $username ) {
- wfDeprecated( __METHOD__, "1.27" );
- $res = self::incrementLoginThrottle( $username );
- return is_array( $res ) ? true : 0;
- }
-
- /**
- * Clear the login attempt throttle hit count for the (username,current IP) tuple.
- * @param string $username The user name
- * @return void
- */
- public static function clearLoginThrottle( $username ) {
- global $wgRequest, $wgPasswordAttemptThrottle;
- $username = User::getCanonicalName( $username, 'usable' ) ?: $username;
-
- if ( is_array( $wgPasswordAttemptThrottle ) ) {
- $throttleConfig = $wgPasswordAttemptThrottle;
- if ( isset( $wgPasswordAttemptThrottle['count'] ) ) {
- // old style. Convert for backwards compat.
- $throttleConfig = [ $wgPasswordAttemptThrottle ];
- }
- foreach ( $throttleConfig as $index => $specificThrottle ) {
- if ( isset( $specificThrottle['allIPs'] ) ) {
- $ip = 'All';
- } else {
- $ip = $wgRequest->getIP();
- }
- $throttleKey = wfGlobalCacheKey( 'password-throttle', $index,
- $ip, md5( $username )
- );
- ObjectCache::getLocalClusterInstance()->delete( $throttleKey );
- }
- }
- }
-
- /**
- * Attempt to automatically create a user on login. Only succeeds if there
- * is an external authentication method which allows it.
- *
- * @param User $user
- *
- * @return int Status code
- */
- function attemptAutoCreate( $user ) {
- global $wgAuth;
-
- if ( $this->getUser()->isBlockedFromCreateAccount() ) {
- wfDebug( __METHOD__ . ": user is blocked from account creation\n" );
-
- return self::CREATE_BLOCKED;
- }
-
- if ( !$wgAuth->autoCreate() ) {
- return self::NOT_EXISTS;
- }
-
- if ( !$wgAuth->userExists( $user->getName() ) ) {
- wfDebug( __METHOD__ . ": user does not exist\n" );
-
- return self::NOT_EXISTS;
- }
-
- if ( !$wgAuth->authenticate( $user->getName(), $this->mPassword ) ) {
- wfDebug( __METHOD__ . ": \$wgAuth->authenticate() returned false, aborting\n" );
-
- return self::WRONG_PLUGIN_PASS;
- }
-
- $abortError = '';
- if ( !Hooks::run( 'AbortAutoAccount', [ $user, &$abortError ] ) ) {
- // Hook point to add extra creation throttles and blocks
- wfDebug( "LoginForm::attemptAutoCreate: a hook blocked creation: $abortError\n" );
- $this->mAbortLoginErrorMsg = $abortError;
-
- return self::ABORTED;
- }
-
- wfDebug( __METHOD__ . ": creating account\n" );
- $status = $this->initUser( $user, true );
-
- if ( !$status->isOK() ) {
- $errors = $status->getErrorsByType( 'error' );
- $this->mAbortLoginErrorMsg = $errors[0]['message'];
-
- return self::ABORTED;
- }
-
- return self::SUCCESS;
- }
-
- function processLogin() {
- global $wgLang, $wgSecureLogin, $wgInvalidPasswordReset;
-
- $authRes = $this->authenticateUserData();
- switch ( $authRes ) {
- case self::SUCCESS:
- # We've verified now, update the real record
- $user = $this->getUser();
- $user->touch();
-
- if ( $user->requiresHTTPS() ) {
- $this->mStickHTTPS = true;
- }
-
- if ( $wgSecureLogin && !$this->mStickHTTPS ) {
- $user->setCookies( $this->mRequest, false, $this->mRemember );
- } else {
- $user->setCookies( $this->mRequest, null, $this->mRemember );
- }
- self::clearLoginToken();
-
- // Reset the throttle
- self::clearLoginThrottle( $this->mUsername );
-
- $request = $this->getRequest();
- if ( $this->hasSessionCookie() || $this->mSkipCookieCheck ) {
- /* Replace the language object to provide user interface in
- * correct language immediately on this first page load.
- */
- $code = $request->getVal( 'uselang', $user->getOption( 'language' ) );
- $userLang = Language::factory( $code );
- $wgLang = $userLang;
- RequestContext::getMain()->setLanguage( $userLang );
- $this->getContext()->setLanguage( $userLang );
- // Reset SessionID on Successful login (bug 40995)
- $this->renewSessionId();
- if ( $this->checkUserPasswordExpired( $this->getUser() ) == 'soft' ) {
- $this->resetLoginForm( $this->msg( 'resetpass-expired-soft' ) );
- } elseif ( $wgInvalidPasswordReset
- && !$user->isValidPassword( $this->mPassword )
- ) {
- $status = $user->checkPasswordValidity(
- $this->mPassword,
- 'login'
- );
- $this->resetLoginForm(
- $status->getMessage( 'resetpass-validity-soft' )
- );
- } else {
- $this->successfulLogin();
- }
- } else {
- $this->cookieRedirectCheck( 'login' );
- }
- break;
-
- case self::NEED_TOKEN:
- $error = $this->mAbortLoginErrorMsg ?: 'nocookiesforlogin';
- $this->mainLoginForm( $this->msg( $error )->parse() );
- break;
- case self::WRONG_TOKEN:
- $error = $this->mAbortLoginErrorMsg ?: 'sessionfailure';
- $this->mainLoginForm( $this->msg( $error )->text() );
- break;
- case self::NO_NAME:
- case self::ILLEGAL:
- $error = $this->mAbortLoginErrorMsg ?: 'noname';
- $this->mainLoginForm( $this->msg( $error )->text() );
- break;
- case self::WRONG_PLUGIN_PASS:
- $error = $this->mAbortLoginErrorMsg ?: 'wrongpassword';
- $this->mainLoginForm( $this->msg( $error )->text() );
- break;
- case self::NOT_EXISTS:
- if ( $this->getUser()->isAllowed( 'createaccount' ) ) {
- $error = $this->mAbortLoginErrorMsg ?: 'nosuchuser';
- $this->mainLoginForm( $this->msg( $error,
- wfEscapeWikiText( $this->mUsername ) )->parse() );
- } else {
- $error = $this->mAbortLoginErrorMsg ?: 'nosuchusershort';
- $this->mainLoginForm( $this->msg( $error,
- wfEscapeWikiText( $this->mUsername ) )->text() );
- }
- break;
- case self::WRONG_PASS:
- $error = $this->mAbortLoginErrorMsg ?: 'wrongpassword';
- $this->mainLoginForm( $this->msg( $error )->text() );
- break;
- case self::EMPTY_PASS:
- $error = $this->mAbortLoginErrorMsg ?: 'wrongpasswordempty';
- $this->mainLoginForm( $this->msg( $error )->text() );
- break;
- case self::RESET_PASS:
- $error = $this->mAbortLoginErrorMsg ?: 'resetpass_announce';
- $this->resetLoginForm( $this->msg( $error ) );
- break;
- case self::CREATE_BLOCKED:
- $this->userBlockedMessage( $this->getUser()->isBlockedFromCreateAccount() );
- break;
- case self::THROTTLED:
- $error = $this->mAbortLoginErrorMsg ?: 'login-throttled';
- $this->mainLoginForm( $this->msg( $error )
- ->durationParams( $this->mThrottleWait )->text()
- );
- break;
- case self::USER_BLOCKED:
- $error = $this->mAbortLoginErrorMsg ?: 'login-userblocked';
- $this->mainLoginForm( $this->msg( $error, $this->mUsername )->escaped() );
- break;
- case self::ABORTED:
- $error = $this->mAbortLoginErrorMsg ?: 'login-abort-generic';
- $this->mainLoginForm( $this->msg( $error,
- wfEscapeWikiText( $this->mUsername ) )->text() );
- break;
- case self::USER_MIGRATED:
- $error = $this->mAbortLoginErrorMsg ?: 'login-migrated-generic';
- $params = [];
- if ( is_array( $error ) ) {
- $error = array_shift( $this->mAbortLoginErrorMsg );
- $params = $this->mAbortLoginErrorMsg;
- }
- $this->mainLoginForm( $this->msg( $error, $params )->text() );
- break;
- default:
- throw new MWException( 'Unhandled case value' );
- }
-
- LoggerFactory::getInstance( 'authmanager' )->info( 'Login attempt', [
- 'event' => 'login',
- 'successful' => $authRes === self::SUCCESS,
- 'status' => LoginForm::$statusCodes[$authRes],
- ] );
- }
-
- /**
- * Show the Special:ChangePassword form, with custom message
- * @param Message $msg
- */
- protected function resetLoginForm( Message $msg ) {
- // Allow hooks to explain this password reset in more detail
- Hooks::run( 'LoginPasswordResetMessage', [ &$msg, $this->mUsername ] );
- $reset = new SpecialChangePassword();
- $derivative = new DerivativeContext( $this->getContext() );
- $derivative->setTitle( $reset->getPageTitle() );
- $reset->setContext( $derivative );
- if ( !$this->mTempPasswordUsed ) {
- $reset->setOldPasswordMessage( 'oldpassword' );
- }
- $reset->setChangeMessage( $msg );
- $reset->execute( null );
- }
-
- /**
- * @param User $u
- * @param bool $throttle
- * @param string $emailTitle Message name of email title
- * @param string $emailText Message name of email text
- * @return Status
- */
- function mailPasswordInternal( $u, $throttle = true, $emailTitle = 'passwordremindertitle',
- $emailText = 'passwordremindertext'
- ) {
- global $wgNewPasswordExpiry, $wgMinimalPasswordLength;
-
- if ( $u->getEmail() == '' ) {
- return Status::newFatal( 'noemail', $u->getName() );
- }
- $ip = $this->getRequest()->getIP();
- if ( !$ip ) {
- return Status::newFatal( 'badipaddress' );
- }
-
- $currentUser = $this->getUser();
- Hooks::run( 'User::mailPasswordInternal', [ &$currentUser, &$ip, &$u ] );
-
- $np = PasswordFactory::generateRandomPasswordString( $wgMinimalPasswordLength );
- $u->setNewpassword( $np, $throttle );
- $u->saveSettings();
- $userLanguage = $u->getOption( 'language' );
-
- $mainPage = Title::newMainPage();
- $mainPageUrl = $mainPage->getCanonicalURL();
-
- $m = $this->msg( $emailText, $ip, $u->getName(), $np, '<' . $mainPageUrl . '>',
- round( $wgNewPasswordExpiry / 86400 ) )->inLanguage( $userLanguage )->text();
- $result = $u->sendMail( $this->msg( $emailTitle )->inLanguage( $userLanguage )->text(), $m );
-
- return $result;
- }
-
- /**
- * Run any hooks registered for logins, then HTTP redirect to
- * $this->mReturnTo (or Main Page if that's undefined). Formerly we had a
- * nice message here, but that's really not as useful as just being sent to
- * wherever you logged in from. It should be clear that the action was
- * successful, given the lack of error messages plus the appearance of your
- * name in the upper right.
- *
- * @private
- */
- function successfulLogin() {
- # Run any hooks; display injected HTML if any, else redirect
- $currentUser = $this->getUser();
- $injected_html = '';
- Hooks::run( 'UserLoginComplete', [ &$currentUser, &$injected_html ] );
-
- if ( $injected_html !== '' ) {
- $this->displaySuccessfulAction( 'success', $this->msg( 'loginsuccesstitle' ),
- 'loginsuccess', $injected_html );
- } else {
- $this->executeReturnTo( 'successredirect' );
- }
- }
-
- /**
- * Run any hooks registered for logins, then display a message welcoming
- * the user.
- *
- * @private
- */
- function successfulCreation() {
- # Run any hooks; display injected HTML
- $currentUser = $this->getUser();
- $injected_html = '';
- $welcome_creation_msg = 'welcomecreation-msg';
-
- Hooks::run( 'UserLoginComplete', [ &$currentUser, &$injected_html ] );
-
- /**
- * Let any extensions change what message is shown.
- * @see https://www.mediawiki.org/wiki/Manual:Hooks/BeforeWelcomeCreation
- * @since 1.18
- */
- Hooks::run( 'BeforeWelcomeCreation', [ &$welcome_creation_msg, &$injected_html ] );
-
- $this->displaySuccessfulAction(
- 'signup',
- $this->msg( 'welcomeuser', $this->getUser()->getName() ),
- $welcome_creation_msg, $injected_html
- );
- }
-
- /**
- * Display a "successful action" page.
- *
- * @param string $type Condition of return to; see `executeReturnTo`
- * @param string|Message $title Page's title
- * @param string $msgname
- * @param string $injected_html
- */
- private function displaySuccessfulAction( $type, $title, $msgname, $injected_html ) {
- $out = $this->getOutput();
- $out->setPageTitle( $title );
- if ( $msgname ) {
- $out->addWikiMsg( $msgname, wfEscapeWikiText( $this->getUser()->getName() ) );
- }
-
- $out->addHTML( $injected_html );
-
- $this->executeReturnTo( $type );
- }
-
- /**
- * Output a message that informs the user that they cannot create an account because
- * there is a block on them or their IP which prevents account creation. Note that
- * User::isBlockedFromCreateAccount(), which gets this block, ignores the 'hardblock'
- * setting on blocks (bug 13611).
- * @param Block $block The block causing this error
- * @throws ErrorPageError
- */
- function userBlockedMessage( Block $block ) {
- # Let's be nice about this, it's likely that this feature will be used
- # for blocking large numbers of innocent people, e.g. range blocks on
- # schools. Don't blame it on the user. There's a small chance that it
- # really is the user's fault, i.e. the username is blocked and they
- # haven't bothered to log out before trying to create an account to
- # evade it, but we'll leave that to their guilty conscience to figure
- # out.
- $errorParams = [
- $block->getTarget(),
- $block->mReason ? $block->mReason : $this->msg( 'blockednoreason' )->text(),
- $block->getByName()
- ];
-
- if ( $block->getType() === Block::TYPE_RANGE ) {
- $errorMessage = 'cantcreateaccount-range-text';
- $errorParams[] = $this->getRequest()->getIP();
- } else {
- $errorMessage = 'cantcreateaccount-text';
- }
-
- throw new ErrorPageError(
- 'cantcreateaccounttitle',
- $errorMessage,
- $errorParams
- );
- }
-
- /**
- * Add a "return to" link or redirect to it.
- * Extensions can use this to reuse the "return to" logic after
- * inject steps (such as redirection) into the login process.
- *
- * @param string $type One of the following:
- * - error: display a return to link ignoring $wgRedirectOnLogin
- * - signup: display a return to link using $wgRedirectOnLogin if needed
- * - success: display a return to link using $wgRedirectOnLogin if needed
- * - successredirect: send an HTTP redirect using $wgRedirectOnLogin if needed
- * @param string $returnTo
- * @param array|string $returnToQuery
- * @param bool $stickHTTPs Keep redirect link on HTTPs
- * @since 1.22
- */
- public function showReturnToPage(
- $type, $returnTo = '', $returnToQuery = '', $stickHTTPs = false
- ) {
- $this->mReturnTo = $returnTo;
- $this->mReturnToQuery = $returnToQuery;
- $this->mStickHTTPS = $stickHTTPs;
- $this->executeReturnTo( $type );
- }
-
- /**
- * Add a "return to" link or redirect to it.
- *
- * @param string $type One of the following:
- * - error: display a return to link ignoring $wgRedirectOnLogin
- * - signup: display a return to link using $wgRedirectOnLogin if needed
- * - success: display a return to link using $wgRedirectOnLogin if needed
- * - successredirect: send an HTTP redirect using $wgRedirectOnLogin if needed
- */
- private function executeReturnTo( $type ) {
- global $wgRedirectOnLogin, $wgSecureLogin;
-
- if ( $type != 'error' && $wgRedirectOnLogin !== null ) {
- $returnTo = $wgRedirectOnLogin;
- $returnToQuery = [];
- } else {
- $returnTo = $this->mReturnTo;
- $returnToQuery = wfCgiToArray( $this->mReturnToQuery );
- }
-
- // Allow modification of redirect behavior
- Hooks::run( 'PostLoginRedirect', [ &$returnTo, &$returnToQuery, &$type ] );
-
- $returnToTitle = Title::newFromText( $returnTo );
- if ( !$returnToTitle ) {
- $returnToTitle = Title::newMainPage();
- }
-
- if ( $wgSecureLogin && !$this->mStickHTTPS ) {
- $options = [ 'http' ];
- $proto = PROTO_HTTP;
- } elseif ( $wgSecureLogin ) {
- $options = [ 'https' ];
- $proto = PROTO_HTTPS;
- } else {
- $options = [];
- $proto = PROTO_RELATIVE;
- }
-
- if ( $type == 'successredirect' ) {
- $redirectUrl = $returnToTitle->getFullURL( $returnToQuery, false, $proto );
- $this->getOutput()->redirect( $redirectUrl );
- } else {
- $this->getOutput()->addReturnTo( $returnToTitle, $returnToQuery, null, $options );
- }
- }
-
- /**
- * @param string $msg
- * @param string $msgtype
- * @throws ErrorPageError
- * @throws Exception
- * @throws FatalError
- * @throws MWException
- * @throws PermissionsError
- * @throws ReadOnlyError
- * @private
- */
- function mainLoginForm( $msg, $msgtype = 'error' ) {
- global $wgEnableEmail, $wgEnableUserEmail;
- global $wgHiddenPrefs, $wgLoginLanguageSelector;
- global $wgAuth, $wgEmailConfirmToEdit;
- global $wgSecureLogin, $wgPasswordResetRoutes;
- global $wgExtendedLoginCookieExpiration, $wgCookieExpiration;
-
- $titleObj = $this->getPageTitle();
- $user = $this->getUser();
- $out = $this->getOutput();
-
- if ( $this->mType == 'signup' ) {
- // Block signup here if in readonly. Keeps user from
- // going through the process (filling out data, etc)
- // and being informed later.
- $permErrors = $titleObj->getUserPermissionsErrors( 'createaccount', $user, true );
- if ( count( $permErrors ) ) {
- throw new PermissionsError( 'createaccount', $permErrors );
- } elseif ( $user->isBlockedFromCreateAccount() ) {
- $this->userBlockedMessage( $user->isBlockedFromCreateAccount() );
-
- return;
- } elseif ( wfReadOnly() ) {
- throw new ReadOnlyError;
- }
- }
-
- // Pre-fill username (if not creating an account, bug 44775).
- if ( $this->mUsername == '' && $this->mType != 'signup' ) {
- if ( $user->isLoggedIn() ) {
- $this->mUsername = $user->getName();
- } else {
- $this->mUsername = $this->getRequest()->getSession()->suggestLoginUsername();
- }
- }
-
- // Generic styles and scripts for both login and signup form
- $out->addModuleStyles( [
- 'mediawiki.ui',
- 'mediawiki.ui.button',
- 'mediawiki.ui.checkbox',
- 'mediawiki.ui.input',
- 'mediawiki.special.userlogin.common.styles'
- ] );
-
- if ( $this->mType == 'signup' ) {
- // Additional styles and scripts for signup form
- $out->addModules( [
- 'mediawiki.special.userlogin.signup.js'
- ] );
- $out->addModuleStyles( [
- 'mediawiki.special.userlogin.signup.styles'
- ] );
-
- $template = new UsercreateTemplate( $this->getConfig() );
-
- // Must match number of benefits defined in messages
- $template->set( 'benefitCount', 3 );
-
- $q = 'action=submitlogin&type=signup';
- $linkq = 'type=login';
- } else {
- // Additional styles for login form
- $out->addModuleStyles( [
- 'mediawiki.special.userlogin.login.styles'
- ] );
-
- $template = new UserloginTemplate( $this->getConfig() );
-
- $q = 'action=submitlogin&type=login';
- $linkq = 'type=signup';
- }
-
- if ( $this->mReturnTo !== '' ) {
- $returnto = '&returnto=' . wfUrlencode( $this->mReturnTo );
- if ( $this->mReturnToQuery !== '' ) {
- $returnto .= '&returntoquery=' .
- wfUrlencode( $this->mReturnToQuery );
- }
- $q .= $returnto;
- $linkq .= $returnto;
- }
-
- # Don't show a "create account" link if the user can't.
- if ( $this->showCreateOrLoginLink( $user ) ) {
- # Pass any language selection on to the mode switch link
- if ( $wgLoginLanguageSelector && $this->mLanguage ) {
- $linkq .= '&uselang=' . $this->mLanguage;
- }
- // Supply URL, login template creates the button.
- $template->set( 'createOrLoginHref', $titleObj->getLocalURL( $linkq ) );
- } else {
- $template->set( 'link', '' );
- }
-
- $resetLink = $this->mType == 'signup'
- ? null
- : is_array( $wgPasswordResetRoutes ) && in_array( true, array_values( $wgPasswordResetRoutes ) );
-
- $template->set( 'header', '' );
- $template->set( 'formheader', '' );
- $template->set( 'skin', $this->getSkin() );
- $template->set( 'name', $this->mUsername );
- $template->set( 'password', $this->mPassword );
- $template->set( 'retype', $this->mRetype );
- $template->set( 'createemailset', $this->mCreateaccountMail );
- $template->set( 'email', $this->mEmail );
- $template->set( 'realname', $this->mRealName );
- $template->set( 'domain', $this->mDomain );
- $template->set( 'reason', $this->mReason );
-
- $template->set( 'action', $titleObj->getLocalURL( $q ) );
- $template->set( 'message', $msg );
- $template->set( 'messagetype', $msgtype );
- $template->set( 'createemail', $wgEnableEmail && $user->isLoggedIn() );
- $template->set( 'userealname', !in_array( 'realname', $wgHiddenPrefs ) );
- $template->set( 'useemail', $wgEnableEmail );
- $template->set( 'emailrequired', $wgEmailConfirmToEdit );
- $template->set( 'emailothers', $wgEnableUserEmail );
- $template->set( 'canreset', $wgAuth->allowPasswordChange() );
- $template->set( 'resetlink', $resetLink );
- $template->set( 'canremember', $wgExtendedLoginCookieExpiration === null ?
- ( $wgCookieExpiration > 0 ) :
- ( $wgExtendedLoginCookieExpiration > 0 ) );
- $template->set( 'usereason', $user->isLoggedIn() );
- $template->set( 'remember', $this->mRemember );
- $template->set( 'cansecurelogin', ( $wgSecureLogin === true ) );
- $template->set( 'stickhttps', (int)$this->mStickHTTPS );
- $template->set( 'loggedin', $user->isLoggedIn() );
- $template->set( 'loggedinuser', $user->getName() );
-
- if ( $this->mType == 'signup' ) {
- $template->set( 'token', self::getCreateaccountToken()->toString() );
- } else {
- $template->set( 'token', self::getLoginToken()->toString() );
- }
-
- # Prepare language selection links as needed
- if ( $wgLoginLanguageSelector ) {
- $template->set( 'languages', $this->makeLanguageSelector() );
- if ( $this->mLanguage ) {
- $template->set( 'uselang', $this->mLanguage );
- }
- }
-
- $template->set( 'secureLoginUrl', $this->mSecureLoginUrl );
- // Use signupend-https for HTTPS requests if it's not blank, signupend otherwise
- $usingHTTPS = $this->mRequest->getProtocol() == 'https';
- $signupendHTTPS = $this->msg( 'signupend-https' );
- if ( $usingHTTPS && !$signupendHTTPS->isBlank() ) {
- $template->set( 'signupend', $signupendHTTPS->parse() );
- } else {
- $template->set( 'signupend', $this->msg( 'signupend' )->parse() );
- }
-
- // If using HTTPS coming from HTTP, then the 'fromhttp' parameter must be preserved
- if ( $usingHTTPS ) {
- $template->set( 'fromhttp', $this->mFromHTTP );
- }
-
- // Give authentication and captcha plugins a chance to modify the form
- $wgAuth->modifyUITemplate( $template, $this->mType );
- if ( $this->mType == 'signup' ) {
- Hooks::run( 'UserCreateForm', [ &$template ] );
- } else {
- Hooks::run( 'UserLoginForm', [ &$template ] );
- }
-
- $out->disallowUserJs(); // just in case...
- $out->addTemplate( $template );
- }
-
- /**
- * Whether the login/create account form should display a link to the
- * other form (in addition to whatever the skin provides).
- *
- * @param User $user
- * @return bool
- */
- private function showCreateOrLoginLink( &$user ) {
- if ( $this->mType == 'signup' ) {
- return true;
- } elseif ( $user->isAllowed( 'createaccount' ) ) {
- return true;
- } else {
- return false;
- }
- }
-
- /**
- * Check if a session cookie is present.
- *
- * This will not pick up a cookie set during _this_ request, but is meant
- * to ensure that the client is returning the cookie which was set on a
- * previous pass through the system.
- *
- * @private
- * @return bool
- */
- function hasSessionCookie() {
- global $wgDisableCookieCheck, $wgInitialSessionId;
-
- return $wgDisableCookieCheck || (
- $wgInitialSessionId &&
- $this->getRequest()->getSession()->getId() === (string)$wgInitialSessionId
- );
- }
-
- /**
- * Get the login token from the current session
- * @since 1.27 returns a MediaWiki\Session\Token instead of a string
- * @return MediaWiki\Session\Token
- */
- public static function getLoginToken() {
- global $wgRequest;
- return $wgRequest->getSession()->getToken( '', 'login' );
- }
-
- /**
- * Formerly randomly generated a login token that would be returned by
- * $this->getLoginToken().
- *
- * Since 1.27, this is a no-op. The token is generated as necessary by
- * $this->getLoginToken().
- *
- * @deprecated since 1.27
- */
- public static function setLoginToken() {
- wfDeprecated( __METHOD__, '1.27' );
- }
-
- /**
- * Remove any login token attached to the current session
- */
- public static function clearLoginToken() {
- global $wgRequest;
- $wgRequest->getSession()->resetToken( 'login' );
- }
-
- /**
- * Get the createaccount token from the current session
- * @since 1.27 returns a MediaWiki\Session\Token instead of a string
- * @return MediaWiki\Session\Token
- */
- public static function getCreateaccountToken() {
- global $wgRequest;
- return $wgRequest->getSession()->getToken( '', 'createaccount' );
- }
-
- /**
- * Formerly randomly generated a createaccount token that would be returned
- * by $this->getCreateaccountToken().
- *
- * Since 1.27, this is a no-op. The token is generated as necessary by
- * $this->getCreateaccountToken().
- *
- * @deprecated since 1.27
- */
- public static function setCreateaccountToken() {
- wfDeprecated( __METHOD__, '1.27' );
- }
-
- /**
- * Remove any createaccount token attached to the current session
- */
- public static function clearCreateaccountToken() {
- global $wgRequest;
- $wgRequest->getSession()->resetToken( 'createaccount' );
- }
-
- /**
- * Renew the user's session id, using strong entropy
- */
- private function renewSessionId() {
- global $wgSecureLogin, $wgCookieSecure;
- if ( $wgSecureLogin && !$this->mStickHTTPS ) {
- $wgCookieSecure = false;
- }
-
- SessionManager::getGlobalSession()->resetId();
- }
-
- /**
- * @param string $type
- * @private
- */
- function cookieRedirectCheck( $type ) {
- $titleObj = SpecialPage::getTitleFor( 'Userlogin' );
- $query = [ 'wpCookieCheck' => $type ];
- if ( $this->mReturnTo !== '' ) {
- $query['returnto'] = $this->mReturnTo;
- $query['returntoquery'] = $this->mReturnToQuery;
- }
- $check = $titleObj->getFullURL( $query );
-
- $this->getOutput()->redirect( $check );
- }
-
- /**
- * @param string $type
- * @private
- */
- function onCookieRedirectCheck( $type ) {
- if ( !$this->hasSessionCookie() ) {
- if ( $type == 'new' ) {
- $this->mainLoginForm( $this->msg( 'nocookiesnew' )->parse() );
- } elseif ( $type == 'login' ) {
- $this->mainLoginForm( $this->msg( 'nocookieslogin' )->parse() );
- } else {
- # shouldn't happen
- $this->mainLoginForm( $this->msg( 'error' )->text() );
- }
- } else {
- $this->successfulLogin();
- }
- }
-
- /**
- * Produce a bar of links which allow the user to select another language
- * during login/registration but retain "returnto"
- *
- * @return string
- */
- function makeLanguageSelector() {
- $msg = $this->msg( 'loginlanguagelinks' )->inContentLanguage();
- if ( $msg->isBlank() ) {
- return '';
- }
- $langs = explode( "\n", $msg->text() );
- $links = [];
- foreach ( $langs as $lang ) {
- $lang = trim( $lang, '* ' );
- $parts = explode( '|', $lang );
- if ( count( $parts ) >= 2 ) {
- $links[] = $this->makeLanguageSelectorLink( $parts[0], trim( $parts[1] ) );
- }
- }
-
- return count( $links ) > 0 ? $this->msg( 'loginlanguagelabel' )->rawParams(
- $this->getLanguage()->pipeList( $links ) )->escaped() : '';
- }
-
- /**
- * Create a language selector link for a particular language
- * Links back to this page preserving type and returnto
- *
- * @param string $text Link text
- * @param string $lang Language code
- * @return string
- */
- function makeLanguageSelectorLink( $text, $lang ) {
- if ( $this->getLanguage()->getCode() == $lang ) {
- // no link for currently used language
- return htmlspecialchars( $text );
- }
- $query = [ 'uselang' => $lang ];
- if ( $this->mType == 'signup' ) {
- $query['type'] = 'signup';
- }
- if ( $this->mReturnTo !== '' ) {
- $query['returnto'] = $this->mReturnTo;
- $query['returntoquery'] = $this->mReturnToQuery;
- }
-
- $attr = [];
- $targetLanguage = Language::factory( $lang );
- $attr['lang'] = $attr['hreflang'] = $targetLanguage->getHtmlCode();
-
- return Linker::linkKnown(
- $this->getPageTitle(),
- htmlspecialchars( $text ),
- $attr,
- $query
- );
- }
-
- protected function getGroupName() {
- return 'login';
- }
-
- /**
- * Private function to check password expiration, until this is rewritten for AuthManager.
- * @param User $user
- * @return string|bool
- */
- private function checkUserPasswordExpired( User $user ) {
- global $wgPasswordExpireGrace;
- $dbr = wfGetDB( DB_SLAVE );
- $ts = $dbr->selectField( 'user', 'user_password_expires', [ 'user_id' => $user->getId() ] );
-
- $expired = false;
- $now = wfTimestamp();
- $expUnix = wfTimestamp( TS_UNIX, $ts );
- if ( $ts !== null && $expUnix < $now ) {
- $expired = ( $expUnix + $wgPasswordExpireGrace < $now ) ? 'hard' : 'soft';
- }
- return $expired;
- }
-
- protected function getSubpagesForPrefixSearch() {
- return [ 'signup' ];
- }
-}
+++ /dev/null
-<?php
-/**
- * Implements Special:Userlogout
- *
- * This program is free software; you can redistribute it and/or modify
- * it under the terms of the GNU General Public License as published by
- * the Free Software Foundation; either version 2 of the License, or
- * (at your option) any later version.
- *
- * This program is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
- * GNU General Public License for more details.
- *
- * You should have received a copy of the GNU General Public License along
- * with this program; if not, write to the Free Software Foundation, Inc.,
- * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
- * http://www.gnu.org/copyleft/gpl.html
- *
- * @file
- * @ingroup SpecialPage
- */
-
-/**
- * Implements Special:Userlogout
- *
- * @ingroup SpecialPage
- */
-class SpecialUserlogout extends UnlistedSpecialPage {
- function __construct() {
- parent::__construct( 'Userlogout' );
- }
-
- public function doesWrites() {
- return true;
- }
-
- function execute( $par ) {
- /**
- * Some satellite ISPs use broken precaching schemes that log people out straight after
- * they're logged in (bug 17790). Luckily, there's a way to detect such requests.
- */
- if ( isset( $_SERVER['REQUEST_URI'] ) && strpos( $_SERVER['REQUEST_URI'], '&' ) !== false ) {
- wfDebug( "Special:Userlogout request {$_SERVER['REQUEST_URI']} looks suspicious, denying.\n" );
- throw new HttpError( 400, $this->msg( 'suspicious-userlogout' ), $this->msg( 'loginerror' ) );
- }
-
- $this->setHeaders();
- $this->outputHeader();
-
- // Make sure it's possible to log out
- $session = MediaWiki\Session\SessionManager::getGlobalSession();
- if ( !$session->canSetUser() ) {
- throw new ErrorPageError(
- 'cannotlogoutnow-title',
- 'cannotlogoutnow-text',
- [
- $session->getProvider()->describe( RequestContext::getMain()->getLanguage() )
- ]
- );
- }
-
- $user = $this->getUser();
- $oldName = $user->getName();
- $user->logout();
-
- $loginURL = SpecialPage::getTitleFor( 'Userlogin' )->getFullURL(
- $this->getRequest()->getValues( 'returnto', 'returntoquery' ) );
-
- $out = $this->getOutput();
- $out->addWikiMsg( 'logouttext', $loginURL );
-
- // Hook.
- $injected_html = '';
- Hooks::run( 'UserLogoutComplete', [ &$user, &$injected_html, $oldName ] );
- $out->addHTML( $injected_html );
-
- $out->returnToMain();
- }
-
- protected function getGroupName() {
- return 'login';
- }
-}
--- /dev/null
+<?php
+
+/**
+ * Helper functions for the login form that need to be shared with other special pages
+ * (such as CentralAuth's SpecialCentralLogin).
+ * @since 1.27
+ */
+class LoginHelper extends ContextSource {
+ /**
+ * Valid error and warning messages
+ *
+ * Special:Userlogin can show an error or warning message on the form when
+ * coming from another page. This is done via the ?error= or ?warning= GET
+ * parameters.
+ *
+ * This array is the list of valid message keys. Further keys can be added by the
+ * LoginFormValidErrorMessages hook. All other values will be ignored.
+ *
+ * @var string[]
+ */
+ public static $validErrorMessages = [
+ 'exception-nologin-text',
+ 'watchlistanontext',
+ 'changeemail-no-info',
+ 'resetpass-no-info',
+ 'confirmemail_needlogin',
+ 'prefsnologintext2',
+ ];
+
+ /**
+ * Returns an array of all valid error messages.
+ *
+ * @return array
+ * @see LoginHelper::$validErrorMessages
+ */
+ public static function getValidErrorMessages() {
+ static $messages = null;
+ if ( !$messages ) {
+ $messages = self::$validErrorMessages;
+ Hooks::run( 'LoginFormValidErrorMessages', [ &$messages ] );
+ }
+
+ return $messages;
+ }
+
+ public function __construct( IContextSource $context ) {
+ $this->setContext( $context );
+ }
+
+ /**
+ * Show a return link or redirect to it.
+ * Extensions can change where the link should point or inject content into the page
+ * (which will change it from redirect to link mode).
+ *
+ * @param string $type One of the following:
+ * - error: display a return to link ignoring $wgRedirectOnLogin
+ * - success: display a return to link using $wgRedirectOnLogin if needed
+ * - successredirect: send an HTTP redirect using $wgRedirectOnLogin if needed
+ * @param string $returnTo
+ * @param array|string $returnToQuery
+ * @param bool $stickHTTPS Keep redirect link on HTTPS
+ */
+ public function showReturnToPage(
+ $type, $returnTo = '', $returnToQuery = '', $stickHTTPS = false
+ ) {
+ global $wgRedirectOnLogin, $wgSecureLogin;
+
+ if ( $type !== 'error' && $wgRedirectOnLogin !== null ) {
+ $returnTo = $wgRedirectOnLogin;
+ $returnToQuery = [];
+ } elseif ( is_string( $returnToQuery ) ) {
+ $returnToQuery = wfCgiToArray( $returnToQuery );
+ }
+
+ // Allow modification of redirect behavior
+ Hooks::run( 'PostLoginRedirect', [ &$returnTo, &$returnToQuery, &$type ] );
+
+ $returnToTitle = Title::newFromText( $returnTo ) ?: Title::newMainPage();
+
+ if ( $wgSecureLogin && !$stickHTTPS ) {
+ $options = [ 'http' ];
+ $proto = PROTO_HTTP;
+ } elseif ( $wgSecureLogin ) {
+ $options = [ 'https' ];
+ $proto = PROTO_HTTPS;
+ } else {
+ $options = [];
+ $proto = PROTO_RELATIVE;
+ }
+
+ if ( $type === 'successredirect' ) {
+ $redirectUrl = $returnToTitle->getFullURL( $returnToQuery, false, $proto );
+ $this->getOutput()->redirect( $redirectUrl );
+ } else {
+ $this->getOutput()->addReturnTo( $returnToTitle, $returnToQuery, null, $options );
+ }
+ }
+}
--- /dev/null
+This directory temporarily hosts pre-AuthManager code as a way of feature-flagging.
+Class names are postfixed with 'PreAuthManager' and SpecialPageFactory adds/removes
+that postfix based on the feature flag.
+
+This is a horrible hack that will only be in place for a few weeks, to allow instant
+rollback while AuthManager is tested in WMF production and major problems are ironed
+out. In the past such issues have been handled via deployment branches, but that
+meant blocking the work of all WMF developers from being deployed. This is hoped
+to be a less disruptive method.
+
--- /dev/null
+<?php
+/**
+ * Implements Special:ChangeEmail
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License along
+ * with this program; if not, write to the Free Software Foundation, Inc.,
+ * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
+ * http://www.gnu.org/copyleft/gpl.html
+ *
+ * @file
+ * @ingroup SpecialPage
+ */
+
+/**
+ * Let users change their email address.
+ *
+ * @ingroup SpecialPage
+ */
+class SpecialChangeEmailPreAuthManager extends FormSpecialPage {
+ /**
+ * @var Status
+ */
+ private $status;
+
+ public function __construct() {
+ parent::__construct( 'ChangeEmail', 'editmyprivateinfo' );
+ }
+
+ public function doesWrites() {
+ return true;
+ }
+
+ /**
+ * @return bool
+ */
+ public function isListed() {
+ global $wgAuth;
+
+ return $wgAuth->allowPropChange( 'emailaddress' );
+ }
+
+ /**
+ * Main execution point
+ * @param string $par
+ */
+ function execute( $par ) {
+ $out = $this->getOutput();
+ $out->disallowUserJs();
+
+ parent::execute( $par );
+ }
+
+ protected function checkExecutePermissions( User $user ) {
+ global $wgAuth;
+
+ if ( !$wgAuth->allowPropChange( 'emailaddress' ) ) {
+ throw new ErrorPageError( 'changeemail', 'cannotchangeemail' );
+ }
+
+ $this->requireLogin( 'changeemail-no-info' );
+
+ // This could also let someone check the current email address, so
+ // require both permissions.
+ if ( !$this->getUser()->isAllowed( 'viewmyprivateinfo' ) ) {
+ throw new PermissionsError( 'viewmyprivateinfo' );
+ }
+
+ parent::checkExecutePermissions( $user );
+ }
+
+ protected function getFormFields() {
+ $user = $this->getUser();
+
+ $fields = [
+ 'Name' => [
+ 'type' => 'info',
+ 'label-message' => 'username',
+ 'default' => $user->getName(),
+ ],
+ 'OldEmail' => [
+ 'type' => 'info',
+ 'label-message' => 'changeemail-oldemail',
+ 'default' => $user->getEmail() ?: $this->msg( 'changeemail-none' )->text(),
+ ],
+ 'NewEmail' => [
+ 'type' => 'email',
+ 'label-message' => 'changeemail-newemail',
+ 'autofocus' => true,
+ 'help-message' => 'changeemail-newemail-help',
+ ],
+ ];
+
+ if ( $this->getConfig()->get( 'RequirePasswordforEmailChange' ) ) {
+ $fields['Password'] = [
+ 'type' => 'password',
+ 'label-message' => 'changeemail-password'
+ ];
+ }
+
+ return $fields;
+ }
+
+ protected function getDisplayFormat() {
+ return 'ooui';
+ }
+
+ protected function alterForm( HTMLForm $form ) {
+ $form->setId( 'mw-changeemail-form' );
+ $form->setTableId( 'mw-changeemail-table' );
+ $form->setSubmitTextMsg( 'changeemail-submit' );
+ $form->addHiddenFields( $this->getRequest()->getValues( 'returnto', 'returntoquery' ) );
+
+ $form->addHeaderText( $this->msg( 'changeemail-header' )->parseAsBlock() );
+ if ( $this->getConfig()->get( 'RequirePasswordforEmailChange' ) ) {
+ $form->addHeaderText( $this->msg( 'changeemail-passwordrequired' )->parseAsBlock() );
+ }
+ }
+
+ public function onSubmit( array $data ) {
+ $password = isset( $data['Password'] ) ? $data['Password'] : null;
+ $status = $this->attemptChange( $this->getUser(), $password, $data['NewEmail'] );
+
+ $this->status = $status;
+
+ return $status;
+ }
+
+ public function onSuccess() {
+ $request = $this->getRequest();
+
+ $returnto = $request->getVal( 'returnto' );
+ $titleObj = $returnto !== null ? Title::newFromText( $returnto ) : null;
+ if ( !$titleObj instanceof Title ) {
+ $titleObj = Title::newMainPage();
+ }
+ $query = $request->getVal( 'returntoquery' );
+
+ if ( $this->status->value === true ) {
+ $this->getOutput()->redirect( $titleObj->getFullURL( $query ) );
+ } elseif ( $this->status->value === 'eauth' ) {
+ # Notify user that a confirmation email has been sent...
+ $this->getOutput()->wrapWikiMsg( "<div class='error' style='clear: both;'>\n$1\n</div>",
+ 'eauthentsent', $this->getUser()->getName() );
+ // just show the link to go back
+ $this->getOutput()->addReturnTo( $titleObj, wfCgiToArray( $query ) );
+ }
+ }
+
+ /**
+ * @param User $user
+ * @param string $pass
+ * @param string $newaddr
+ * @return Status
+ */
+ private function attemptChange( User $user, $pass, $newaddr ) {
+ global $wgAuth;
+
+ if ( $newaddr != '' && !Sanitizer::validateEmail( $newaddr ) ) {
+ return Status::newFatal( 'invalidemailaddress' );
+ }
+
+ if ( $newaddr === $user->getEmail() ) {
+ return Status::newFatal( 'changeemail-nochange' );
+ }
+
+ $throttleInfo = LoginForm::incrementLoginThrottle( $user->getName() );
+ if ( $throttleInfo ) {
+ $lang = $this->getLanguage();
+ return Status::newFatal(
+ 'changeemail-throttled',
+ $lang->formatDuration( $throttleInfo['wait'] )
+ );
+ }
+
+ if ( $this->getConfig()->get( 'RequirePasswordforEmailChange' )
+ && !$user->checkTemporaryPassword( $pass )
+ && !$user->checkPassword( $pass )
+ ) {
+ return Status::newFatal( 'wrongpassword' );
+ }
+
+ LoginForm::clearLoginThrottle( $user->getName() );
+
+ $oldaddr = $user->getEmail();
+ $status = $user->setEmailWithConfirmation( $newaddr );
+ if ( !$status->isGood() ) {
+ return $status;
+ }
+
+ Hooks::run( 'PrefsEmailAudit', [ $user, $oldaddr, $newaddr ] );
+
+ $user->saveSettings();
+
+ $wgAuth->updateExternalDB( $user );
+
+ return $status;
+ }
+
+ public function requiresUnblock() {
+ return false;
+ }
+
+ protected function getGroupName() {
+ return 'users';
+ }
+}
--- /dev/null
+<?php
+/**
+ * Implements Special:ChangePassword
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License along
+ * with this program; if not, write to the Free Software Foundation, Inc.,
+ * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
+ * http://www.gnu.org/copyleft/gpl.html
+ *
+ * @file
+ * @ingroup SpecialPage
+ */
+
+/**
+ * Let users recover their password.
+ *
+ * @ingroup SpecialPage
+ */
+class SpecialChangePasswordPreAuthManager extends FormSpecialPage {
+ protected $mUserName;
+ protected $mDomain;
+
+ // Optional Wikitext Message to show above the password change form
+ protected $mPreTextMessage = null;
+
+ // label for old password input
+ protected $mOldPassMsg = null;
+
+ public function __construct() {
+ parent::__construct( 'ChangePassword', 'editmyprivateinfo' );
+ $this->listed( false );
+ }
+
+ public function doesWrites() {
+ return true;
+ }
+
+ /**
+ * Main execution point
+ * @param string|null $par
+ */
+ function execute( $par ) {
+ $this->getOutput()->disallowUserJs();
+
+ parent::execute( $par );
+ }
+
+ protected function checkExecutePermissions( User $user ) {
+ parent::checkExecutePermissions( $user );
+
+ if ( !$this->getRequest()->wasPosted() ) {
+ $this->requireLogin( 'resetpass-no-info' );
+ }
+ }
+
+ /**
+ * Set a message at the top of the Change Password form
+ * @since 1.23
+ * @param Message $msg Message to parse and add to the form header
+ */
+ public function setChangeMessage( Message $msg ) {
+ $this->mPreTextMessage = $msg;
+ }
+
+ /**
+ * Set a message at the top of the Change Password form
+ * @since 1.23
+ * @param string $msg Message label for old/temp password field
+ */
+ public function setOldPasswordMessage( $msg ) {
+ $this->mOldPassMsg = $msg;
+ }
+
+ protected function getFormFields() {
+ $user = $this->getUser();
+ $request = $this->getRequest();
+
+ $oldpassMsg = $this->mOldPassMsg;
+ if ( $oldpassMsg === null ) {
+ $oldpassMsg = $user->isLoggedIn() ? 'oldpassword' : 'resetpass-temp-password';
+ }
+
+ $fields = [
+ 'Name' => [
+ 'type' => 'info',
+ 'label-message' => 'username',
+ 'default' => $request->getVal( 'wpName', $user->getName() ),
+ ],
+ 'Password' => [
+ 'type' => 'password',
+ 'label-message' => $oldpassMsg,
+ ],
+ 'NewPassword' => [
+ 'type' => 'password',
+ 'label-message' => 'newpassword',
+ ],
+ 'Retype' => [
+ 'type' => 'password',
+ 'label-message' => 'retypenew',
+ ],
+ ];
+
+ if ( !$this->getUser()->isLoggedIn() ) {
+ $fields['LoginOnChangeToken'] = [
+ 'type' => 'hidden',
+ 'label' => 'Change Password Token',
+ 'default' => LoginForm::getLoginToken()->toString(),
+ ];
+ }
+
+ $extraFields = [];
+ Hooks::run( 'ChangePasswordForm', [ &$extraFields ] );
+ foreach ( $extraFields as $extra ) {
+ list( $name, $label, $type, $default ) = $extra;
+ $fields[$name] = [
+ 'type' => $type,
+ 'name' => $name,
+ 'label-message' => $label,
+ 'default' => $default,
+ ];
+ }
+
+ if ( !$user->isLoggedIn() ) {
+ $fields['Remember'] = [
+ 'type' => 'check',
+ 'label' => $this->msg( 'remembermypassword' )
+ ->numParams(
+ ceil( $this->getConfig()->get( 'CookieExpiration' ) / ( 3600 * 24 ) )
+ )->text(),
+ 'default' => $request->getVal( 'wpRemember' ),
+ ];
+ }
+
+ return $fields;
+ }
+
+ protected function alterForm( HTMLForm $form ) {
+ $form->setId( 'mw-resetpass-form' );
+ $form->setTableId( 'mw-resetpass-table' );
+ $form->setWrapperLegendMsg( 'resetpass_header' );
+ $form->setSubmitTextMsg(
+ $this->getUser()->isLoggedIn()
+ ? 'resetpass-submit-loggedin'
+ : 'resetpass_submit'
+ );
+ $form->addButton( [
+ 'name' => 'wpCancel',
+ 'value' => $this->msg( 'resetpass-submit-cancel' )->text()
+ ] );
+ $form->setHeaderText( $this->msg( 'resetpass_text' )->parseAsBlock() );
+ if ( $this->mPreTextMessage instanceof Message ) {
+ $form->addPreText( $this->mPreTextMessage->parseAsBlock() );
+ }
+ $form->addHiddenFields(
+ $this->getRequest()->getValues( 'wpName', 'wpDomain', 'returnto', 'returntoquery' ) );
+ }
+
+ public function onSubmit( array $data ) {
+ global $wgAuth;
+
+ $request = $this->getRequest();
+
+ if ( $request->getCheck( 'wpLoginToken' ) ) {
+ // This comes from Special:Userlogin when logging in with a temporary password
+ return false;
+ }
+
+ if ( !$this->getUser()->isLoggedIn()
+ && !LoginForm::getLoginToken()->match( $request->getVal( 'wpLoginOnChangeToken' ) )
+ ) {
+ // Potential CSRF (bug 62497)
+ return false;
+ }
+
+ if ( $request->getCheck( 'wpCancel' ) ) {
+ $returnto = $request->getVal( 'returnto' );
+ $titleObj = $returnto !== null ? Title::newFromText( $returnto ) : null;
+ if ( !$titleObj instanceof Title ) {
+ $titleObj = Title::newMainPage();
+ }
+ $query = $request->getVal( 'returntoquery' );
+ $this->getOutput()->redirect( $titleObj->getFullURL( $query ) );
+
+ return true;
+ }
+
+ $this->mUserName = $request->getVal( 'wpName', $this->getUser()->getName() );
+ $this->mDomain = $wgAuth->getDomain();
+
+ if ( !$wgAuth->allowPasswordChange() ) {
+ throw new ErrorPageError( 'changepassword', 'resetpass_forbidden' );
+ }
+
+ $status = $this->attemptReset( $data['Password'], $data['NewPassword'], $data['Retype'] );
+
+ return $status;
+ }
+
+ public function onSuccess() {
+ if ( $this->getUser()->isLoggedIn() ) {
+ $this->getOutput()->wrapWikiMsg(
+ "<div class=\"successbox\">\n$1\n</div>",
+ 'changepassword-success'
+ );
+ $this->getOutput()->returnToMain();
+ } else {
+ $request = $this->getRequest();
+ LoginForm::clearLoginToken();
+ $token = LoginForm::getLoginToken()->toString();
+ $data = [
+ 'action' => 'submitlogin',
+ 'wpName' => $this->mUserName,
+ 'wpDomain' => $this->mDomain,
+ 'wpLoginToken' => $token,
+ 'wpPassword' => $request->getVal( 'wpNewPassword' ),
+ ] + $request->getValues( 'wpRemember', 'returnto', 'returntoquery' );
+ $login = new LoginForm( new DerivativeRequest( $request, $data, true ) );
+ $login->setContext( $this->getContext() );
+ $login->execute( null );
+ }
+ }
+
+ /**
+ * Checks the new password if it meets the requirements for passwords and set
+ * it as a current password, otherwise set the passed Status object to fatal
+ * and doesn't change anything
+ *
+ * @param string $oldpass The current (temporary) password.
+ * @param string $newpass The password to set.
+ * @param string $retype The string of the retype password field to check with newpass
+ * @return Status
+ */
+ protected function attemptReset( $oldpass, $newpass, $retype ) {
+ $isSelf = ( $this->mUserName === $this->getUser()->getName() );
+ if ( $isSelf ) {
+ $user = $this->getUser();
+ } else {
+ $user = User::newFromName( $this->mUserName );
+ }
+
+ if ( !$user || $user->isAnon() ) {
+ return Status::newFatal( $this->msg( 'nosuchusershort', $this->mUserName ) );
+ }
+
+ if ( $newpass !== $retype ) {
+ Hooks::run( 'PrefsPasswordAudit', [ $user, $newpass, 'badretype' ] );
+ return Status::newFatal( $this->msg( 'badretype' ) );
+ }
+
+ $throttleInfo = LoginForm::incrementLoginThrottle( $this->mUserName );
+ if ( $throttleInfo ) {
+ return Status::newFatal( $this->msg( 'changepassword-throttled' )
+ ->durationParams( $throttleInfo['wait'] )
+ );
+ }
+
+ // @todo Make these separate messages, since the message is written for both cases
+ if ( !$user->checkTemporaryPassword( $oldpass ) && !$user->checkPassword( $oldpass ) ) {
+ Hooks::run( 'PrefsPasswordAudit', [ $user, $newpass, 'wrongpassword' ] );
+ return Status::newFatal( $this->msg( 'resetpass-wrong-oldpass' ) );
+ }
+
+ // User is resetting their password to their old password
+ if ( $oldpass === $newpass ) {
+ return Status::newFatal( $this->msg( 'resetpass-recycled' ) );
+ }
+
+ // Do AbortChangePassword after checking mOldpass, so we don't leak information
+ // by possibly aborting a new password before verifying the old password.
+ $abortMsg = 'resetpass-abort-generic';
+ if ( !Hooks::run( 'AbortChangePassword', [ $user, $oldpass, $newpass, &$abortMsg ] ) ) {
+ Hooks::run( 'PrefsPasswordAudit', [ $user, $newpass, 'abortreset' ] );
+ return Status::newFatal( $this->msg( $abortMsg ) );
+ }
+
+ // Please reset throttle for successful logins, thanks!
+ LoginForm::clearLoginThrottle( $this->mUserName );
+
+ try {
+ $user->setPassword( $newpass );
+ Hooks::run( 'PrefsPasswordAudit', [ $user, $newpass, 'success' ] );
+ } catch ( PasswordError $e ) {
+ Hooks::run( 'PrefsPasswordAudit', [ $user, $newpass, 'error' ] );
+ return Status::newFatal( new RawMessage( $e->getMessage() ) );
+ }
+
+ if ( $isSelf ) {
+ // This is needed to keep the user connected since
+ // changing the password also modifies the user's token.
+ $remember = $this->getRequest()->getCookie( 'Token' ) !== null;
+ $user->setCookies( null, null, $remember );
+ }
+ $user->saveSettings();
+ $this->resetPasswordExpiration( $user );
+ return Status::newGood();
+ }
+
+ public function requiresUnblock() {
+ return false;
+ }
+
+ protected function getGroupName() {
+ return 'users';
+ }
+
+ /**
+ * For resetting user password expiration, until AuthManager comes along
+ * @param User $user
+ */
+ private function resetPasswordExpiration( User $user ) {
+ global $wgPasswordExpirationDays;
+ $newExpire = null;
+ if ( $wgPasswordExpirationDays ) {
+ $newExpire = wfTimestamp(
+ TS_MW,
+ time() + ( $wgPasswordExpirationDays * 24 * 3600 )
+ );
+ }
+ // Give extensions a chance to force an expiration
+ Hooks::run( 'ResetPasswordExpiration', [ $this, &$newExpire ] );
+ $dbw = wfGetDB( DB_MASTER );
+ $dbw->update(
+ 'user',
+ [ 'user_password_expires' => $dbw->timestampOrNull( $newExpire ) ],
+ [ 'user_id' => $user->getId() ],
+ __METHOD__
+ );
+ }
+
+ protected function getDisplayFormat() {
+ return 'ooui';
+ }
+}
--- /dev/null
+<?php
+/**
+ * Redirect page: Special:CreateAccount --> Special:UserLogin/signup.
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License along
+ * with this program; if not, write to the Free Software Foundation, Inc.,
+ * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
+ * http://www.gnu.org/copyleft/gpl.html
+ *
+ * @file
+ * @ingroup SpecialPage
+ */
+
+/**
+ * Redirect page: Special:CreateAccount --> Special:UserLogin/signup.
+ * @todo FIXME: This (and the rest of the login frontend) needs to die a horrible painful death
+ *
+ * @ingroup SpecialPage
+ */
+class SpecialCreateAccountPreAuthManager extends SpecialRedirectToSpecial {
+ function __construct() {
+ parent::__construct(
+ 'CreateAccount',
+ 'Userlogin',
+ 'signup',
+ [ 'returnto', 'returntoquery', 'uselang' ]
+ );
+ }
+
+ public function doesWrites() {
+ return true;
+ }
+
+ // No reason to hide this link on Special:Specialpages
+ public function isListed() {
+ return true;
+ }
+
+ public function isRestricted() {
+ return !User::groupHasPermission( '*', 'createaccount' );
+ }
+
+ public function userCanExecute( User $user ) {
+ return $user->isAllowed( 'createaccount' );
+ }
+
+ protected function getGroupName() {
+ return 'login';
+ }
+}
--- /dev/null
+<?php
+/**
+ * Implements Special:PasswordReset
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License along
+ * with this program; if not, write to the Free Software Foundation, Inc.,
+ * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
+ * http://www.gnu.org/copyleft/gpl.html
+ *
+ * @file
+ * @ingroup SpecialPage
+ */
+
+/**
+ * Special page for requesting a password reset email
+ *
+ * @ingroup SpecialPage
+ */
+class SpecialPasswordResetPreAuthManager extends FormSpecialPage {
+ /**
+ * @var Message
+ */
+ private $email;
+
+ /**
+ * @var User
+ */
+ private $firstUser;
+
+ /**
+ * @var Status
+ */
+ private $result;
+
+ /**
+ * @var string $method Identifies which password reset field was specified by the user.
+ */
+ private $method;
+
+ public function __construct() {
+ parent::__construct( 'PasswordReset', 'editmyprivateinfo' );
+ }
+
+ public function doesWrites() {
+ return true;
+ }
+
+ public function userCanExecute( User $user ) {
+ return $this->canChangePassword( $user ) === true && parent::userCanExecute( $user );
+ }
+
+ public function checkExecutePermissions( User $user ) {
+ $error = $this->canChangePassword( $user );
+ if ( is_string( $error ) ) {
+ throw new ErrorPageError( 'internalerror', $error );
+ } elseif ( !$error ) {
+ throw new ErrorPageError( 'internalerror', 'resetpass_forbidden' );
+ }
+
+ parent::checkExecutePermissions( $user );
+ }
+
+ protected function getFormFields() {
+ global $wgAuth;
+ $resetRoutes = $this->getConfig()->get( 'PasswordResetRoutes' );
+ $a = [];
+ if ( isset( $resetRoutes['username'] ) && $resetRoutes['username'] ) {
+ $a['Username'] = [
+ 'type' => 'text',
+ 'label-message' => 'passwordreset-username',
+ ];
+
+ if ( $this->getUser()->isLoggedIn() ) {
+ $a['Username']['default'] = $this->getUser()->getName();
+ }
+ }
+
+ if ( isset( $resetRoutes['email'] ) && $resetRoutes['email'] ) {
+ $a['Email'] = [
+ 'type' => 'email',
+ 'label-message' => 'passwordreset-email',
+ ];
+ }
+
+ if ( isset( $resetRoutes['domain'] ) && $resetRoutes['domain'] ) {
+ $domains = $wgAuth->domainList();
+ $a['Domain'] = [
+ 'type' => 'select',
+ 'options' => $domains,
+ 'label-message' => 'passwordreset-domain',
+ ];
+ }
+
+ if ( $this->getUser()->isAllowed( 'passwordreset' ) ) {
+ $a['Capture'] = [
+ 'type' => 'check',
+ 'label-message' => 'passwordreset-capture',
+ 'help-message' => 'passwordreset-capture-help',
+ ];
+ }
+
+ return $a;
+ }
+
+ protected function getDisplayFormat() {
+ return 'ooui';
+ }
+
+ public function alterForm( HTMLForm $form ) {
+ $resetRoutes = $this->getConfig()->get( 'PasswordResetRoutes' );
+
+ $form->addHiddenFields( $this->getRequest()->getValues( 'returnto', 'returntoquery' ) );
+
+ $i = 0;
+ if ( isset( $resetRoutes['username'] ) && $resetRoutes['username'] ) {
+ $i++;
+ }
+ if ( isset( $resetRoutes['email'] ) && $resetRoutes['email'] ) {
+ $i++;
+ }
+ if ( isset( $resetRoutes['domain'] ) && $resetRoutes['domain'] ) {
+ $i++;
+ }
+
+ $message = ( $i > 1 ) ? 'passwordreset-text-many' : 'passwordreset-text-one';
+
+ $form->setHeaderText( $this->msg( $message, $i )->parseAsBlock() );
+ $form->setSubmitTextMsg( 'mailmypassword' );
+ }
+
+ /**
+ * Process the form. At this point we know that the user passes all the criteria in
+ * userCanExecute(), and if the data array contains 'Username', etc, then Username
+ * resets are allowed.
+ * @param array $data
+ * @throws MWException
+ * @throws ThrottledError|PermissionsError
+ * @return bool|array
+ */
+ public function onSubmit( array $data ) {
+ global $wgAuth, $wgMinimalPasswordLength;
+
+ if ( isset( $data['Domain'] ) ) {
+ if ( $wgAuth->validDomain( $data['Domain'] ) ) {
+ $wgAuth->setDomain( $data['Domain'] );
+ } else {
+ $wgAuth->setDomain( 'invaliddomain' );
+ }
+ }
+
+ if ( isset( $data['Capture'] ) && !$this->getUser()->isAllowed( 'passwordreset' ) ) {
+ // The user knows they don't have the passwordreset permission,
+ // but they tried to spoof the form. That's naughty
+ throw new PermissionsError( 'passwordreset' );
+ }
+
+ /**
+ * @var $firstUser User
+ * @var $users User[]
+ */
+
+ if ( isset( $data['Username'] ) && $data['Username'] !== '' ) {
+ $method = 'username';
+ $users = [ User::newFromName( $data['Username'] ) ];
+ } elseif ( isset( $data['Email'] )
+ && $data['Email'] !== ''
+ && Sanitizer::validateEmail( $data['Email'] )
+ ) {
+ $method = 'email';
+ $res = wfGetDB( DB_SLAVE )->select(
+ 'user',
+ User::selectFields(),
+ [ 'user_email' => $data['Email'] ],
+ __METHOD__
+ );
+
+ if ( $res ) {
+ $users = [];
+
+ foreach ( $res as $row ) {
+ $users[] = User::newFromRow( $row );
+ }
+ } else {
+ // Some sort of database error, probably unreachable
+ throw new MWException( 'Unknown database error in ' . __METHOD__ );
+ }
+ } else {
+ // The user didn't supply any data
+ return false;
+ }
+
+ // Check for hooks (captcha etc), and allow them to modify the users list
+ $error = [];
+ if ( !Hooks::run( 'SpecialPasswordResetOnSubmit', [ &$users, $data, &$error ] ) ) {
+ return [ $error ];
+ }
+
+ $this->method = $method;
+
+ if ( count( $users ) == 0 ) {
+ if ( $method == 'email' ) {
+ // Don't reveal whether or not an email address is in use
+ return true;
+ } else {
+ return [ 'noname' ];
+ }
+ }
+
+ $firstUser = $users[0];
+
+ if ( !$firstUser instanceof User || !$firstUser->getId() ) {
+ // Don't parse username as wikitext (bug 65501)
+ return [ [ 'nosuchuser', wfEscapeWikiText( $data['Username'] ) ] ];
+ }
+
+ // Check against the rate limiter
+ if ( $this->getUser()->pingLimiter( 'mailpassword' ) ) {
+ throw new ThrottledError;
+ }
+
+ // Check against password throttle
+ foreach ( $users as $user ) {
+ if ( $user->isPasswordReminderThrottled() ) {
+
+ # Round the time in hours to 3 d.p., in case someone is specifying
+ # minutes or seconds.
+ return [ [
+ 'throttled-mailpassword',
+ round( $this->getConfig()->get( 'PasswordReminderResendTime' ), 3 )
+ ] ];
+ }
+ }
+
+ // All the users will have the same email address
+ if ( $firstUser->getEmail() == '' ) {
+ // This won't be reachable from the email route, so safe to expose the username
+ return [ [ 'noemail', wfEscapeWikiText( $firstUser->getName() ) ] ];
+ }
+
+ // We need to have a valid IP address for the hook, but per bug 18347, we should
+ // send the user's name if they're logged in.
+ $ip = $this->getRequest()->getIP();
+ if ( !$ip ) {
+ return [ 'badipaddress' ];
+ }
+ $caller = $this->getUser();
+ Hooks::run( 'User::mailPasswordInternal', [ &$caller, &$ip, &$firstUser ] );
+ $username = $caller->getName();
+ $msg = IP::isValid( $username )
+ ? 'passwordreset-emailtext-ip'
+ : 'passwordreset-emailtext-user';
+
+ // Send in the user's language; which should hopefully be the same
+ $userLanguage = $firstUser->getOption( 'language' );
+
+ $passwords = [];
+ foreach ( $users as $user ) {
+ $password = PasswordFactory::generateRandomPasswordString( $wgMinimalPasswordLength );
+ $user->setNewpassword( $password );
+ $user->saveSettings();
+ $passwords[] = $this->msg( 'passwordreset-emailelement', $user->getName(), $password )
+ ->inLanguage( $userLanguage )->text(); // We'll escape the whole thing later
+ }
+ $passwordBlock = implode( "\n\n", $passwords );
+
+ $this->email = $this->msg( $msg )->inLanguage( $userLanguage );
+ $this->email->params(
+ $username,
+ $passwordBlock,
+ count( $passwords ),
+ '<' . Title::newMainPage()->getCanonicalURL() . '>',
+ round( $this->getConfig()->get( 'NewPasswordExpiry' ) / 86400 )
+ );
+
+ $title = $this->msg( 'passwordreset-emailtitle' )->inLanguage( $userLanguage );
+
+ $this->result = $firstUser->sendMail( $title->text(), $this->email->text() );
+
+ if ( isset( $data['Capture'] ) && $data['Capture'] ) {
+ // Save the user, will be used if an error occurs when sending the email
+ $this->firstUser = $firstUser;
+ } else {
+ // Blank the email if the user is not supposed to see it
+ $this->email = null;
+ }
+
+ if ( $this->result->isGood() ) {
+ return true;
+ } elseif ( isset( $data['Capture'] ) && $data['Capture'] ) {
+ // The email didn't send, but maybe they knew that and that's why they captured it
+ return true;
+ } else {
+ // @todo FIXME: The email wasn't sent, but we have already set
+ // the password throttle timestamp, so they won't be able to try
+ // again until it expires... :(
+ return [ [ 'mailerror', $this->result->getMessage() ] ];
+ }
+ }
+
+ public function onSuccess() {
+ if ( $this->getUser()->isAllowed( 'passwordreset' ) && $this->email != null ) {
+ // @todo Logging
+
+ if ( $this->result->isGood() ) {
+ $this->getOutput()->addWikiMsg( 'passwordreset-emailsent-capture' );
+ } else {
+ $this->getOutput()->addWikiMsg( 'passwordreset-emailerror-capture',
+ $this->result->getMessage(), $this->firstUser->getName() );
+ }
+
+ $this->getOutput()->addHTML( Html::rawElement( 'pre', [], $this->email->escaped() ) );
+ }
+
+ if ( $this->method === 'email' ) {
+ $this->getOutput()->addWikiMsg( 'passwordreset-emailsentemail' );
+ } else {
+ $this->getOutput()->addWikiMsg( 'passwordreset-emailsentusername' );
+ }
+
+ $this->getOutput()->returnToMain();
+ }
+
+ protected function canChangePassword( User $user ) {
+ global $wgAuth;
+ $resetRoutes = $this->getConfig()->get( 'PasswordResetRoutes' );
+
+ // Maybe password resets are disabled, or there are no allowable routes
+ if ( !is_array( $resetRoutes ) ||
+ !in_array( true, array_values( $resetRoutes ) )
+ ) {
+ return 'passwordreset-disabled';
+ }
+
+ // Maybe the external auth plugin won't allow local password changes
+ if ( !$wgAuth->allowPasswordChange() ) {
+ return 'resetpass_forbidden';
+ }
+
+ // Maybe email features have been disabled
+ if ( !$this->getConfig()->get( 'EnableEmail' ) ) {
+ return 'passwordreset-emaildisabled';
+ }
+
+ // Maybe the user is blocked (check this here rather than relying on the parent
+ // method as we have a more specific error message to use here
+ if ( $user->isBlocked() ) {
+ return 'blocked-mailpassword';
+ }
+
+ return true;
+ }
+
+ /**
+ * Hide the password reset page if resets are disabled.
+ * @return bool
+ */
+ function isListed() {
+ if ( $this->canChangePassword( $this->getUser() ) === true ) {
+ return parent::isListed();
+ }
+
+ return false;
+ }
+
+ protected function getGroupName() {
+ return 'users';
+ }
+}
--- /dev/null
+<?php
+/**
+ * Implements Special:UserLogin
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License along
+ * with this program; if not, write to the Free Software Foundation, Inc.,
+ * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
+ * http://www.gnu.org/copyleft/gpl.html
+ *
+ * @file
+ * @ingroup SpecialPage
+ */
+use MediaWiki\Logger\LoggerFactory;
+use Psr\Log\LogLevel;
+use MediaWiki\Session\SessionManager;
+
+/**
+ * Implements Special:UserLogin
+ *
+ * @ingroup SpecialPage
+ */
+class LoginFormPreAuthManager extends SpecialPage {
+ const SUCCESS = 0;
+ const NO_NAME = 1;
+ const ILLEGAL = 2;
+ const WRONG_PLUGIN_PASS = 3;
+ const NOT_EXISTS = 4;
+ const WRONG_PASS = 5;
+ const EMPTY_PASS = 6;
+ const RESET_PASS = 7;
+ const ABORTED = 8;
+ const CREATE_BLOCKED = 9;
+ const THROTTLED = 10;
+ const USER_BLOCKED = 11;
+ const NEED_TOKEN = 12;
+ const WRONG_TOKEN = 13;
+ const USER_MIGRATED = 14;
+
+ public static $statusCodes = [
+ self::SUCCESS => 'success',
+ self::NO_NAME => 'no_name',
+ self::ILLEGAL => 'illegal',
+ self::WRONG_PLUGIN_PASS => 'wrong_plugin_pass',
+ self::NOT_EXISTS => 'not_exists',
+ self::WRONG_PASS => 'wrong_pass',
+ self::EMPTY_PASS => 'empty_pass',
+ self::RESET_PASS => 'reset_pass',
+ self::ABORTED => 'aborted',
+ self::CREATE_BLOCKED => 'create_blocked',
+ self::THROTTLED => 'throttled',
+ self::USER_BLOCKED => 'user_blocked',
+ self::NEED_TOKEN => 'need_token',
+ self::WRONG_TOKEN => 'wrong_token',
+ self::USER_MIGRATED => 'user_migrated',
+ ];
+
+ /**
+ * Valid error and warning messages
+ *
+ * Special:Userlogin can show an error or warning message on the form when
+ * coming from another page. This is done via the ?error= or ?warning= GET
+ * parameters.
+ *
+ * This array is the list of valid message keys. All other values will be
+ * ignored.
+ *
+ * @since 1.24
+ * @var string[]
+ */
+ public static $validErrorMessages = [
+ 'exception-nologin-text',
+ 'watchlistanontext',
+ 'changeemail-no-info',
+ 'resetpass-no-info',
+ 'confirmemail_needlogin',
+ 'prefsnologintext2',
+ ];
+
+ public $mAbortLoginErrorMsg = null;
+ /**
+ * @var int How many seconds user is throttled for
+ * @since 1.27
+ */
+ public $mThrottleWait = '?';
+
+ protected $mUsername;
+ protected $mPassword;
+ protected $mRetype;
+ protected $mReturnTo;
+ protected $mCookieCheck;
+ protected $mPosted;
+ protected $mAction;
+ protected $mCreateaccount;
+ protected $mCreateaccountMail;
+ protected $mLoginattempt;
+ protected $mRemember;
+ protected $mEmail;
+ protected $mDomain;
+ protected $mLanguage;
+ protected $mSkipCookieCheck;
+ protected $mReturnToQuery;
+ protected $mToken;
+ protected $mStickHTTPS;
+ protected $mType;
+ protected $mReason;
+ protected $mRealName;
+ protected $mEntryError = '';
+ protected $mEntryErrorType = 'error';
+
+ private $mTempPasswordUsed;
+ private $mLoaded = false;
+ private $mSecureLoginUrl;
+
+ /** @var WebRequest */
+ private $mOverrideRequest = null;
+
+ /** @var WebRequest Effective request; set at the beginning of load */
+ private $mRequest = null;
+
+ /**
+ * @param WebRequest $request
+ */
+ public function __construct( $request = null ) {
+ global $wgUseMediaWikiUIEverywhere;
+ parent::__construct( 'Userlogin' );
+
+ $this->mOverrideRequest = $request;
+ // Override UseMediaWikiEverywhere to true, to force login and create form to use mw ui
+ $wgUseMediaWikiUIEverywhere = true;
+ }
+
+ public function doesWrites() {
+ return true;
+ }
+
+ /**
+ * Returns an array of all valid error messages.
+ *
+ * @return array
+ */
+ public static function getValidErrorMessages() {
+ static $messages = null;
+ if ( !$messages ) {
+ $messages = self::$validErrorMessages;
+ Hooks::run( 'LoginFormValidErrorMessages', [ &$messages ] );
+ }
+
+ return $messages;
+ }
+
+ /**
+ * Loader
+ */
+ function load() {
+ global $wgAuth, $wgHiddenPrefs, $wgEnableEmail;
+
+ if ( $this->mLoaded ) {
+ return;
+ }
+ $this->mLoaded = true;
+
+ if ( $this->mOverrideRequest === null ) {
+ $request = $this->getRequest();
+ } else {
+ $request = $this->mOverrideRequest;
+ }
+ $this->mRequest = $request;
+
+ $this->mType = $request->getText( 'type' );
+ $this->mUsername = $request->getText( 'wpName' );
+ $this->mPassword = $request->getText( 'wpPassword' );
+ $this->mRetype = $request->getText( 'wpRetype' );
+ $this->mDomain = $request->getText( 'wpDomain' );
+ $this->mReason = $request->getText( 'wpReason' );
+ $this->mCookieCheck = $request->getVal( 'wpCookieCheck' );
+ $this->mPosted = $request->wasPosted();
+ $this->mCreateaccountMail = $request->getCheck( 'wpCreateaccountMail' )
+ && $wgEnableEmail;
+ $this->mCreateaccount = $request->getCheck( 'wpCreateaccount' ) && !$this->mCreateaccountMail;
+ $this->mLoginattempt = $request->getCheck( 'wpLoginattempt' );
+ $this->mAction = $request->getVal( 'action' );
+ $this->mRemember = $request->getCheck( 'wpRemember' );
+ $this->mFromHTTP = $request->getBool( 'fromhttp', false )
+ || $request->getBool( 'wpFromhttp', false );
+ $this->mStickHTTPS = ( !$this->mFromHTTP && $request->getProtocol() === 'https' )
+ || $request->getBool( 'wpForceHttps', false );
+ $this->mLanguage = $request->getText( 'uselang' );
+ $this->mSkipCookieCheck = $request->getCheck( 'wpSkipCookieCheck' );
+ $this->mToken = $this->mType == 'signup'
+ ? $request->getVal( 'wpCreateaccountToken' )
+ : $request->getVal( 'wpLoginToken' );
+ $this->mReturnTo = $request->getVal( 'returnto', '' );
+ $this->mReturnToQuery = $request->getVal( 'returntoquery', '' );
+
+ // Show an error or warning passed on from a previous page
+ $entryError = $this->msg( $request->getVal( 'error', '' ) );
+ $entryWarning = $this->msg( $request->getVal( 'warning', '' ) );
+ // bc: provide login link as a parameter for messages where the translation
+ // was not updated
+ $loginreqlink = Linker::linkKnown(
+ $this->getPageTitle(),
+ $this->msg( 'loginreqlink' )->escaped(),
+ [],
+ [
+ 'returnto' => $this->mReturnTo,
+ 'returntoquery' => $this->mReturnToQuery,
+ 'uselang' => $this->mLanguage,
+ 'fromhttp' => $this->mFromHTTP ? '1' : '0',
+ ]
+ );
+
+ // Only show valid error or warning messages.
+ if ( $entryError->exists()
+ && in_array( $entryError->getKey(), self::getValidErrorMessages() )
+ ) {
+ $this->mEntryErrorType = 'error';
+ $this->mEntryError = $entryError->rawParams( $loginreqlink )->parse();
+
+ } elseif ( $entryWarning->exists()
+ && in_array( $entryWarning->getKey(), self::getValidErrorMessages() )
+ ) {
+ $this->mEntryErrorType = 'warning';
+ $this->mEntryError = $entryWarning->rawParams( $loginreqlink )->parse();
+ }
+
+ if ( $wgEnableEmail ) {
+ $this->mEmail = $request->getText( 'wpEmail' );
+ } else {
+ $this->mEmail = '';
+ }
+ if ( !in_array( 'realname', $wgHiddenPrefs ) ) {
+ $this->mRealName = $request->getText( 'wpRealName' );
+ } else {
+ $this->mRealName = '';
+ }
+
+ if ( !$wgAuth->validDomain( $this->mDomain ) ) {
+ $this->mDomain = $wgAuth->getDomain();
+ }
+ $wgAuth->setDomain( $this->mDomain );
+
+ # 1. When switching accounts, it sucks to get automatically logged out
+ # 2. Do not return to PasswordReset after a successful password change
+ # but goto Wiki start page (Main_Page) instead ( bug 33997 )
+ $returnToTitle = Title::newFromText( $this->mReturnTo );
+ if ( is_object( $returnToTitle )
+ && ( $returnToTitle->isSpecial( 'Userlogout' )
+ || $returnToTitle->isSpecial( 'PasswordReset' ) )
+ ) {
+ $this->mReturnTo = '';
+ $this->mReturnToQuery = '';
+ }
+ }
+
+ function getDescription() {
+ if ( $this->mType === 'signup' ) {
+ return $this->msg( 'createaccount' )->text();
+ } else {
+ return $this->msg( 'login' )->text();
+ }
+ }
+
+ /**
+ * @param string|null $subPage
+ */
+ public function execute( $subPage ) {
+ // Make sure session is persisted
+ $session = SessionManager::getGlobalSession();
+ $session->persist();
+
+ $this->load();
+
+ // Check for [[Special:Userlogin/signup]]. This affects form display and
+ // page title.
+ if ( $subPage == 'signup' ) {
+ $this->mType = 'signup';
+ }
+ $this->setHeaders();
+
+ // Make sure it's possible to log in
+ if ( $this->mType !== 'signup' && !$session->canSetUser() ) {
+ throw new ErrorPageError(
+ 'cannotloginnow-title',
+ 'cannotloginnow-text',
+ [
+ $session->getProvider()->describe( RequestContext::getMain()->getLanguage() )
+ ]
+ );
+ }
+
+ /**
+ * In the case where the user is already logged in, and was redirected to
+ * the login form from a page that requires login, do not show the login
+ * page. The use case scenario for this is when a user opens a large number
+ * of tabs, is redirected to the login page on all of them, and then logs
+ * in on one, expecting all the others to work properly.
+ *
+ * However, do show the form if it was visited intentionally (no 'returnto'
+ * is present). People who often switch between several accounts have grown
+ * accustomed to this behavior.
+ */
+ if (
+ $this->mType !== 'signup' &&
+ !$this->mPosted &&
+ $this->getUser()->isLoggedIn() &&
+ ( $this->mReturnTo !== '' || $this->mReturnToQuery !== '' )
+ ) {
+ $this->successfulLogin();
+ }
+
+ // If logging in and not on HTTPS, either redirect to it or offer a link.
+ global $wgSecureLogin;
+ if ( $this->mRequest->getProtocol() !== 'https' ) {
+ $title = $this->getFullTitle();
+ $query = [
+ 'returnto' => $this->mReturnTo !== '' ? $this->mReturnTo : null,
+ 'returntoquery' => $this->mReturnToQuery !== '' ?
+ $this->mReturnToQuery : null,
+ 'title' => null,
+ ( $this->mEntryErrorType === 'error' ? 'error' : 'warning' ) => $this->mEntryError,
+ ] + $this->mRequest->getQueryValues();
+ $url = $title->getFullURL( $query, false, PROTO_HTTPS );
+ if ( $wgSecureLogin
+ && wfCanIPUseHTTPS( $this->getRequest()->getIP() )
+ && !$this->mFromHTTP ) // Avoid infinite redirect
+ {
+ $url = wfAppendQuery( $url, 'fromhttp=1' );
+ $this->getOutput()->redirect( $url );
+ // Since we only do this redir to change proto, always vary
+ $this->getOutput()->addVaryHeader( 'X-Forwarded-Proto' );
+
+ return;
+ } else {
+ // A wiki without HTTPS login support should set $wgServer to
+ // http://somehost, in which case the secure URL generated
+ // above won't actually start with https://
+ if ( substr( $url, 0, 8 ) === 'https://' ) {
+ $this->mSecureLoginUrl = $url;
+ }
+ }
+ }
+
+ if ( !is_null( $this->mCookieCheck ) ) {
+ $this->onCookieRedirectCheck( $this->mCookieCheck );
+
+ return;
+ } elseif ( $this->mPosted ) {
+ if ( $this->mCreateaccount ) {
+ $this->addNewAccount();
+
+ return;
+ } elseif ( $this->mCreateaccountMail ) {
+ $this->addNewAccountMailPassword();
+
+ return;
+ } elseif ( ( 'submitlogin' == $this->mAction ) || $this->mLoginattempt ) {
+ $this->processLogin();
+
+ return;
+ }
+ }
+ $this->mainLoginForm( $this->mEntryError, $this->mEntryErrorType );
+ }
+
+ /**
+ * @private
+ */
+ function addNewAccountMailPassword() {
+ if ( $this->mEmail == '' ) {
+ $this->mainLoginForm( $this->msg( 'noemailcreate' )->escaped() );
+
+ return;
+ }
+
+ $status = $this->addNewAccountInternal();
+ LoggerFactory::getInstance( 'authmanager' )->info(
+ 'Account creation attempt with mailed password',
+ [ 'event' => 'accountcreation', 'status' => $status ]
+ );
+ if ( !$status->isGood() ) {
+ $error = $status->getMessage();
+ $this->mainLoginForm( $error->toString() );
+
+ return;
+ }
+
+ /** @var User $u */
+ $u = $status->getValue();
+
+ // Wipe the initial password and mail a temporary one
+ $u->setPassword( null );
+ $u->saveSettings();
+ $result = $this->mailPasswordInternal( $u, false, 'createaccount-title', 'createaccount-text' );
+
+ Hooks::run( 'AddNewAccount', [ $u, true ] );
+ $u->addNewUserLogEntry( 'byemail', $this->mReason );
+
+ $out = $this->getOutput();
+ $out->setPageTitle( $this->msg( 'accmailtitle' ) );
+
+ if ( !$result->isGood() ) {
+ $this->mainLoginForm( $this->msg( 'mailerror', $result->getWikiText() )->text() );
+ } else {
+ $out->addWikiMsg( 'accmailtext', $u->getName(), $u->getEmail() );
+ $this->executeReturnTo( 'success' );
+ }
+ }
+
+ /**
+ * @private
+ * @return bool
+ */
+ function addNewAccount() {
+ global $wgContLang, $wgUser, $wgEmailAuthentication, $wgLoginLanguageSelector;
+
+ # Create the account and abort if there's a problem doing so
+ $status = $this->addNewAccountInternal();
+ LoggerFactory::getInstance( 'authmanager' )->info( 'Account creation attempt', [
+ 'event' => 'accountcreation',
+ 'status' => $status,
+ ] );
+
+ if ( !$status->isGood() ) {
+ $error = $status->getMessage();
+ $this->mainLoginForm( $error->toString() );
+
+ return false;
+ }
+
+ $u = $status->getValue();
+
+ # Only save preferences if the user is not creating an account for someone else.
+ if ( $this->getUser()->isAnon() ) {
+ # If we showed up language selection links, and one was in use, be
+ # smart (and sensible) and save that language as the user's preference
+ if ( $wgLoginLanguageSelector && $this->mLanguage ) {
+ $u->setOption( 'language', $this->mLanguage );
+ } else {
+
+ # Otherwise the user's language preference defaults to $wgContLang,
+ # but it may be better to set it to their preferred $wgContLang variant,
+ # based on browser preferences or URL parameters.
+ $u->setOption( 'language', $wgContLang->getPreferredVariant() );
+ }
+ if ( $wgContLang->hasVariants() ) {
+ $u->setOption( 'variant', $wgContLang->getPreferredVariant() );
+ }
+ }
+
+ $out = $this->getOutput();
+
+ # Send out an email authentication message if needed
+ if ( $wgEmailAuthentication && Sanitizer::validateEmail( $u->getEmail() ) ) {
+ $status = $u->sendConfirmationMail();
+ if ( $status->isGood() ) {
+ $out->addWikiMsg( 'confirmemail_oncreate' );
+ } else {
+ $out->addWikiText( $status->getWikiText( 'confirmemail_sendfailed' ) );
+ }
+ }
+
+ # Save settings (including confirmation token)
+ $u->saveSettings();
+
+ # If not logged in, assume the new account as the current one and set
+ # session cookies then show a "welcome" message or a "need cookies"
+ # message as needed
+ if ( $this->getUser()->isAnon() ) {
+ $u->setCookies();
+ $wgUser = $u;
+ // This should set it for OutputPage and the Skin
+ // which is needed or the personal links will be
+ // wrong.
+ $this->getContext()->setUser( $u );
+ Hooks::run( 'AddNewAccount', [ $u, false ] );
+ $u->addNewUserLogEntry( 'create' );
+ if ( $this->hasSessionCookie() ) {
+ $this->successfulCreation();
+ } else {
+ $this->cookieRedirectCheck( 'new' );
+ }
+ } else {
+ # Confirm that the account was created
+ $out->setPageTitle( $this->msg( 'accountcreated' ) );
+ $out->addWikiMsg( 'accountcreatedtext', $u->getName() );
+ $out->addReturnTo( $this->getPageTitle() );
+ Hooks::run( 'AddNewAccount', [ $u, false ] );
+ $u->addNewUserLogEntry( 'create2', $this->mReason );
+ }
+
+ return true;
+ }
+
+ /**
+ * Make a new user account using the loaded data.
+ * @private
+ * @throws PermissionsError|ReadOnlyError
+ * @return Status
+ */
+ public function addNewAccountInternal() {
+ global $wgAuth, $wgAccountCreationThrottle, $wgEmailConfirmToEdit;
+
+ // If the user passes an invalid domain, something is fishy
+ if ( !$wgAuth->validDomain( $this->mDomain ) ) {
+ return Status::newFatal( 'wrongpassword' );
+ }
+
+ // If we are not allowing users to login locally, we should be checking
+ // to see if the user is actually able to authenticate to the authenti-
+ // cation server before they create an account (otherwise, they can
+ // create a local account and login as any domain user). We only need
+ // to check this for domains that aren't local.
+ if ( 'local' != $this->mDomain && $this->mDomain != '' ) {
+ if (
+ !$wgAuth->canCreateAccounts() &&
+ (
+ !$wgAuth->userExists( $this->mUsername ) ||
+ !$wgAuth->authenticate( $this->mUsername, $this->mPassword )
+ )
+ ) {
+ return Status::newFatal( 'wrongpassword' );
+ }
+ }
+
+ if ( wfReadOnly() ) {
+ throw new ReadOnlyError;
+ }
+
+ # Request forgery checks.
+ $token = self::getCreateaccountToken();
+ if ( $token->wasNew() ) {
+ return Status::newFatal( 'nocookiesfornew' );
+ }
+
+ # The user didn't pass a createaccount token
+ if ( !$this->mToken ) {
+ return Status::newFatal( 'sessionfailure' );
+ }
+
+ # Validate the createaccount token
+ if ( !$token->match( $this->mToken ) ) {
+ return Status::newFatal( 'sessionfailure' );
+ }
+
+ # Check permissions
+ $currentUser = $this->getUser();
+ $creationBlock = $currentUser->isBlockedFromCreateAccount();
+ if ( !$currentUser->isAllowed( 'createaccount' ) ) {
+ throw new PermissionsError( 'createaccount' );
+ } elseif ( $creationBlock instanceof Block ) {
+ // Throws an ErrorPageError.
+ $this->userBlockedMessage( $creationBlock );
+
+ // This should never be reached.
+ return false;
+ }
+
+ # Include checks that will include GlobalBlocking (Bug 38333)
+ $permErrors = $this->getPageTitle()->getUserPermissionsErrors(
+ 'createaccount',
+ $currentUser,
+ true
+ );
+
+ if ( count( $permErrors ) ) {
+ throw new PermissionsError( 'createaccount', $permErrors );
+ }
+
+ $ip = $this->getRequest()->getIP();
+ if ( $currentUser->isDnsBlacklisted( $ip, true /* check $wgProxyWhitelist */ ) ) {
+ return Status::newFatal( 'sorbs_create_account_reason' );
+ }
+
+ # Now create a dummy user ($u) and check if it is valid
+ $u = User::newFromName( $this->mUsername, 'creatable' );
+ if ( !$u ) {
+ return Status::newFatal( 'noname' );
+ }
+
+ $cache = ObjectCache::getLocalClusterInstance();
+ # Make sure the user does not exist already
+ $lock = $cache->getScopedLock( $cache->makeGlobalKey( 'account', md5( $this->mUsername ) ) );
+ if ( !$lock ) {
+ return Status::newFatal( 'usernameinprogress' );
+ } elseif ( $u->idForName( User::READ_LOCKING ) ) {
+ return Status::newFatal( 'userexists' );
+ }
+
+ if ( $this->mCreateaccountMail ) {
+ # do not force a password for account creation by email
+ # set invalid password, it will be replaced later by a random generated password
+ $this->mPassword = null;
+ } else {
+ if ( $this->mPassword !== $this->mRetype ) {
+ return Status::newFatal( 'badretype' );
+ }
+
+ # check for password validity, return a fatal Status if invalid
+ $validity = $u->checkPasswordValidity( $this->mPassword, 'create' );
+ if ( !$validity->isGood() ) {
+ $validity->ok = false; // make sure this Status is fatal
+ return $validity;
+ }
+ }
+
+ # if you need a confirmed email address to edit, then obviously you
+ # need an email address.
+ if ( $wgEmailConfirmToEdit && strval( $this->mEmail ) === '' ) {
+ return Status::newFatal( 'noemailtitle' );
+ }
+
+ if ( strval( $this->mEmail ) !== '' && !Sanitizer::validateEmail( $this->mEmail ) ) {
+ return Status::newFatal( 'invalidemailaddress' );
+ }
+
+ # Set some additional data so the AbortNewAccount hook can be used for
+ # more than just username validation
+ $u->setEmail( $this->mEmail );
+ $u->setRealName( $this->mRealName );
+
+ $abortError = '';
+ $abortStatus = null;
+ if ( !Hooks::run( 'AbortNewAccount', [ $u, &$abortError, &$abortStatus ] ) ) {
+ // Hook point to add extra creation throttles and blocks
+ wfDebug( "LoginForm::addNewAccountInternal: a hook blocked creation\n" );
+ if ( $abortStatus === null ) {
+ // Report back the old string as a raw message status.
+ // This will report the error back as 'createaccount-hook-aborted'
+ // with the given string as the message.
+ // To return a different error code, return a Status object.
+ $abortError = new Message( 'createaccount-hook-aborted', [ $abortError ] );
+ $abortError->text();
+
+ return Status::newFatal( $abortError );
+ } else {
+ // For MediaWiki 1.23+ and updated hooks, return the Status object
+ // returned from the hook.
+ return $abortStatus;
+ }
+ }
+
+ // Hook point to check for exempt from account creation throttle
+ if ( !Hooks::run( 'ExemptFromAccountCreationThrottle', [ $ip ] ) ) {
+ wfDebug( "LoginForm::exemptFromAccountCreationThrottle: a hook " .
+ "allowed account creation w/o throttle\n" );
+ } else {
+ if ( ( $wgAccountCreationThrottle && $currentUser->isPingLimitable() ) ) {
+ $key = wfGlobalCacheKey( 'acctcreate', 'ip', $ip );
+ $value = $cache->get( $key );
+ if ( !$value ) {
+ $cache->set( $key, 0, $cache::TTL_DAY );
+ }
+ if ( $value >= $wgAccountCreationThrottle ) {
+ return Status::newFatal( 'acct_creation_throttle_hit', $wgAccountCreationThrottle );
+ }
+ $cache->incr( $key );
+ }
+ }
+
+ if ( !$wgAuth->addUser( $u, $this->mPassword, $this->mEmail, $this->mRealName ) ) {
+ return Status::newFatal( 'externaldberror' );
+ }
+
+ self::clearCreateaccountToken();
+
+ return $this->initUser( $u, false );
+ }
+
+ /**
+ * Actually add a user to the database.
+ * Give it a User object that has been initialised with a name.
+ *
+ * @param User $u
+ * @param bool $autocreate True if this is an autocreation via auth plugin
+ * @return Status Status object, with the User object in the value member on success
+ * @private
+ */
+ function initUser( $u, $autocreate ) {
+ global $wgAuth;
+
+ $status = $u->addToDatabase();
+ if ( !$status->isOK() ) {
+ return $status;
+ }
+
+ if ( $wgAuth->allowPasswordChange() ) {
+ $u->setPassword( $this->mPassword );
+ }
+
+ $u->setEmail( $this->mEmail );
+ $u->setRealName( $this->mRealName );
+ SessionManager::singleton()->invalidateSessionsForUser( $u );
+
+ Hooks::run( 'LocalUserCreated', [ $u, $autocreate ] );
+ $oldUser = $u;
+ $wgAuth->initUser( $u, $autocreate );
+ if ( $oldUser !== $u ) {
+ wfWarn( get_class( $wgAuth ) . '::initUser() replaced the user object' );
+ }
+
+ $u->saveSettings();
+
+ // Update user count
+ DeferredUpdates::addUpdate( new SiteStatsUpdate( 0, 0, 0, 0, 1 ) );
+
+ // Watch user's userpage and talk page
+ $u->addWatch( $u->getUserPage(), User::IGNORE_USER_RIGHTS );
+
+ return Status::newGood( $u );
+ }
+
+ /**
+ * Internally authenticate the login request.
+ *
+ * This may create a local account as a side effect if the
+ * authentication plugin allows transparent local account
+ * creation.
+ * @return int
+ */
+ public function authenticateUserData() {
+ global $wgUser, $wgAuth;
+
+ $this->load();
+
+ if ( $this->mUsername == '' ) {
+ return self::NO_NAME;
+ }
+
+ // We require a login token to prevent login CSRF
+ // Handle part of this before incrementing the throttle so
+ // token-less login attempts don't count towards the throttle
+ // but wrong-token attempts do.
+
+ // If the user doesn't have a login token yet, set one.
+ $token = self::getLoginToken();
+ if ( $token->wasNew() ) {
+ return self::NEED_TOKEN;
+ }
+ // If the user didn't pass a login token, tell them we need one
+ if ( !$this->mToken ) {
+ return self::NEED_TOKEN;
+ }
+
+ $throttleCount = self::incrementLoginThrottle( $this->mUsername );
+ if ( $throttleCount ) {
+ $this->mThrottleWait = $throttleCount['wait'];
+ return self::THROTTLED;
+ }
+
+ // Validate the login token
+ if ( !$token->match( $this->mToken ) ) {
+ return self::WRONG_TOKEN;
+ }
+
+ // Load the current user now, and check to see if we're logging in as
+ // the same name. This is necessary because loading the current user
+ // (say by calling getName()) calls the UserLoadFromSession hook, which
+ // potentially creates the user in the database. Until we load $wgUser,
+ // checking for user existence using User::newFromName($name)->getId() below
+ // will effectively be using stale data.
+ if ( $this->getUser()->getName() === $this->mUsername ) {
+ wfDebug( __METHOD__ . ": already logged in as {$this->mUsername}\n" );
+
+ return self::SUCCESS;
+ }
+
+ $u = User::newFromName( $this->mUsername );
+ if ( $u === false ) {
+ return self::ILLEGAL;
+ }
+
+ $msg = null;
+ // Give extensions a way to indicate the username has been updated,
+ // rather than telling the user the account doesn't exist.
+ if ( !Hooks::run( 'LoginUserMigrated', [ $u, &$msg ] ) ) {
+ $this->mAbortLoginErrorMsg = $msg;
+ return self::USER_MIGRATED;
+ }
+
+ if ( !User::isUsableName( $u->getName() ) ) {
+ return self::ILLEGAL;
+ }
+
+ $isAutoCreated = false;
+ if ( $u->getId() == 0 ) {
+ $status = $this->attemptAutoCreate( $u );
+ if ( $status !== self::SUCCESS ) {
+ return $status;
+ } else {
+ $isAutoCreated = true;
+ }
+ } else {
+ $u->load();
+ }
+
+ // Give general extensions, such as a captcha, a chance to abort logins
+ $abort = self::ABORTED;
+ if ( !Hooks::run( 'AbortLogin', [ $u, $this->mPassword, &$abort, &$msg ] ) ) {
+ if ( !in_array( $abort, array_keys( self::$statusCodes ), true ) ) {
+ throw new Exception( 'Invalid status code returned from AbortLogin hook: ' . $abort );
+ }
+ $this->mAbortLoginErrorMsg = $msg;
+ return $abort;
+ }
+
+ global $wgBlockDisablesLogin;
+ if ( !$u->checkPassword( $this->mPassword ) ) {
+ if ( $u->checkTemporaryPassword( $this->mPassword ) ) {
+ /**
+ * The e-mailed temporary password should not be used for actu-
+ * al logins; that's a very sloppy habit, and insecure if an
+ * attacker has a few seconds to click "search" on someone's
+ * open mail reader.
+ *
+ * Allow it to be used only to reset the password a single time
+ * to a new value, which won't be in the user's e-mail ar-
+ * chives.
+ *
+ * For backwards compatibility, we'll still recognize it at the
+ * login form to minimize surprises for people who have been
+ * logging in with a temporary password for some time.
+ *
+ * As a side-effect, we can authenticate the user's e-mail ad-
+ * dress if it's not already done, since the temporary password
+ * was sent via e-mail.
+ */
+ if ( !$u->isEmailConfirmed() && !wfReadOnly() ) {
+ $u->confirmEmail();
+ $u->saveSettings();
+ }
+
+ // At this point we just return an appropriate code/ indicating
+ // that the UI should show a password reset form; bot inter-
+ // faces etc will probably just fail cleanly here.
+ $this->mAbortLoginErrorMsg = 'resetpass-temp-emailed';
+ $this->mTempPasswordUsed = true;
+ $retval = self::RESET_PASS;
+ } else {
+ $retval = ( $this->mPassword == '' ) ? self::EMPTY_PASS : self::WRONG_PASS;
+ }
+ } elseif ( $wgBlockDisablesLogin && $u->isBlocked() ) {
+ // If we've enabled it, make it so that a blocked user cannot login
+ $retval = self::USER_BLOCKED;
+ } elseif ( $this->checkUserPasswordExpired( $u ) == 'hard' ) {
+ // Force reset now, without logging in
+ $retval = self::RESET_PASS;
+ $this->mAbortLoginErrorMsg = 'resetpass-expired';
+ } else {
+ Hooks::run( 'UserLoggedIn', [ $u ] );
+ $oldUser = $u;
+ $wgAuth->updateUser( $u );
+ if ( $oldUser !== $u ) {
+ wfWarn( get_class( $wgAuth ) . '::updateUser() replaced the user object' );
+ }
+ $wgUser = $u;
+ // This should set it for OutputPage and the Skin
+ // which is needed or the personal links will be
+ // wrong.
+ $this->getContext()->setUser( $u );
+
+ // Please reset throttle for successful logins, thanks!
+ self::clearLoginThrottle( $this->mUsername );
+
+ if ( $isAutoCreated ) {
+ // Must be run after $wgUser is set, for correct new user log
+ Hooks::run( 'AuthPluginAutoCreate', [ $u ] );
+ }
+
+ $retval = self::SUCCESS;
+ }
+ Hooks::run( 'LoginAuthenticateAudit', [ $u, $this->mPassword, $retval ] );
+
+ return $retval;
+ }
+
+ /**
+ * Increment the login attempt throttle hit count for the (username,current IP)
+ * tuple unless the throttle was already reached.
+ *
+ * @since 1.27 Return value changed.
+ * @param string $username The user name
+ * @return bool|array false if below limit or an array if above limit
+ * Array contains keys wait, count, and throttleIndex
+ */
+ public static function incrementLoginThrottle( $username ) {
+ global $wgPasswordAttemptThrottle, $wgRequest;
+ $username = User::getCanonicalName( $username, 'usable' ) ?: $username;
+
+ $throttleCount = 0;
+ if ( is_array( $wgPasswordAttemptThrottle ) ) {
+ $throttleConfig = $wgPasswordAttemptThrottle;
+ if ( isset( $wgPasswordAttemptThrottle['count'] ) ) {
+ // old style. Convert for backwards compat.
+ $throttleConfig = [ $wgPasswordAttemptThrottle ];
+ }
+ foreach ( $throttleConfig as $index => $specificThrottle ) {
+ if ( isset( $specificThrottle['allIPs'] ) ) {
+ $ip = 'All';
+ } else {
+ $ip = $wgRequest->getIP();
+ }
+ $throttleKey = wfGlobalCacheKey( 'password-throttle',
+ $index, $ip, md5( $username )
+ );
+ $count = $specificThrottle['count'];
+ $period = $specificThrottle['seconds'];
+
+ $cache = ObjectCache::getLocalClusterInstance();
+ $throttleCount = $cache->get( $throttleKey );
+ if ( !$throttleCount ) {
+ $cache->add( $throttleKey, 1, $period ); // start counter
+ } elseif ( $throttleCount < $count ) {
+ $cache->incr( $throttleKey );
+ } elseif ( $throttleCount >= $count ) {
+ $logMsg = 'Login attempt rejected because logins to '
+ . '{acct} from IP {ip} have been throttled for '
+ . '{period} seconds due to {count} failed attempts';
+ // If we are hitting a throttle for >= 50 attempts,
+ // it is much more likely to be an attack than someone
+ // simply forgetting their password, so log it at a
+ // higher level.
+ $level = $count >= 50 ? LogLevel::WARNING : LogLevel::INFO;
+ // It should be noted that once the throttle is hit,
+ // every attempt to login will generate the log message
+ // until the throttle expires, not just the attempt that
+ // puts the throttle over the top.
+ LoggerFactory::getInstance( 'password-throttle' )->log(
+ $level,
+ $logMsg,
+ [
+ 'ip' => $ip,
+ 'period' => $period,
+ 'acct' => $username,
+ 'count' => $count,
+ 'throttleIdentifier' => $index,
+ 'method' => __METHOD__
+ ]
+ );
+
+ return [
+ 'throttleIndex' => $index,
+ 'wait' => $period,
+ 'count' => $count
+ ];
+ }
+ }
+ }
+ return false;
+ }
+
+ /**
+ * Increment the login attempt throttle hit count for the (username,current IP)
+ * tuple unless the throttle was already reached.
+ *
+ * @deprecated Use LoginForm::incrementLoginThrottle instead
+ * @param string $username The user name
+ * @return bool|int true if above throttle, or 0 (prior to 1.27, returned current count)
+ */
+ public static function incLoginThrottle( $username ) {
+ wfDeprecated( __METHOD__, "1.27" );
+ $res = self::incrementLoginThrottle( $username );
+ return is_array( $res ) ? true : 0;
+ }
+
+ /**
+ * Clear the login attempt throttle hit count for the (username,current IP) tuple.
+ * @param string $username The user name
+ * @return void
+ */
+ public static function clearLoginThrottle( $username ) {
+ global $wgRequest, $wgPasswordAttemptThrottle;
+ $username = User::getCanonicalName( $username, 'usable' ) ?: $username;
+
+ if ( is_array( $wgPasswordAttemptThrottle ) ) {
+ $throttleConfig = $wgPasswordAttemptThrottle;
+ if ( isset( $wgPasswordAttemptThrottle['count'] ) ) {
+ // old style. Convert for backwards compat.
+ $throttleConfig = [ $wgPasswordAttemptThrottle ];
+ }
+ foreach ( $throttleConfig as $index => $specificThrottle ) {
+ if ( isset( $specificThrottle['allIPs'] ) ) {
+ $ip = 'All';
+ } else {
+ $ip = $wgRequest->getIP();
+ }
+ $throttleKey = wfGlobalCacheKey( 'password-throttle', $index,
+ $ip, md5( $username )
+ );
+ ObjectCache::getLocalClusterInstance()->delete( $throttleKey );
+ }
+ }
+ }
+
+ /**
+ * Attempt to automatically create a user on login. Only succeeds if there
+ * is an external authentication method which allows it.
+ *
+ * @param User $user
+ *
+ * @return int Status code
+ */
+ function attemptAutoCreate( $user ) {
+ global $wgAuth;
+
+ if ( $this->getUser()->isBlockedFromCreateAccount() ) {
+ wfDebug( __METHOD__ . ": user is blocked from account creation\n" );
+
+ return self::CREATE_BLOCKED;
+ }
+
+ if ( !$wgAuth->autoCreate() ) {
+ return self::NOT_EXISTS;
+ }
+
+ if ( !$wgAuth->userExists( $user->getName() ) ) {
+ wfDebug( __METHOD__ . ": user does not exist\n" );
+
+ return self::NOT_EXISTS;
+ }
+
+ if ( !$wgAuth->authenticate( $user->getName(), $this->mPassword ) ) {
+ wfDebug( __METHOD__ . ": \$wgAuth->authenticate() returned false, aborting\n" );
+
+ return self::WRONG_PLUGIN_PASS;
+ }
+
+ $abortError = '';
+ if ( !Hooks::run( 'AbortAutoAccount', [ $user, &$abortError ] ) ) {
+ // Hook point to add extra creation throttles and blocks
+ wfDebug( "LoginForm::attemptAutoCreate: a hook blocked creation: $abortError\n" );
+ $this->mAbortLoginErrorMsg = $abortError;
+
+ return self::ABORTED;
+ }
+
+ wfDebug( __METHOD__ . ": creating account\n" );
+ $status = $this->initUser( $user, true );
+
+ if ( !$status->isOK() ) {
+ $errors = $status->getErrorsByType( 'error' );
+ $this->mAbortLoginErrorMsg = $errors[0]['message'];
+
+ return self::ABORTED;
+ }
+
+ return self::SUCCESS;
+ }
+
+ function processLogin() {
+ global $wgLang, $wgSecureLogin, $wgInvalidPasswordReset;
+
+ $authRes = $this->authenticateUserData();
+ switch ( $authRes ) {
+ case self::SUCCESS:
+ # We've verified now, update the real record
+ $user = $this->getUser();
+ $user->touch();
+
+ if ( $user->requiresHTTPS() ) {
+ $this->mStickHTTPS = true;
+ }
+
+ if ( $wgSecureLogin && !$this->mStickHTTPS ) {
+ $user->setCookies( $this->mRequest, false, $this->mRemember );
+ } else {
+ $user->setCookies( $this->mRequest, null, $this->mRemember );
+ }
+ self::clearLoginToken();
+
+ // Reset the throttle
+ self::clearLoginThrottle( $this->mUsername );
+
+ $request = $this->getRequest();
+ if ( $this->hasSessionCookie() || $this->mSkipCookieCheck ) {
+ /* Replace the language object to provide user interface in
+ * correct language immediately on this first page load.
+ */
+ $code = $request->getVal( 'uselang', $user->getOption( 'language' ) );
+ $userLang = Language::factory( $code );
+ $wgLang = $userLang;
+ RequestContext::getMain()->setLanguage( $userLang );
+ $this->getContext()->setLanguage( $userLang );
+ // Reset SessionID on Successful login (bug 40995)
+ $this->renewSessionId();
+ if ( $this->checkUserPasswordExpired( $this->getUser() ) == 'soft' ) {
+ $this->resetLoginForm( $this->msg( 'resetpass-expired-soft' ) );
+ } elseif ( $wgInvalidPasswordReset
+ && !$user->isValidPassword( $this->mPassword )
+ ) {
+ $status = $user->checkPasswordValidity(
+ $this->mPassword,
+ 'login'
+ );
+ $this->resetLoginForm(
+ $status->getMessage( 'resetpass-validity-soft' )
+ );
+ } else {
+ $this->successfulLogin();
+ }
+ } else {
+ $this->cookieRedirectCheck( 'login' );
+ }
+ break;
+
+ case self::NEED_TOKEN:
+ $error = $this->mAbortLoginErrorMsg ?: 'nocookiesforlogin';
+ $this->mainLoginForm( $this->msg( $error )->parse() );
+ break;
+ case self::WRONG_TOKEN:
+ $error = $this->mAbortLoginErrorMsg ?: 'sessionfailure';
+ $this->mainLoginForm( $this->msg( $error )->text() );
+ break;
+ case self::NO_NAME:
+ case self::ILLEGAL:
+ $error = $this->mAbortLoginErrorMsg ?: 'noname';
+ $this->mainLoginForm( $this->msg( $error )->text() );
+ break;
+ case self::WRONG_PLUGIN_PASS:
+ $error = $this->mAbortLoginErrorMsg ?: 'wrongpassword';
+ $this->mainLoginForm( $this->msg( $error )->text() );
+ break;
+ case self::NOT_EXISTS:
+ if ( $this->getUser()->isAllowed( 'createaccount' ) ) {
+ $error = $this->mAbortLoginErrorMsg ?: 'nosuchuser';
+ $this->mainLoginForm( $this->msg( $error,
+ wfEscapeWikiText( $this->mUsername ) )->parse() );
+ } else {
+ $error = $this->mAbortLoginErrorMsg ?: 'nosuchusershort';
+ $this->mainLoginForm( $this->msg( $error,
+ wfEscapeWikiText( $this->mUsername ) )->text() );
+ }
+ break;
+ case self::WRONG_PASS:
+ $error = $this->mAbortLoginErrorMsg ?: 'wrongpassword';
+ $this->mainLoginForm( $this->msg( $error )->text() );
+ break;
+ case self::EMPTY_PASS:
+ $error = $this->mAbortLoginErrorMsg ?: 'wrongpasswordempty';
+ $this->mainLoginForm( $this->msg( $error )->text() );
+ break;
+ case self::RESET_PASS:
+ $error = $this->mAbortLoginErrorMsg ?: 'resetpass_announce';
+ $this->resetLoginForm( $this->msg( $error ) );
+ break;
+ case self::CREATE_BLOCKED:
+ $this->userBlockedMessage( $this->getUser()->isBlockedFromCreateAccount() );
+ break;
+ case self::THROTTLED:
+ $error = $this->mAbortLoginErrorMsg ?: 'login-throttled';
+ $this->mainLoginForm( $this->msg( $error )
+ ->durationParams( $this->mThrottleWait )->text()
+ );
+ break;
+ case self::USER_BLOCKED:
+ $error = $this->mAbortLoginErrorMsg ?: 'login-userblocked';
+ $this->mainLoginForm( $this->msg( $error, $this->mUsername )->escaped() );
+ break;
+ case self::ABORTED:
+ $error = $this->mAbortLoginErrorMsg ?: 'login-abort-generic';
+ $this->mainLoginForm( $this->msg( $error,
+ wfEscapeWikiText( $this->mUsername ) )->text() );
+ break;
+ case self::USER_MIGRATED:
+ $error = $this->mAbortLoginErrorMsg ?: 'login-migrated-generic';
+ $params = [];
+ if ( is_array( $error ) ) {
+ $error = array_shift( $this->mAbortLoginErrorMsg );
+ $params = $this->mAbortLoginErrorMsg;
+ }
+ $this->mainLoginForm( $this->msg( $error, $params )->text() );
+ break;
+ default:
+ throw new MWException( 'Unhandled case value' );
+ }
+
+ LoggerFactory::getInstance( 'authmanager' )->info( 'Login attempt', [
+ 'event' => 'login',
+ 'successful' => $authRes === self::SUCCESS,
+ 'status' => LoginForm::$statusCodes[$authRes],
+ ] );
+ }
+
+ /**
+ * Show the Special:ChangePassword form, with custom message
+ * @param Message $msg
+ */
+ protected function resetLoginForm( Message $msg ) {
+ // Allow hooks to explain this password reset in more detail
+ Hooks::run( 'LoginPasswordResetMessage', [ &$msg, $this->mUsername ] );
+ $reset = new SpecialChangePassword();
+ $derivative = new DerivativeContext( $this->getContext() );
+ $derivative->setTitle( $reset->getPageTitle() );
+ $reset->setContext( $derivative );
+ if ( !$this->mTempPasswordUsed ) {
+ $reset->setOldPasswordMessage( 'oldpassword' );
+ }
+ $reset->setChangeMessage( $msg );
+ $reset->execute( null );
+ }
+
+ /**
+ * @param User $u
+ * @param bool $throttle
+ * @param string $emailTitle Message name of email title
+ * @param string $emailText Message name of email text
+ * @return Status
+ */
+ function mailPasswordInternal( $u, $throttle = true, $emailTitle = 'passwordremindertitle',
+ $emailText = 'passwordremindertext'
+ ) {
+ global $wgNewPasswordExpiry, $wgMinimalPasswordLength;
+
+ if ( $u->getEmail() == '' ) {
+ return Status::newFatal( 'noemail', $u->getName() );
+ }
+ $ip = $this->getRequest()->getIP();
+ if ( !$ip ) {
+ return Status::newFatal( 'badipaddress' );
+ }
+
+ $currentUser = $this->getUser();
+ Hooks::run( 'User::mailPasswordInternal', [ &$currentUser, &$ip, &$u ] );
+
+ $np = PasswordFactory::generateRandomPasswordString( $wgMinimalPasswordLength );
+ $u->setNewpassword( $np, $throttle );
+ $u->saveSettings();
+ $userLanguage = $u->getOption( 'language' );
+
+ $mainPage = Title::newMainPage();
+ $mainPageUrl = $mainPage->getCanonicalURL();
+
+ $m = $this->msg( $emailText, $ip, $u->getName(), $np, '<' . $mainPageUrl . '>',
+ round( $wgNewPasswordExpiry / 86400 ) )->inLanguage( $userLanguage )->text();
+ $result = $u->sendMail( $this->msg( $emailTitle )->inLanguage( $userLanguage )->text(), $m );
+
+ return $result;
+ }
+
+ /**
+ * Run any hooks registered for logins, then HTTP redirect to
+ * $this->mReturnTo (or Main Page if that's undefined). Formerly we had a
+ * nice message here, but that's really not as useful as just being sent to
+ * wherever you logged in from. It should be clear that the action was
+ * successful, given the lack of error messages plus the appearance of your
+ * name in the upper right.
+ *
+ * @private
+ */
+ function successfulLogin() {
+ # Run any hooks; display injected HTML if any, else redirect
+ $currentUser = $this->getUser();
+ $injected_html = '';
+ Hooks::run( 'UserLoginComplete', [ &$currentUser, &$injected_html ] );
+
+ if ( $injected_html !== '' ) {
+ $this->displaySuccessfulAction( 'success', $this->msg( 'loginsuccesstitle' ),
+ 'loginsuccess', $injected_html );
+ } else {
+ $this->executeReturnTo( 'successredirect' );
+ }
+ }
+
+ /**
+ * Run any hooks registered for logins, then display a message welcoming
+ * the user.
+ *
+ * @private
+ */
+ function successfulCreation() {
+ # Run any hooks; display injected HTML
+ $currentUser = $this->getUser();
+ $injected_html = '';
+ $welcome_creation_msg = 'welcomecreation-msg';
+
+ Hooks::run( 'UserLoginComplete', [ &$currentUser, &$injected_html ] );
+
+ /**
+ * Let any extensions change what message is shown.
+ * @see https://www.mediawiki.org/wiki/Manual:Hooks/BeforeWelcomeCreation
+ * @since 1.18
+ */
+ Hooks::run( 'BeforeWelcomeCreation', [ &$welcome_creation_msg, &$injected_html ] );
+
+ $this->displaySuccessfulAction(
+ 'signup',
+ $this->msg( 'welcomeuser', $this->getUser()->getName() ),
+ $welcome_creation_msg, $injected_html
+ );
+ }
+
+ /**
+ * Display a "successful action" page.
+ *
+ * @param string $type Condition of return to; see `executeReturnTo`
+ * @param string|Message $title Page's title
+ * @param string $msgname
+ * @param string $injected_html
+ */
+ private function displaySuccessfulAction( $type, $title, $msgname, $injected_html ) {
+ $out = $this->getOutput();
+ $out->setPageTitle( $title );
+ if ( $msgname ) {
+ $out->addWikiMsg( $msgname, wfEscapeWikiText( $this->getUser()->getName() ) );
+ }
+
+ $out->addHTML( $injected_html );
+
+ $this->executeReturnTo( $type );
+ }
+
+ /**
+ * Output a message that informs the user that they cannot create an account because
+ * there is a block on them or their IP which prevents account creation. Note that
+ * User::isBlockedFromCreateAccount(), which gets this block, ignores the 'hardblock'
+ * setting on blocks (bug 13611).
+ * @param Block $block The block causing this error
+ * @throws ErrorPageError
+ */
+ function userBlockedMessage( Block $block ) {
+ # Let's be nice about this, it's likely that this feature will be used
+ # for blocking large numbers of innocent people, e.g. range blocks on
+ # schools. Don't blame it on the user. There's a small chance that it
+ # really is the user's fault, i.e. the username is blocked and they
+ # haven't bothered to log out before trying to create an account to
+ # evade it, but we'll leave that to their guilty conscience to figure
+ # out.
+ $errorParams = [
+ $block->getTarget(),
+ $block->mReason ? $block->mReason : $this->msg( 'blockednoreason' )->text(),
+ $block->getByName()
+ ];
+
+ if ( $block->getType() === Block::TYPE_RANGE ) {
+ $errorMessage = 'cantcreateaccount-range-text';
+ $errorParams[] = $this->getRequest()->getIP();
+ } else {
+ $errorMessage = 'cantcreateaccount-text';
+ }
+
+ throw new ErrorPageError(
+ 'cantcreateaccounttitle',
+ $errorMessage,
+ $errorParams
+ );
+ }
+
+ /**
+ * Add a "return to" link or redirect to it.
+ * Extensions can use this to reuse the "return to" logic after
+ * inject steps (such as redirection) into the login process.
+ *
+ * @param string $type One of the following:
+ * - error: display a return to link ignoring $wgRedirectOnLogin
+ * - signup: display a return to link using $wgRedirectOnLogin if needed
+ * - success: display a return to link using $wgRedirectOnLogin if needed
+ * - successredirect: send an HTTP redirect using $wgRedirectOnLogin if needed
+ * @param string $returnTo
+ * @param array|string $returnToQuery
+ * @param bool $stickHTTPs Keep redirect link on HTTPs
+ * @since 1.22
+ */
+ public function showReturnToPage(
+ $type, $returnTo = '', $returnToQuery = '', $stickHTTPs = false
+ ) {
+ $this->mReturnTo = $returnTo;
+ $this->mReturnToQuery = $returnToQuery;
+ $this->mStickHTTPS = $stickHTTPs;
+ $this->executeReturnTo( $type );
+ }
+
+ /**
+ * Add a "return to" link or redirect to it.
+ *
+ * @param string $type One of the following:
+ * - error: display a return to link ignoring $wgRedirectOnLogin
+ * - signup: display a return to link using $wgRedirectOnLogin if needed
+ * - success: display a return to link using $wgRedirectOnLogin if needed
+ * - successredirect: send an HTTP redirect using $wgRedirectOnLogin if needed
+ */
+ private function executeReturnTo( $type ) {
+ global $wgRedirectOnLogin, $wgSecureLogin;
+
+ if ( $type != 'error' && $wgRedirectOnLogin !== null ) {
+ $returnTo = $wgRedirectOnLogin;
+ $returnToQuery = [];
+ } else {
+ $returnTo = $this->mReturnTo;
+ $returnToQuery = wfCgiToArray( $this->mReturnToQuery );
+ }
+
+ // Allow modification of redirect behavior
+ Hooks::run( 'PostLoginRedirect', [ &$returnTo, &$returnToQuery, &$type ] );
+
+ $returnToTitle = Title::newFromText( $returnTo );
+ if ( !$returnToTitle ) {
+ $returnToTitle = Title::newMainPage();
+ }
+
+ if ( $wgSecureLogin && !$this->mStickHTTPS ) {
+ $options = [ 'http' ];
+ $proto = PROTO_HTTP;
+ } elseif ( $wgSecureLogin ) {
+ $options = [ 'https' ];
+ $proto = PROTO_HTTPS;
+ } else {
+ $options = [];
+ $proto = PROTO_RELATIVE;
+ }
+
+ if ( $type == 'successredirect' ) {
+ $redirectUrl = $returnToTitle->getFullURL( $returnToQuery, false, $proto );
+ $this->getOutput()->redirect( $redirectUrl );
+ } else {
+ $this->getOutput()->addReturnTo( $returnToTitle, $returnToQuery, null, $options );
+ }
+ }
+
+ /**
+ * @param string $msg
+ * @param string $msgtype
+ * @throws ErrorPageError
+ * @throws Exception
+ * @throws FatalError
+ * @throws MWException
+ * @throws PermissionsError
+ * @throws ReadOnlyError
+ * @private
+ */
+ function mainLoginForm( $msg, $msgtype = 'error' ) {
+ global $wgEnableEmail, $wgEnableUserEmail;
+ global $wgHiddenPrefs, $wgLoginLanguageSelector;
+ global $wgAuth, $wgEmailConfirmToEdit;
+ global $wgSecureLogin, $wgPasswordResetRoutes;
+ global $wgExtendedLoginCookieExpiration, $wgCookieExpiration;
+
+ $titleObj = $this->getPageTitle();
+ $user = $this->getUser();
+ $out = $this->getOutput();
+
+ if ( $this->mType == 'signup' ) {
+ // Block signup here if in readonly. Keeps user from
+ // going through the process (filling out data, etc)
+ // and being informed later.
+ $permErrors = $titleObj->getUserPermissionsErrors( 'createaccount', $user, true );
+ if ( count( $permErrors ) ) {
+ throw new PermissionsError( 'createaccount', $permErrors );
+ } elseif ( $user->isBlockedFromCreateAccount() ) {
+ $this->userBlockedMessage( $user->isBlockedFromCreateAccount() );
+
+ return;
+ } elseif ( wfReadOnly() ) {
+ throw new ReadOnlyError;
+ }
+ }
+
+ // Pre-fill username (if not creating an account, bug 44775).
+ if ( $this->mUsername == '' && $this->mType != 'signup' ) {
+ if ( $user->isLoggedIn() ) {
+ $this->mUsername = $user->getName();
+ } else {
+ $this->mUsername = $this->getRequest()->getSession()->suggestLoginUsername();
+ }
+ }
+
+ // Generic styles and scripts for both login and signup form
+ $out->addModuleStyles( [
+ 'mediawiki.ui',
+ 'mediawiki.ui.button',
+ 'mediawiki.ui.checkbox',
+ 'mediawiki.ui.input',
+ 'mediawiki.special.userlogin.common.styles'
+ ] );
+
+ if ( $this->mType == 'signup' ) {
+ // Additional styles and scripts for signup form
+ $out->addModules( [
+ 'mediawiki.special.userlogin.signup.js'
+ ] );
+ $out->addModuleStyles( [
+ 'mediawiki.special.userlogin.signup.styles'
+ ] );
+
+ $template = new UsercreateTemplate( $this->getConfig() );
+
+ // Must match number of benefits defined in messages
+ $template->set( 'benefitCount', 3 );
+
+ $q = 'action=submitlogin&type=signup';
+ $linkq = 'type=login';
+ } else {
+ // Additional styles for login form
+ $out->addModuleStyles( [
+ 'mediawiki.special.userlogin.login.styles'
+ ] );
+
+ $template = new UserloginTemplate( $this->getConfig() );
+
+ $q = 'action=submitlogin&type=login';
+ $linkq = 'type=signup';
+ }
+
+ if ( $this->mReturnTo !== '' ) {
+ $returnto = '&returnto=' . wfUrlencode( $this->mReturnTo );
+ if ( $this->mReturnToQuery !== '' ) {
+ $returnto .= '&returntoquery=' .
+ wfUrlencode( $this->mReturnToQuery );
+ }
+ $q .= $returnto;
+ $linkq .= $returnto;
+ }
+
+ # Don't show a "create account" link if the user can't.
+ if ( $this->showCreateOrLoginLink( $user ) ) {
+ # Pass any language selection on to the mode switch link
+ if ( $wgLoginLanguageSelector && $this->mLanguage ) {
+ $linkq .= '&uselang=' . $this->mLanguage;
+ }
+ // Supply URL, login template creates the button.
+ $template->set( 'createOrLoginHref', $titleObj->getLocalURL( $linkq ) );
+ } else {
+ $template->set( 'link', '' );
+ }
+
+ $resetLink = $this->mType == 'signup'
+ ? null
+ : is_array( $wgPasswordResetRoutes ) && in_array( true, array_values( $wgPasswordResetRoutes ) );
+
+ $template->set( 'header', '' );
+ $template->set( 'formheader', '' );
+ $template->set( 'skin', $this->getSkin() );
+ $template->set( 'name', $this->mUsername );
+ $template->set( 'password', $this->mPassword );
+ $template->set( 'retype', $this->mRetype );
+ $template->set( 'createemailset', $this->mCreateaccountMail );
+ $template->set( 'email', $this->mEmail );
+ $template->set( 'realname', $this->mRealName );
+ $template->set( 'domain', $this->mDomain );
+ $template->set( 'reason', $this->mReason );
+
+ $template->set( 'action', $titleObj->getLocalURL( $q ) );
+ $template->set( 'message', $msg );
+ $template->set( 'messagetype', $msgtype );
+ $template->set( 'createemail', $wgEnableEmail && $user->isLoggedIn() );
+ $template->set( 'userealname', !in_array( 'realname', $wgHiddenPrefs ) );
+ $template->set( 'useemail', $wgEnableEmail );
+ $template->set( 'emailrequired', $wgEmailConfirmToEdit );
+ $template->set( 'emailothers', $wgEnableUserEmail );
+ $template->set( 'canreset', $wgAuth->allowPasswordChange() );
+ $template->set( 'resetlink', $resetLink );
+ $template->set( 'canremember', $wgExtendedLoginCookieExpiration === null ?
+ ( $wgCookieExpiration > 0 ) :
+ ( $wgExtendedLoginCookieExpiration > 0 ) );
+ $template->set( 'usereason', $user->isLoggedIn() );
+ $template->set( 'remember', $this->mRemember );
+ $template->set( 'cansecurelogin', ( $wgSecureLogin === true ) );
+ $template->set( 'stickhttps', (int)$this->mStickHTTPS );
+ $template->set( 'loggedin', $user->isLoggedIn() );
+ $template->set( 'loggedinuser', $user->getName() );
+
+ if ( $this->mType == 'signup' ) {
+ $template->set( 'token', self::getCreateaccountToken()->toString() );
+ } else {
+ $template->set( 'token', self::getLoginToken()->toString() );
+ }
+
+ # Prepare language selection links as needed
+ if ( $wgLoginLanguageSelector ) {
+ $template->set( 'languages', $this->makeLanguageSelector() );
+ if ( $this->mLanguage ) {
+ $template->set( 'uselang', $this->mLanguage );
+ }
+ }
+
+ $template->set( 'secureLoginUrl', $this->mSecureLoginUrl );
+ // Use signupend-https for HTTPS requests if it's not blank, signupend otherwise
+ $usingHTTPS = $this->mRequest->getProtocol() == 'https';
+ $signupendHTTPS = $this->msg( 'signupend-https' );
+ if ( $usingHTTPS && !$signupendHTTPS->isBlank() ) {
+ $template->set( 'signupend', $signupendHTTPS->parse() );
+ } else {
+ $template->set( 'signupend', $this->msg( 'signupend' )->parse() );
+ }
+
+ // If using HTTPS coming from HTTP, then the 'fromhttp' parameter must be preserved
+ if ( $usingHTTPS ) {
+ $template->set( 'fromhttp', $this->mFromHTTP );
+ }
+
+ // Give authentication and captcha plugins a chance to modify the form
+ $wgAuth->modifyUITemplate( $template, $this->mType );
+ if ( $this->mType == 'signup' ) {
+ Hooks::run( 'UserCreateForm', [ &$template ] );
+ } else {
+ Hooks::run( 'UserLoginForm', [ &$template ] );
+ }
+
+ $out->disallowUserJs(); // just in case...
+ $out->addTemplate( $template );
+ }
+
+ /**
+ * Whether the login/create account form should display a link to the
+ * other form (in addition to whatever the skin provides).
+ *
+ * @param User $user
+ * @return bool
+ */
+ private function showCreateOrLoginLink( &$user ) {
+ if ( $this->mType == 'signup' ) {
+ return true;
+ } elseif ( $user->isAllowed( 'createaccount' ) ) {
+ return true;
+ } else {
+ return false;
+ }
+ }
+
+ /**
+ * Check if a session cookie is present.
+ *
+ * This will not pick up a cookie set during _this_ request, but is meant
+ * to ensure that the client is returning the cookie which was set on a
+ * previous pass through the system.
+ *
+ * @private
+ * @return bool
+ */
+ function hasSessionCookie() {
+ global $wgDisableCookieCheck, $wgInitialSessionId;
+
+ return $wgDisableCookieCheck || (
+ $wgInitialSessionId &&
+ $this->getRequest()->getSession()->getId() === (string)$wgInitialSessionId
+ );
+ }
+
+ /**
+ * Get the login token from the current session
+ * @since 1.27 returns a MediaWiki\Session\Token instead of a string
+ * @return MediaWiki\Session\Token
+ */
+ public static function getLoginToken() {
+ global $wgRequest;
+ return $wgRequest->getSession()->getToken( '', 'login' );
+ }
+
+ /**
+ * Formerly randomly generated a login token that would be returned by
+ * $this->getLoginToken().
+ *
+ * Since 1.27, this is a no-op. The token is generated as necessary by
+ * $this->getLoginToken().
+ *
+ * @deprecated since 1.27
+ */
+ public static function setLoginToken() {
+ wfDeprecated( __METHOD__, '1.27' );
+ }
+
+ /**
+ * Remove any login token attached to the current session
+ */
+ public static function clearLoginToken() {
+ global $wgRequest;
+ $wgRequest->getSession()->resetToken( 'login' );
+ }
+
+ /**
+ * Get the createaccount token from the current session
+ * @since 1.27 returns a MediaWiki\Session\Token instead of a string
+ * @return MediaWiki\Session\Token
+ */
+ public static function getCreateaccountToken() {
+ global $wgRequest;
+ return $wgRequest->getSession()->getToken( '', 'createaccount' );
+ }
+
+ /**
+ * Formerly randomly generated a createaccount token that would be returned
+ * by $this->getCreateaccountToken().
+ *
+ * Since 1.27, this is a no-op. The token is generated as necessary by
+ * $this->getCreateaccountToken().
+ *
+ * @deprecated since 1.27
+ */
+ public static function setCreateaccountToken() {
+ wfDeprecated( __METHOD__, '1.27' );
+ }
+
+ /**
+ * Remove any createaccount token attached to the current session
+ */
+ public static function clearCreateaccountToken() {
+ global $wgRequest;
+ $wgRequest->getSession()->resetToken( 'createaccount' );
+ }
+
+ /**
+ * Renew the user's session id, using strong entropy
+ */
+ private function renewSessionId() {
+ global $wgSecureLogin, $wgCookieSecure;
+ if ( $wgSecureLogin && !$this->mStickHTTPS ) {
+ $wgCookieSecure = false;
+ }
+
+ SessionManager::getGlobalSession()->resetId();
+ }
+
+ /**
+ * @param string $type
+ * @private
+ */
+ function cookieRedirectCheck( $type ) {
+ $titleObj = SpecialPage::getTitleFor( 'Userlogin' );
+ $query = [ 'wpCookieCheck' => $type ];
+ if ( $this->mReturnTo !== '' ) {
+ $query['returnto'] = $this->mReturnTo;
+ $query['returntoquery'] = $this->mReturnToQuery;
+ }
+ $check = $titleObj->getFullURL( $query );
+
+ $this->getOutput()->redirect( $check );
+ }
+
+ /**
+ * @param string $type
+ * @private
+ */
+ function onCookieRedirectCheck( $type ) {
+ if ( !$this->hasSessionCookie() ) {
+ if ( $type == 'new' ) {
+ $this->mainLoginForm( $this->msg( 'nocookiesnew' )->parse() );
+ } elseif ( $type == 'login' ) {
+ $this->mainLoginForm( $this->msg( 'nocookieslogin' )->parse() );
+ } else {
+ # shouldn't happen
+ $this->mainLoginForm( $this->msg( 'error' )->text() );
+ }
+ } else {
+ $this->successfulLogin();
+ }
+ }
+
+ /**
+ * Produce a bar of links which allow the user to select another language
+ * during login/registration but retain "returnto"
+ *
+ * @return string
+ */
+ function makeLanguageSelector() {
+ $msg = $this->msg( 'loginlanguagelinks' )->inContentLanguage();
+ if ( $msg->isBlank() ) {
+ return '';
+ }
+ $langs = explode( "\n", $msg->text() );
+ $links = [];
+ foreach ( $langs as $lang ) {
+ $lang = trim( $lang, '* ' );
+ $parts = explode( '|', $lang );
+ if ( count( $parts ) >= 2 ) {
+ $links[] = $this->makeLanguageSelectorLink( $parts[0], trim( $parts[1] ) );
+ }
+ }
+
+ return count( $links ) > 0 ? $this->msg( 'loginlanguagelabel' )->rawParams(
+ $this->getLanguage()->pipeList( $links ) )->escaped() : '';
+ }
+
+ /**
+ * Create a language selector link for a particular language
+ * Links back to this page preserving type and returnto
+ *
+ * @param string $text Link text
+ * @param string $lang Language code
+ * @return string
+ */
+ function makeLanguageSelectorLink( $text, $lang ) {
+ if ( $this->getLanguage()->getCode() == $lang ) {
+ // no link for currently used language
+ return htmlspecialchars( $text );
+ }
+ $query = [ 'uselang' => $lang ];
+ if ( $this->mType == 'signup' ) {
+ $query['type'] = 'signup';
+ }
+ if ( $this->mReturnTo !== '' ) {
+ $query['returnto'] = $this->mReturnTo;
+ $query['returntoquery'] = $this->mReturnToQuery;
+ }
+
+ $attr = [];
+ $targetLanguage = Language::factory( $lang );
+ $attr['lang'] = $attr['hreflang'] = $targetLanguage->getHtmlCode();
+
+ return Linker::linkKnown(
+ $this->getPageTitle(),
+ htmlspecialchars( $text ),
+ $attr,
+ $query
+ );
+ }
+
+ protected function getGroupName() {
+ return 'login';
+ }
+
+ /**
+ * Private function to check password expiration, until AuthManager comes
+ * along to handle that.
+ * @param User $user
+ * @return string|bool
+ */
+ private function checkUserPasswordExpired( User $user ) {
+ global $wgPasswordExpireGrace;
+ $dbr = wfGetDB( DB_SLAVE );
+ $ts = $dbr->selectField( 'user', 'user_password_expires', [ 'user_id' => $user->getId() ] );
+
+ $expired = false;
+ $now = wfTimestamp();
+ $expUnix = wfTimestamp( TS_UNIX, $ts );
+ if ( $ts !== null && $expUnix < $now ) {
+ $expired = ( $expUnix + $wgPasswordExpireGrace < $now ) ? 'hard' : 'soft';
+ }
+ return $expired;
+ }
+
+ protected function getSubpagesForPrefixSearch() {
+ return [ 'signup' ];
+ }
+}
--- /dev/null
+<?php
+/**
+ * Implements Special:Userlogout
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License along
+ * with this program; if not, write to the Free Software Foundation, Inc.,
+ * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
+ * http://www.gnu.org/copyleft/gpl.html
+ *
+ * @file
+ * @ingroup SpecialPage
+ */
+
+/**
+ * Implements Special:Userlogout
+ *
+ * @ingroup SpecialPage
+ */
+class SpecialUserlogoutPreAuthManager extends UnlistedSpecialPage {
+ function __construct() {
+ parent::__construct( 'Userlogout' );
+ }
+
+ public function doesWrites() {
+ return true;
+ }
+
+ function execute( $par ) {
+ /**
+ * Some satellite ISPs use broken precaching schemes that log people out straight after
+ * they're logged in (bug 17790). Luckily, there's a way to detect such requests.
+ */
+ if ( isset( $_SERVER['REQUEST_URI'] ) && strpos( $_SERVER['REQUEST_URI'], '&' ) !== false ) {
+ wfDebug( "Special:Userlogout request {$_SERVER['REQUEST_URI']} looks suspicious, denying.\n" );
+ throw new HttpError( 400, $this->msg( 'suspicious-userlogout' ), $this->msg( 'loginerror' ) );
+ }
+
+ $this->setHeaders();
+ $this->outputHeader();
+
+ // Make sure it's possible to log out
+ $session = MediaWiki\Session\SessionManager::getGlobalSession();
+ if ( !$session->canSetUser() ) {
+ throw new ErrorPageError(
+ 'cannotlogoutnow-title',
+ 'cannotlogoutnow-text',
+ [
+ $session->getProvider()->describe( RequestContext::getMain()->getLanguage() )
+ ]
+ );
+ }
+
+ $user = $this->getUser();
+ $oldName = $user->getName();
+ $user->logout();
+
+ $loginURL = SpecialPage::getTitleFor( 'Userlogin' )->getFullURL(
+ $this->getRequest()->getValues( 'returnto', 'returntoquery' ) );
+
+ $out = $this->getOutput();
+ $out->addWikiMsg( 'logouttext', $loginURL );
+
+ // Hook.
+ $injected_html = '';
+ Hooks::run( 'UserLogoutComplete', [ &$user, &$injected_html, $oldName ] );
+ $out->addHTML( $injected_html );
+
+ $out->returnToMain();
+ }
+
+ protected function getGroupName() {
+ return 'login';
+ }
+}
*
* @file
* @ingroup Templates
+ * @deprecated Will be removed when AuthManager lands.
+ * The signup form will be generated via HTMLForm.
*/
class UsercreateTemplate extends BaseTemplate {
*
* @file
* @ingroup Templates
+ * @deprecated Will be removed when AuthManager lands.
+ * The login form will be generated via HTMLForm.
*/
class UserloginTemplate extends BaseTemplate {
--- /dev/null
+<?php
+/**
+ * User password reset helper for MediaWiki.
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License along
+ * with this program; if not, write to the Free Software Foundation, Inc.,
+ * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
+ * http://www.gnu.org/copyleft/gpl.html
+ *
+ * @file
+ */
+
+use MediaWiki\Auth\AuthManager;
+use MediaWiki\Auth\TemporaryPasswordAuthenticationRequest;
+
+/**
+ * Helper class for the password reset functionality shared by the web UI and the API.
+ *
+ * Requires the TemporaryPasswordPrimaryAuthenticationProvider and the
+ * EmailNotificationSecondaryAuthenticationProvider (or something providing equivalent
+ * functionality) to be enabled.
+ */
+class PasswordReset {
+ /** @var Config */
+ protected $config;
+
+ /** @var AuthManager */
+ protected $authManager;
+
+ /**
+ * In-process cache for isAllowed lookups, by username. Contains pairs of StatusValue objects
+ * (for false and true value of $displayPassword, respectively).
+ * @var HashBagOStuff
+ */
+ private $permissionCache;
+
+ public function __construct( Config $config, AuthManager $authManager ) {
+ $this->config = $config;
+ $this->authManager = $authManager;
+ $this->permissionCache = new HashBagOStuff( [ 'maxKeys' => 1 ] );
+ }
+
+ /**
+ * Check if a given user has permission to use this functionality.
+ * @param User $user
+ * @param bool $displayPassword If set, also check whether the user is allowed to reset the
+ * password of another user and see the temporary password.
+ * @return StatusValue
+ */
+ public function isAllowed( User $user, $displayPassword = false ) {
+ $statuses = $this->permissionCache->get( $user->getName() );
+ if ( $statuses ) {
+ list ( $status, $status2 ) = $statuses;
+ } else {
+ $resetRoutes = $this->config->get( 'PasswordResetRoutes' );
+ $status = StatusValue::newGood();
+
+ if ( !is_array( $resetRoutes ) ||
+ !in_array( true, array_values( $resetRoutes ), true )
+ ) {
+ // Maybe password resets are disabled, or there are no allowable routes
+ $status = StatusValue::newFatal( 'passwordreset-disabled' );
+ } elseif (
+ ( $providerStatus = $this->authManager->allowsAuthenticationDataChange(
+ new TemporaryPasswordAuthenticationRequest(), false ) )
+ && !$providerStatus->isGood()
+ ) {
+ // Maybe the external auth plugin won't allow local password changes
+ $status = StatusValue::newFatal( 'resetpass_forbidden-reason',
+ $providerStatus->getMessage() );
+ } elseif ( !$this->config->get( 'EnableEmail' ) ) {
+ // Maybe email features have been disabled
+ $status = StatusValue::newFatal( 'passwordreset-emaildisabled' );
+ } elseif ( !$user->isAllowed( 'editmyprivateinfo' ) ) {
+ // Maybe not all users have permission to change private data
+ $status = StatusValue::newFatal( 'badaccess' );
+ } elseif ( $user->isBlocked() ) {
+ // Maybe the user is blocked (check this here rather than relying on the parent
+ // method as we have a more specific error message to use here
+ $status = StatusValue::newFatal( 'blocked-mailpassword' );
+ }
+
+ $status2 = StatusValue::newGood();
+ if ( !$user->isAllowed( 'passwordreset' ) ) {
+ $status2 = StatusValue::newFatal( 'badaccess' );
+ }
+
+ $this->permissionCache->set( $user->getName(), [ $status, $status2 ] );
+ }
+
+ if ( !$displayPassword || !$status->isGood() ) {
+ return $status;
+ } else {
+ return $status2;
+ }
+ }
+
+ /**
+ * Do a password reset. Authorization is the caller's responsibility.
+ *
+ * Process the form. At this point we know that the user passes all the criteria in
+ * userCanExecute(), and if the data array contains 'Username', etc, then Username
+ * resets are allowed.
+ * @param User $performingUser The user that does the password reset
+ * @param string $username The user whose password is reset
+ * @param string $email Alternative way to specify the user
+ * @param bool $displayPassword Whether to display the password
+ * @return StatusValue Will contain the passwords as a username => password array if the
+ * $displayPassword flag was set
+ * @throws LogicException When the user is not allowed to perform the action
+ * @throws MWException On unexpected DB errors
+ */
+ public function execute(
+ User $performingUser, $username = null, $email = null, $displayPassword = false
+ ) {
+ if ( !$this->isAllowed( $performingUser, $displayPassword )->isGood() ) {
+ $action = $this->isAllowed( $performingUser )->isGood() ? 'display' : 'reset';
+ throw new LogicException( 'User ' . $performingUser->getName()
+ . ' is not allowed to ' . $action . ' passwords' );
+ }
+
+ $resetRoutes = $this->config->get( 'PasswordResetRoutes' )
+ + [ 'username' => false, 'email' => false ];
+ if ( $resetRoutes['username'] && $username ) {
+ $method = 'username';
+ $users = [ User::newFromName( $username ) ];
+ } elseif ( $resetRoutes['email'] && $email ) {
+ if ( !Sanitizer::validateEmail( $email ) ) {
+ return StatusValue::newFatal( 'passwordreset-invalidemail' );
+ }
+ $method = 'email';
+ $users = $this->getUsersByEmail( $email );
+ } else {
+ // The user didn't supply any data
+ return StatusValue::newFatal( 'passwordreset-nodata' );
+ }
+
+ // Check for hooks (captcha etc), and allow them to modify the users list
+ $error = [];
+ $data = [
+ 'Username' => $username,
+ 'Email' => $email,
+ 'Capture' => $displayPassword ? '1' : null,
+ ];
+ if ( !Hooks::run( 'SpecialPasswordResetOnSubmit', [ &$users, $data, &$error ] ) ) {
+ return StatusValue::newFatal( wfMessage( $error ) );
+ }
+
+ if ( !$users ) {
+ if ( $method === 'email' ) {
+ // Don't reveal whether or not an email address is in use
+ return StatusValue::newGood( [] );
+ } else {
+ return StatusValue::newFatal( 'noname' );
+ }
+ }
+
+ $firstUser = $users[0];
+
+ if ( !$firstUser instanceof User || !$firstUser->getId() ) {
+ // Don't parse username as wikitext (bug 65501)
+ return StatusValue::newFatal( wfMessage( 'nosuchuser', wfEscapeWikiText( $username ) ) );
+ }
+
+ // Check against the rate limiter
+ if ( $performingUser->pingLimiter( 'mailpassword' ) ) {
+ return StatusValue::newFatal( 'actionthrottledtext' );
+ }
+
+ // All the users will have the same email address
+ if ( !$firstUser->getEmail() ) {
+ // This won't be reachable from the email route, so safe to expose the username
+ return StatusValue::newFatal( wfMessage( 'noemail',
+ wfEscapeWikiText( $firstUser->getName() ) ) );
+ }
+
+ // We need to have a valid IP address for the hook, but per bug 18347, we should
+ // send the user's name if they're logged in.
+ $ip = $performingUser->getRequest()->getIP();
+ if ( !$ip ) {
+ return StatusValue::newFatal( 'badipaddress' );
+ }
+
+ Hooks::run( 'User::mailPasswordInternal', [ &$performingUser, &$ip, &$firstUser ] );
+
+ $result = StatusValue::newGood();
+ $reqs = [];
+ foreach ( $users as $user ) {
+ $req = TemporaryPasswordAuthenticationRequest::newRandom();
+ $req->username = $user->getName();
+ $req->mailpassword = true;
+ $req->hasBackchannel = $displayPassword;
+ $req->caller = $performingUser->getName();
+ $status = $this->authManager->allowsAuthenticationDataChange( $req, true );
+ if ( $status->isGood() && $status->getValue() !== 'ignored' ) {
+ $reqs[] = $req;
+ } elseif ( $result->isGood() ) {
+ // only record the first error, to avoid exposing the number of users having the
+ // same email address
+ if ( $status->getValue() === 'ignored' ) {
+ $status = StatusValue::newFatal( 'passwordreset-ignored' );
+ }
+ $result->merge( $status );
+ }
+ }
+
+ if ( !$result->isGood() ) {
+ return $result;
+ }
+
+ $passwords = [];
+ foreach ( $reqs as $req ) {
+ $this->authManager->changeAuthenticationData( $req );
+ // TODO record mail sending errors
+ if ( $displayPassword ) {
+ $passwords[$req->username] = $req->password;
+ }
+ }
+
+ return StatusValue::newGood( $passwords );
+ }
+
+ /**
+ * @param string $email
+ * @return User[]
+ * @throws MWException On unexpected database errors
+ */
+ protected function getUsersByEmail( $email ) {
+ $res = wfGetDB( DB_SLAVE )->select(
+ 'user',
+ User::selectFields(),
+ [ 'user_email' => $email ],
+ __METHOD__
+ );
+
+ if ( !$res ) {
+ // Some sort of database error, probably unreachable
+ throw new MWException( 'Unknown database error in ' . __METHOD__ );
+ }
+
+ $users = [];
+ foreach ( $res as $row ) {
+ $users[] = User::newFromRow( $row );
+ }
+ return $users;
+ }
+}
/**
* Set the password for a password reminder or new account email
*
- * @deprecated since 1.27. Some way to do this via AuthManager (probably
- * involving TemporaryPasswordAuthenticationRequest) has yet to be
- * designed.
+ * @deprecated Removed in 1.27. Use PasswordReset instead.
* @param string $str New password to set or null to set an invalid
* password hash meaning that the user will not be able to use it
* @param bool $throttle If true, reset the throttle timestamp to the present
"password-change-forbidden": "You cannot change passwords on this wiki.",
"externaldberror": "There was either an authentication database error or you are not allowed to update your external account.",
"login": "Log in",
+ "login-security": "Verify your identity",
"nav-login-createaccount": "Log in / create account",
"loginprompt": "",
"userlogin": "Log in / create account",
"helplogin-url": "https://www.mediawiki.org/wiki/Special:MyLanguage/Help:Logging_in",
"userlogin-helplink2": "Help with logging in",
"userlogin-loggedin": "You are already logged in as {{GENDER:$1|$1}}.\nUse the form below to log in as another user.",
+ "userlogin-reauth": "You must log in again to verify that you are {{GENDER:$1|$1}}.",
"userlogin-createanother": "Create another account",
"createacct-emailrequired": "Email address",
"createacct-emailoptional": "Email address (optional)",
"createacct-email-ph": "Enter your email address",
"createacct-another-email-ph": "Enter email address",
"createaccountmail": "Use a temporary random password and send it to the specified email address",
+ "createaccountmail-help": "Can be used to create account for another person without learning the password.",
"createacct-realname": "Real name (optional)",
"createaccountreason": "Reason:",
"createacct-reason": "Reason",
"createacct-reason-ph": "Why you are creating another account",
+ "createacct-reason-help": "Message shown in the account creation log",
"createacct-imgcaptcha-help": "",
"createacct-submit": "Create your account",
"createacct-another-submit": "Create account",
+ "createacct-continue-submit": "Continue account creation",
+ "createacct-another-continue-submit": "Continue account creation",
"createacct-benefit-heading": "{{SITENAME}} is made by people like you.",
"createacct-benefit-icon1": "icon-edits",
"createacct-benefit-head1": "{{NUMBEROFEDITS}}",
"nocookieslogin": "{{SITENAME}} uses cookies to log in users.\nYou have cookies disabled.\nPlease enable them and try again.",
"nocookiesfornew": "The user account was not created, as we could not confirm its source.\nEnsure you have cookies enabled, reload this page and try again.",
"nocookiesforlogin": "{{int:nocookieslogin}}",
+ "createacct-loginerror": "The account was successfully created but you could not be logged in automatically. Please proceed to [[Special:UserLogin|manual login]].",
"noname": "You have not specified a valid username.",
"loginsuccesstitle": "Logged in",
"loginsuccess": "<strong>You are now logged in to {{SITENAME}} as \"$1\".</strong>",
- "nosuchuser": "There is no user by the name \"$1\".\nUsernames are case sensitive.\nCheck your spelling, or [[Special:UserLogin/signup|create a new account]].",
+ "nosuchuser": "There is no user by the name \"$1\".\nUsernames are case sensitive.\nCheck your spelling, or [[Special:CreateAccount|create a new account]].",
"nosuchusershort": "There is no user by the name \"$1\".\nCheck your spelling.",
"nouserspecified": "You have to specify a username.",
"login-userblocked": "This user is blocked. Login not allowed.",
"createacct-another-realname-tip": "Real name is optional.\nIf you choose to provide it, this will be used for giving the user attribution for their work.",
"pt-login": "Log in",
"pt-login-button": "Log in",
+ "pt-login-continue-button": "Continue login",
"pt-createaccount": "Create account",
"pt-userlogout": "Log out",
"pear-mail-error": "$1",
"botpasswords-invalid-name": "The username specified does not contain the bot password separator (\"$1\").",
"botpasswords-not-exist": "User \"$1\" does not have a bot password named \"$2\".",
"resetpass_forbidden": "Passwords cannot be changed",
+ "resetpass_forbidden-reason": "Passwords cannot be changed: $1",
"resetpass-no-info": "You must be logged in to access this page directly.",
"resetpass-submit-loggedin": "Change password",
"resetpass-submit-cancel": "Cancel",
"passwordreset-emailsentusername": "If there is an email address associated with this username, then a password reset email will be sent.",
"passwordreset-emailsent-capture": "A password reset email has been sent, which is shown below.",
"passwordreset-emailerror-capture": "A password reset email was generated, which is shown below, but sending it to the {{GENDER:$2|user}} failed: $1",
+ "passwordreset-emailsent-capture2": "The password reset {{PLURAL:$1|email has|emails have}} been sent. The {{PLURAL:$1|username and password|list of usernames and passwords}} is shown below.",
+ "passwordreset-emailerror-capture2": "Emailing the {{GENDER:$2|user}} failed: $1 The {{PLURAL:$3|username and password|list of usernames and passwords}} is shown below.",
+ "passwordreset-nocaller": "A caller must be provided",
+ "passwordreset-nosuchcaller": "Caller does not exist: $1",
+ "passwordreset-ignored": "The password reset was not handled. Maybe no provider was configured?",
+ "passwordreset-invalideamil": "Invalid email address",
+ "passwordreset-nodata": "Neither a username nor an email address was supplied",
"changeemail": "Change or remove email address",
"changeemail-summary": "",
"changeemail-header": "Complete this form to change your email address. If you would like to remove the association of any email address from your account, leave the new email address blank when submitting the form.",
"newarticletext": "You have followed a link to a page that does not exist yet.\nTo create the page, start typing in the box below (see the [$1 help page] for more info).\nIf you are here by mistake, click your browser's <strong>back</strong> button.",
"newarticletextanon": "{{int:newarticletext|$1}}",
"talkpagetext": "<!-- MediaWiki:talkpagetext -->",
- "anontalkpagetext": "----\n<em>This is the discussion page for an anonymous user who has not created an account yet, or who does not use it.</em>\nWe therefore have to use the numerical IP address to identify him/her.\nSuch an IP address can be shared by several users.\nIf you are an anonymous user and feel that irrelevant comments have been directed at you, please [[Special:UserLogin/signup|create an account]] or [[Special:UserLogin|log in]] to avoid future confusion with other anonymous users.",
+ "anontalkpagetext": "----\n<em>This is the discussion page for an anonymous user who has not created an account yet, or who does not use it.</em>\nWe therefore have to use the numerical IP address to identify him/her.\nSuch an IP address can be shared by several users.\nIf you are an anonymous user and feel that irrelevant comments have been directed at you, please [[Special:CreateAccount|create an account]] or [[Special:UserLogin|log in]] to avoid future confusion with other anonymous users.",
"noarticletext": "There is currently no text in this page.\nYou can [[Special:Search/{{PAGENAME}}|search for this page title]] in other pages,\n<span class=\"plainlinks\">[{{fullurl:{{#Special:Log}}|page={{FULLPAGENAMEE}}}} search the related logs],\nor [{{fullurl:{{FULLPAGENAME}}|action=edit}} create this page]</span>.",
"noarticletext-nopermission": "There is currently no text in this page.\nYou can [[Special:Search/{{PAGENAME}}|search for this page title]] in other pages, or <span class=\"plainlinks\">[{{fullurl:{{#Special:Log}}|page={{FULLPAGENAMEE}}}} search the related logs]</span>, but you do not have permission to create this page.",
"noarticletextanon": "{{int:noarticletext}}",
"authprovider-confirmlink-failed": "Account linking did not fully succeed: $1",
"authprovider-confirmlink-ok-help": "Continue after displaying linking failure messages.",
"authprovider-resetpass-skip-label": "Skip",
- "authprovider-resetpass-skip-help": "Skip resetting the password."
+ "authprovider-resetpass-skip-help": "Skip resetting the password.",
+ "authform-nosession-login": "The authentication was successful, but your browser cannot \"remember\" being logged in.\n\n$1",
+ "authform-nosession-signup": "The account was created, but your browser cannot \"remember\" being logged in.\n\n$1",
+ "authform-newtoken": "Missing token. $1",
+ "authform-notoken": "Missing token",
+ "authform-wrongtoken": "Wrong token",
+ "specialpage-securitylevel-not-allowed-title": "Not allowed",
+ "specialpage-securitylevel-not-allowed": "Sorry, you are not allowed to use this page because your identity could not be verified.",
+ "authpage-cannot-login": "Unable to start login.",
+ "authpage-cannot-login-continue": "Unable to continue login. Your session most likely timed out.",
+ "authpage-cannot-create": "Unable to start account creation.",
+ "authpage-cannot-create-continue": "Unable to continue account creation. Your session most likely timed out.",
+ "authpage-cannot-link": "Unable to start account linking.",
+ "authpage-cannot-link-continue": "Unable to continue account linking. Your session most likely timed out.",
+ "cannotauth-not-allowed-title": "Permission denied",
+ "cannotauth-not-allowed": "You are not allowed to use this page",
+ "changecredentials" : "Change credentials",
+ "changecredentials-submit": "Change",
+ "changecredentials-submit-cancel": "Cancel",
+ "changecredentials-invalidsubpage": "$1 is not a valid credential type.",
+ "changecredentials-success": "Your credentials have been changed.",
+ "removecredentials" : "Remove credentials",
+ "removecredentials-submit": "Remove",
+ "removecredentials-submit-cancel": "Cancel",
+ "removecredentials-invalidsubpage": "$1 is not a valid credential type.",
+ "removecredentials-success": "Your credentials have been removed.",
+ "credentialsform-provider": "Credentials type:",
+ "credentialsform-account": "Account name:",
+ "cannotlink-no-provider-title": "There are no linkable accounts",
+ "cannotlink-no-provider": "There are no linkable accounts.",
+ "linkaccounts": "Link accounts",
+ "linkaccounts-success-text": "The account was linked.",
+ "linkaccounts-submit": "Link accounts",
+ "unlinkaccounts": "Unlink accounts",
+ "unlinkaccounts-success": "The account was unlinked."
}
"password-change-forbidden": "Error message shown when an external authentication source does not allow the password to be changed.",
"externaldberror": "This message is thrown when a valid attempt to change the wiki password for a user fails because of a database error or an error from an external system.",
"login": "{{Doc-special|UserLogin|unlisted=1}}\n{{Identical|Log in}}",
+ "login-security": "Used as the title of the login page when the user is already logged in but sent to reauthenticate before getting access to a feature with elevated security.",
"nav-login-createaccount": "Shown to anonymous users in the upper right corner of the page. When you can't create an account, the message {{msg-mw|login}} is shown.\n{{Identical|Log in / create account}}",
"loginprompt": "{{ignored}}",
"userlogin": "Since 1.22 no longer used in core, but may still be used by extensions. DEPRECATED\n\n{{Identical|Log in / create account}}",
"helplogin-url": "{{doc-important|Do not translate the namespace name <code>Help</code>.}}\nUsed as name of the page that provides information about logging into the wiki.\n\nUsed as a link target in the message {{msg-mw|Userlogin-helplink}}.",
"userlogin-helplink2": "Label for a link to login help.\n\nSee example: [[Special:UserLogin]]\n\nSee also:\n* {{msg-mw|Helplogin-url}}",
"userlogin-loggedin": "Used as warning on [[Special:UserLogin]] when the current user is already logged in.\n\nFollowed by the Login form.\n\nSee example: [[Special:UserLogin]].\n\nParameters:\n* $1 - user name (used for display and for gender support)\nSee also:\n* {{msg-mw|Mobile-frontend-userlogin-loggedin-register}}",
+ "userlogin-reauth": "Used as an explanatory message on [[Special:UserLogin]] when the user is redirected there to log in again when trying to use a security-sensitive page.\n\nParameters:\n* $1 - user name (used for display and for gender support)",
"userlogin-createanother": "Used as label for the button on [[Special:UserLogin]] shown when the current user is already logged in.\n{{Identical|Create another account}}",
"createacct-emailrequired": "Label in create account form for email field when it is required.\n\nSee also:\n* {{msg-mw|Createacct-emailoptional}}\n{{Identical|E-mail address}}",
"createacct-emailoptional": "Label in vertical-layout create account form for email field when it is optional.\n\nSee example: [{{canonicalurl:Special:UserLogin|type=signup}} Special:UserLogin?type=signup]\n\nSee also:\n* {{msg-mw|Createacct-emailrequired}}",
"createacct-email-ph": "Placeholder in vertical-layout create account form for email field.\n\nSee example: [{{canonicalurl:Special:UserLogin|type=signup}} Special:UserLogin?type=signup]",
"createacct-another-email-ph": "Placeholder in create account form for email field when one user creates an account for another.",
- "createaccountmail": "The label for the checkbox for creating a new account and sending the new password to the specified email address directly, as used on [[Special:UserLogin/signup]] when one user creates an account for another (if creating accounts by email is allowed).\n\nSee example: [{{canonicalurl:Special:UserLogin|type=signup}} Special:UserLogin?type=signup]",
+ "createaccountmail": "The label for the checkbox for creating a new account and sending the new password to the specified email address directly, as used on [[Special:CreateAccount]] when one user creates an account for another (if creating accounts by email is allowed).\n\nSee example: [{{canonicalurl:Special:UserLogin|type=signup}} Special:UserLogin?type=signup]",
+ "createaccountmail-help": "Account creation API help message for the <code>mailpassword</code> parameter.",
"createacct-realname": "In vertical-layout create account form, label for field to enter optional real name.",
"createaccountreason": "Since 1.22 no longer used in core, but may be used by some extensions. DEPRECATED\n\n{{Identical|Reason}}",
"createacct-reason": "In create account form, label for field to enter reason to create an account when already logged-in.\n\nSee example: [{{canonicalurl:Special:UserLogin|type=signup}} Special:UserLogin?type=signup]\n{{Identical|Reason}}",
"createacct-reason-ph": "Placeholder in vertical-layout create account form for reason field.\n\nSee example: [{{canonicalurl:Special:UserLogin|type=signup}} Special:UserLogin?type=signup]",
+ "createacct-reason-help": "Account creation API help message for the <code>reason</code> parameter.",
"createacct-imgcaptcha-help": "{{Optional}} Optional help text in vertical-layout create account form for image CAPTCHA input field when repositioned by JavaScript.\n\nBlank by default.",
"createacct-submit": "Submit button on vertical-layout create account form.\n\nSee example: [{{canonicalurl:Special:UserLogin|type=signup}} Special:UserLogin?type=signup]",
- "createacct-another-submit": "Submit button of [[Special:UserLogin/signup]] ([[Special:CreateAccount]]) when accessed by a registered user.\n\nThe original means \"create an account in addition to the one you already have\"; sometimes, but not always, it means you are going to \"Create the account on behalf of somebody else\" or \"Create account for another\".\n{{Identical|Create another account}}",
+ "createacct-another-submit": "Submit button of [[Special:CreateAccount]] when accessed by a registered user.\n\nThe original means \"create an account in addition to the one you already have\"; sometimes, but not always, it means you are going to \"Create the account on behalf of somebody else\" or \"Create account for another\".\n{{Identical|Create another account}}",
+ "createacct-continue-submit": "Submit button on create account form in second and later steps of a multistep account creation.",
+ "createacct-another-continue-submit": "Submit button on create account form in second and later steps of a multistep account creation, when done by a registered user.",
"createacct-benefit-heading": "In vertical-layout create account form, the heading for the section describing the benefits of creating an account. See example: [{{canonicalurl:Special:UserLogin|type=signup}} Special:UserLogin?type=signup]\n\nIf in your language you need to know the gender of the name for the wiki (which is the subject of the English sentence), please adapt the sentence as much as you need for your translation to fit.",
"createacct-benefit-icon1": "In vertical-layout create account form, the CSS style for the div next to the first benefit. If you replace this you will need probably need to adjust CSS.\n\nUsed as a CSS class name.\n\nSee example: [{{canonicalurl:Special:UserLogin|type=signup&useNew=1}} Special:UserLogin?type=signup&useNew=1]",
"createacct-benefit-head1": "In vertical-layout create account form, the text in the heading for the first benefit. Do not edit the magic word; if you replace it you will probably need to adjust CSS.\n\nFollowed by the message {{msg-mw|Createacct-benefit-body1}}.\n\nSee example: [{{canonicalurl:Special:UserLogin|type=signup&useNew=1}} Special:UserLogin?type=signup&useNew=1]",
"nocookieslogin": "This message is displayed when someone tried to login, but the browser doesn't accept cookies.",
"nocookiesfornew": "This message is displayed when the user tried to create a new account, but it failed the cross-site request forgery (CSRF) check. It could be blocking an attack, but most likely, the browser isn't accepting cookies.",
"nocookiesforlogin": "{{optional}}\nThis message is displayed when someone tried to login and the CSRF failed (most likely, the browser doesn't accept cookies).\n\nDefault:\n* {{msg-mw|Nocookieslogin}}",
+ "createacct-loginerror": "This message is displayed after a successful registration when there is a server-side error with logging the user in. This is not expected to happen.",
"noname": "Error message.",
"loginsuccesstitle": "The title of the page saying that you are logged in. The content of the page is the message {{msg-mw|Loginsuccess}}.\n{{Identical|Log in}}",
"loginsuccess": "The content of the page saying that you are logged in. The title of the page is {{msg-mw|Loginsuccesstitle}}.\n\nParameters:\n* $1 - the name of the logged in user\n{{Gender}}",
"createacct-another-realname-tip": "{{doc-singularthey}}\nUsed on the account creation form when creating another user's account. Similar to {{msg-mw|prefs-help-realname}}.\n{{Identical|Real name attribution}}",
"pt-login": "Shown to anonymous users in the upper right corner of the page when they can't create an account (otherwise the message {{msg-mw|nav-login-createaccount}} is shown there).\n{{Identical|Log in}}",
"pt-login-button": "Shown as the caption of the button at [[Special:UserLogin]].\n{{Identical|Log in}}",
+ "pt-login-continue-button": "Shown as the caption of the button at [[Special:UserLogin]] in second and later steps of a multipage login.",
"pt-createaccount": "Used on the top of the page for logged out users, where it appears next to {{msg-mw|login}}, so consider making them similar.\n{{Identical|Create account}}",
"pt-userlogout": "{{Doc-actionlink}}\n{{Identical|Log out}}",
"pear-mail-error": "{{notranslate}}\nParameters:\n* $1 - error message which is returned by PEAR mailer.",
"botpasswords-invalid-name": "Error message when a username lacking the separator character is passed to BotPassword. Parameters:\n* $1 - The separator character.",
"botpasswords-not-exist": "Error message when a username exists but does not a bot password for the given \"bot name\". Parameters:\n* $1 - username\n* $2 - bot name",
"resetpass_forbidden": "Used as error message in changing password. Maybe the external auth plugin won't allow local password changes.",
+ "resetpass_forbidden-reason": "Like {{msg-mw|resetpass_forbidden}} but the auth provider gave a reason.\n\nParameters:\n* $1 - reason given by auth provider",
"resetpass-no-info": "Error message for [[Special:ChangePassword]].\n\nParameters:\n* $1 (unused) - a link to [[Special:UserLogin]] with {{msg-mw|loginreqlink}} as link description",
"resetpass-submit-loggedin": "Button on [[Special:ResetPass]] to submit new password.\n\n{{Identical|Change password}}",
"resetpass-submit-cancel": "Used on [[Special:ResetPass]].\n{{Identical|Cancel}}",
"passwordreset-emailsentusername": "Used in [[Special:PasswordReset]].\n\nSee also:\n* {{msg-mw|Passwordreset-emailsent-capture}}\n* {{msg-mw|Passwordreset-emailerror-capture}}",
"passwordreset-emailsent-capture": "Used in [[Special:PasswordReset]].\n\nSee also:\n* {{msg-mw|Passwordreset-emailsentemail}}\n* {msg-mw|Passwordreset-emailsentusername}}\n* {{msg-mw|Passwordreset-emailerror-capture}}",
"passwordreset-emailerror-capture": "Error message displayed in [[Special:PasswordReset]] when sending an email fails. Parameters:\n* $1 - error message\n* $2 - username, used for GENDER\nSee also:\n* {{msg-mw|Passwordreset-emailsentemail}}\n* {msg-mw|Passwordreset-emailsentusername}}\n* {{msg-mw|Passwordreset-emailsent-capture}}",
+ "passwordreset-emailsent-capture2": "Used in [[Special:PasswordReset]].\n\nParameters:\n* $1 - number of accounts notified\n\nSee also:\n* {{msg-mw|Passwordreset-emailsentemail}}\n* {msg-mw|Passwordreset-emailsentusername}}\n* {{msg-mw|Passwordreset-emailerror-capture}}",
+ "passwordreset-emailerror-capture2": "Error message displayed in [[Special:PasswordReset]] when sending an email fails. Parameters:\n* $1 - error message\n* $2 - username, used for GENDER\n* $3 - number of accounts notified\n\nSee also:\n* {{msg-mw|Passwordreset-emailsentemail}}\n* {msg-mw|Passwordreset-emailsentusername}}\n* {{msg-mw|Passwordreset-emailsent-capture}}",
+ "passwordreset-nocaller": "Shown when a password reset was requested but the caller was not provided. This is an internal error.",
+ "passwordreset-nosuchcaller": "Shown when a password reset was requested but the username of the caller could not be resolved to a user. This is an internal error.\n\nParameters:\n* $1 - username of the caller",
+ "passwordreset-ignored": "Shown when password reset was unsuccessful due to configuration problems.",
+ "passwordreset-invalideamil": "Returned when the email address is syntatically invalid.",
+ "passwordreset-nodata": "Returned when no data was provided.",
"changeemail": "Title of [[Special:ChangeEmail|special page]]. This page also allows removing the user's email address.",
"changeemail-summary": "{{ignored}}",
"changeemail-header": "Text of [[Special:ChangeEmail]].",
"showpreview": "The text of the button to preview the page you are editing. See also {{msg-mw|showdiff}} and {{msg-mw|savearticle}} for the other buttons.\n\nSee also:\n* {{msg-mw|Showpreview}}\n* {{msg-mw|Accesskey-preview}}\n* {{msg-mw|Tooltip-preview}}\n{{Identical|Show preview}}",
"showdiff": "Button below the edit page. See also {{msg-mw|Showpreview}} and {{msg-mw|Savearticle}} for the other buttons.\n\nSee also:\n* {{msg-mw|Showdiff}}\n* {{msg-mw|Accesskey-diff}}\n* {{msg-mw|Tooltip-diff}}\n{{Identical|Show change}}",
"blankarticle": "Notice displayed once after the user tries to save an empty page.",
- "anoneditwarning": "Shown when editing a page anonymously.\n\nParameters:\n* $1 – A link to log in, <nowiki>{{fullurl:Special:UserLogin|returnto={{FULLPAGENAMEE}}}}</nowiki>\n* $2 – A link to sign up, <nowiki>{{fullurl:Special:UserLogin/signup|returnto={{FULLPAGENAMEE}}}}</nowiki>\n\nSee also:\n* {{msg-mw|Mobile-frontend-editor-anonwarning}}",
+ "anoneditwarning": "Shown when editing a page anonymously.\n\nParameters:\n* $1 – A link to log in, <nowiki>{{fullurl:Special:UserLogin|returnto={{FULLPAGENAMEE}}}}</nowiki>\n* $2 – A link to sign up, <nowiki>{{fullurl:Special:CreateAccount|returnto={{FULLPAGENAMEE}}}}</nowiki>\n\nSee also:\n* {{msg-mw|Mobile-frontend-editor-anonwarning}}",
"anonpreviewwarning": "See also:\n* {{msg-mw|Anoneditwarning}}",
"missingsummary": "The text \"edit summary\" is in {{msg-mw|Summary}}.\n\nSee also:\n* {{msg-mw|Missingcommentheader}}\n* {{msg-mw|Savearticle}}",
"selfredirect": "Notice displayed once after the user tries to create a redirect to the same article.",
"undo-summary-username-hidden": "Edit summary for an undo action where the username of the old revision is hidden.\n\nParameters:\n* $1 - the revision ID being undone\nSee also:\n* {{msg-mw|Undo-summary}}",
"cantcreateaccounttitle": "Used as title of the error message {{msg-mw|Cantcreateaccount-text}}.",
"cantcreateaccount-text": "Used as error message, with the title {{msg-mw|Cantcreateaccounttitle}}.\n* $1 - target IP address\n* $2 - reason or {{msg-mw|Blockednoreason}}\n* $3 - username\nSee also:\n* {{msg-mw|Cantcreateaccount-range-text}}",
- "cantcreateaccount-range-text": "Used as more detailed version of the {{msg-mw|Cantcreateaccount-text}} error message, with the title {{msg-mw|Cantcreateaccounttitle}}.\n* $1 - target IP address range\n* $2 - reason or {{msg-mw|Blockednoreason}}\n* $3 - username\n* $4 - current user's IP address",
+ "cantcreateaccount-range-text": "Used instead of the {{msg-mw|Cantcreateaccount-text}} when the block is a range block.\n* $1 - target IP address range\n* $2 - reason or {{msg-mw|Blockednoreason}}\n* $3 - username\n* $4 - current user's IP address",
"createaccount-hook-aborted": "Placeholder message to return with API errors on account create; passes through the message from a hook {{notranslate}}",
"viewpagelogs": "Link displayed in history of pages",
"nohistory": "Message shown when there are no history to list. See [{{canonicalurl:x|action=history}} example history].\n----\nAlso used as title of error message when the feed is empty. See [{{canonicalurl:x|action=history&feed=atom}} example feed].\n\nSee the error message:\n* {{msg-mw|history-feed-empty}}",
"authprovider-confirmlink-failed": "Used to prefix the list of individual link statuses when some did not succeed. Parameters:\n* $1 - Failure message, or a wikitext bulleted list of failure messages.\n\nSee also:\n* {{msg-mw|authprovider-confirmlink-success-line}}\n* {{msg-mw|authprovider-confirmlink-failed-line}}",
"authprovider-confirmlink-ok-help": "Description of the \"ok\" field when ConfirmLinkSecondaryAuthenticationProvider needs to display link failure messages to the user.",
"authprovider-resetpass-skip-label": "Label for the \"Skip\" button when it's possible to skip resetting a password in ResetPasswordSecondaryAuthenticationProvider.",
- "authprovider-resetpass-skip-help": "Description of the option to skip resetting a password in ResetPasswordSecondaryAuthenticationProvider."
+ "authprovider-resetpass-skip-help": "Description of the option to skip resetting a password in ResetPasswordSecondaryAuthenticationProvider.",
+ "authform-nosession-login": "Error message shown when the login was successful, but the session could not be reestablished on the next request. $1 is an explanation which depends on what session handler is being used, such as {{msg-mw|sessionprovider-nocookies}}.",
+ "authform-nosession-signup": "Error message shown when the account creation was successful, but the session could not be reestablished on the next request. $1 is an explanation which depends on what session handler is being used, such as {{msg-mw|sessionprovider-nocookies}}.",
+ "authform-newtoken": "Error message shown on the auth form when the session has no CSRF token. This can be caused by session expiry but it is more likely that the client does not support sessions for some reason (e.g. a browser with all cookies diabled). $1 is an explanation (in the form of full sentences) given by the session provider of why sessions might not work (usually this will be {{msg-mw|sessionprovider-nocookies}}).",
+ "authform-notoken": "Error message shown on the auth form when the submitted data has no CSRF token.",
+ "authform-wrongtoken": "Error message shown on the auth form when the submitted CSRF token value is invalid.",
+ "specialpage-securitylevel-not-allowed-title": "Error page title shown when the user visits a special page but the authentication security check fails.",
+ "specialpage-securitylevel-not-allowed": "Error message shown when the user visits a special page but the authentication security check fails.",
+ "authpage-cannot-login": "Error message shown on authentication-related special pages when login cannot start. This is not supposed to happen unless the site is misconfigured.",
+ "authpage-cannot-login-continue": "Error message shown on authentication-related special pages when login cannot continue. This most likely means a session timeout.",
+ "authpage-cannot-create": "Error message shown on authentication-related special pages when account creation cannot start. This is not supposed to happen unless the site is misconfigured.",
+ "authpage-cannot-create-continue": "Error message shown on authentication-related special pages when account creation cannot continue. This most likely means a session timeout.",
+ "authpage-cannot-link": "Error message shown on authentication-related special pages when account linking cannot start. This is not supposed to happen unless the site is misconfigured.",
+ "authpage-cannot-link-continue": "Error message shown on authentication-related special pages when account linking cannot continue. This most likely means a session timeout.",
+ "cannotauth-not-allowed-title": "Title of the error page shown when the user tries t use an authentication-related page they should not have access to.",
+ "cannotauth-not-allowed": "Text of the error page shown when the user tries t use an authentication-related page they should not have access to.",
+ "changecredentials" : "Title of the special page [[Special:ChangeCredentials]] which allows changing authentication credentials (such as the password).",
+ "changecredentials-submit": "Used on [[Special:ChangeCredentials]].",
+ "changecredentials-submit-cancel": "Used on [[Special:ChangeCredentials]].\n{{Identical|Cancel}}",
+ "changecredentials-invalidsubpage": "Error message shown when using [[Special:ChangeCredentials]] with an invalid type.\n\nParameters:\n* $1 - subpage name.",
+ "changecredentials-success": "Success message after using [[Special:ChangeCredentials]].",
+ "removecredentials" : "Title of the special page [[Special:RemoveCredentials]] which allows removing authentication credentials (such as a two-factor token).",
+ "removecredentials-submit": "Used on [[Special:RemoveCredentials]].",
+ "removecredentials-submit-cancel": "Used on [[Special:RemoveCredentials]].\n{{Identical|Cancel}}",
+ "removecredentials-invalidsubpage": "Error message shown when using [[Special:RemoveCredentials]] with an invalid type.\n\nParameters:\n* $1 - subpage name.",
+ "removecredentials-success": "Success message after using [[Special:RemoveCredentials]].",
+ "credentialsform-provider": "Shown on [[Special:ChangeCredentials]]/[[Special:RemoveCredentials]] as the label for the authentication type (e.g. \"password\", \"English Wikipedia via OAuth\")",
+ "credentialsform-account": "Shown on [[Special:ChangeCredentials]]/[[Special:RemoveCredentials]] as the label for the account name",
+ "cannotlink-no-provider-title": "Error page title shown when the user visits [[Special:LinkAccounts]] but there is no external account provider that could be linked.",
+ "cannotlink-no-provider": "Error message shown when the user visits [[Special:LinkAccounts]] but there is no external account provider that could be linked.",
+ "linkaccounts": "Title of the special page [[Special:LinkAccounts]] which allows the user to connect the local user accounts with external ones such as Google or Facebook.",
+ "linkaccounts-success-text": "Text shown on top of the form after a successful action.",
+ "linkaccounts-submit": "Text of the main submit button on [[Special:LinkAccounts]] (when there is one)",
+ "unlinkaccounts": "Title of the special page [[Special:UnlinkAccounts]] which allows the user to remove linked remote accounts.",
+ "unlinkaccounts-success": "Account unlinking form success message"
}
'BrokenRedirects' => [ 'BrokenRedirects' ],
'Categories' => [ 'Categories' ],
'ChangeContentModel' => [ 'ChangeContentModel' ],
+ 'ChangeCredentials' => [ 'ChangeCredentials' ],
'ChangeEmail' => [ 'ChangeEmail' ],
'ChangePassword' => [ 'ChangePassword', 'ResetPass', 'ResetPassword' ],
'ComparePages' => [ 'ComparePages' ],
'JavaScriptTest' => [ 'JavaScriptTest' ],
'BlockList' => [ 'BlockList', 'ListBlocks', 'IPBlockList' ],
'LinkSearch' => [ 'LinkSearch' ],
+ 'LinkAccounts' => [ 'LinkAccounts' ],
'Listadmins' => [ 'ListAdmins' ],
'Listbots' => [ 'ListBots' ],
'Listfiles' => [ 'ListFiles', 'FileList', 'ImageList' ],
'Recentchanges' => [ 'RecentChanges' ],
'Recentchangeslinked' => [ 'RecentChangesLinked', 'RelatedChanges' ],
'Redirect' => [ 'Redirect' ],
+ 'RemoveCredentials' => [ 'RemoveCredentials' ],
'ResetTokens' => [ 'ResetTokens' ],
'Revisiondelete' => [ 'RevisionDelete' ],
'RunJobs' => [ 'RunJobs' ],
'Uncategorizedpages' => [ 'UncategorizedPages' ],
'Uncategorizedtemplates' => [ 'UncategorizedTemplates' ],
'Undelete' => [ 'Undelete' ],
+ 'UnlinkAccounts' => [ 'UnlinkAccounts' ],
'Unlockdb' => [ 'UnlockDB' ],
'Unusedcategories' => [ 'UnusedCategories' ],
'Unusedimages' => [ 'UnusedFiles', 'UnusedImages' ],
--- /dev/null
+<?php
+
+namespace MediaWiki\Auth;
+
+use Psr\Log\LoggerInterface;
+
+class EmailNotificationSecondaryAuthenticationProviderTest extends \PHPUnit_Framework_TestCase {
+ public function testConstructor() {
+ $config = new \HashConfig( [
+ 'EnableEmail' => true,
+ 'EmailAuthentication' => true,
+ ] );
+
+ $provider = new EmailNotificationSecondaryAuthenticationProvider();
+ $provider->setConfig( $config );
+ $providerPriv = \TestingAccessWrapper::newFromObject( $provider );
+ $this->assertTrue( $providerPriv->sendConfirmationEmail );
+
+ $provider = new EmailNotificationSecondaryAuthenticationProvider( [
+ 'sendConfirmationEmail' => false,
+ ] );
+ $provider->setConfig( $config );
+ $providerPriv = \TestingAccessWrapper::newFromObject( $provider );
+ $this->assertFalse( $providerPriv->sendConfirmationEmail );
+ }
+
+ /**
+ * @dataProvider provideGetAuthenticationRequests
+ * @param string $action
+ * @param AuthenticationRequest[] $expected
+ */
+ public function testGetAuthenticationRequests( $action, $expected ) {
+ $provider = new EmailNotificationSecondaryAuthenticationProvider( [
+ 'sendConfirmationEmail' => true,
+ ] );
+ $this->assertSame( $expected, $provider->getAuthenticationRequests( $action, [] ) );
+ }
+
+ public function provideGetAuthenticationRequests() {
+ return [
+ [ AuthManager::ACTION_LOGIN, [] ],
+ [ AuthManager::ACTION_CREATE, [] ],
+ [ AuthManager::ACTION_LINK, [] ],
+ [ AuthManager::ACTION_CHANGE, [] ],
+ [ AuthManager::ACTION_REMOVE, [] ],
+ ];
+ }
+
+ public function testBeginSecondaryAuthentication() {
+ $provider = new EmailNotificationSecondaryAuthenticationProvider( [
+ 'sendConfirmationEmail' => true,
+ ] );
+ $this->assertEquals( AuthenticationResponse::newAbstain(),
+ $provider->beginSecondaryAuthentication( \User::newFromName( 'Foo' ), [] ) );
+ }
+
+ public function testBeginSecondaryAccountCreation() {
+ $authManager = new AuthManager( new \FauxRequest(), new \HashConfig() );
+
+ $creator = $this->getMock( 'User' );
+ $userWithoutEmail = $this->getMock( 'User' );
+ $userWithoutEmail->expects( $this->any() )->method( 'getEmail' )->willReturn( '' );
+ $userWithoutEmail->expects( $this->never() )->method( 'sendConfirmationMail' );
+ $userWithEmailError = $this->getMock( 'User' );
+ $userWithEmailError->expects( $this->any() )->method( 'getEmail' )->willReturn( 'foo@bar.baz' );
+ $userWithEmailError->expects( $this->any() )->method( 'sendConfirmationMail' )
+ ->willReturn( \Status::newFatal( 'fail' ) );
+ $userExpectsConfirmation = $this->getMock( 'User' );
+ $userExpectsConfirmation->expects( $this->any() )->method( 'getEmail' )
+ ->willReturn( 'foo@bar.baz' );
+ $userExpectsConfirmation->expects( $this->once() )->method( 'sendConfirmationMail' )
+ ->willReturn( \Status::newGood() );
+ $userNotExpectsConfirmation = $this->getMock( 'User' );
+ $userNotExpectsConfirmation->expects( $this->any() )->method( 'getEmail' )
+ ->willReturn( 'foo@bar.baz' );
+ $userNotExpectsConfirmation->expects( $this->never() )->method( 'sendConfirmationMail' );
+
+ $provider = new EmailNotificationSecondaryAuthenticationProvider( [
+ 'sendConfirmationEmail' => false,
+ ] );
+ $provider->setManager( $authManager );
+ $provider->beginSecondaryAccountCreation( $userNotExpectsConfirmation, $creator, [] );
+
+ $provider = new EmailNotificationSecondaryAuthenticationProvider( [
+ 'sendConfirmationEmail' => true,
+ ] );
+ $provider->setManager( $authManager );
+ $provider->beginSecondaryAccountCreation( $userWithoutEmail, $creator, [] );
+ $provider->beginSecondaryAccountCreation( $userExpectsConfirmation, $creator, [] );
+
+ // test logging of email errors
+ $logger = $this->getMockForAbstractClass( LoggerInterface::class );
+ $logger->expects( $this->once() )->method( 'warning' );
+ $provider->setLogger( $logger );
+ $provider->beginSecondaryAccountCreation( $userWithEmailError, $creator, [] );
+
+ // test disable flag used by other providers
+ $authManager->setAuthenticationSessionData( 'no-email', true );
+ $provider->setManager( $authManager );
+ $provider->beginSecondaryAccountCreation( $userNotExpectsConfirmation, $creator, [] );
+
+ }
+}
--- /dev/null
+<?php
+
+use MediaWiki\Auth\AuthManager;
+
+/**
+ * @group Database
+ */
+class PasswordResetTest extends PHPUnit_Framework_TestCase {
+ /**
+ * @dataProvider provideIsAllowed
+ */
+ public function testIsAllowed( $passwordResetRoutes, $enableEmail,
+ $allowsAuthenticationDataChange, $canEditPrivate, $canSeePassword,
+ $userIsBlocked, $isAllowed, $isAllowedToDisplayPassword
+ ) {
+ $config = new HashConfig( [
+ 'PasswordResetRoutes' => $passwordResetRoutes,
+ 'EnableEmail' => $enableEmail,
+ ] );
+
+ $authManager = $this->getMockBuilder( AuthManager::class )->disableOriginalConstructor()
+ ->getMock();
+ $authManager->expects( $this->any() )->method( 'allowsAuthenticationDataChange' )
+ ->willReturn( $allowsAuthenticationDataChange ? Status::newGood() : Status::newFatal( 'foo' ) );
+
+ $user = $this->getMock( User::class );
+ $user->expects( $this->any() )->method( 'getName' )->willReturn( 'Foo' );
+ $user->expects( $this->any() )->method( 'isBlocked' )->willReturn( $userIsBlocked );
+ $user->expects( $this->any() )->method( 'isAllowed' )
+ ->will( $this->returnCallback( function ( $perm ) use ( $canEditPrivate, $canSeePassword ) {
+ if ( $perm === 'editmyprivateinfo' ) {
+ return $canEditPrivate;
+ } elseif ( $perm === 'passwordreset' ) {
+ return $canSeePassword;
+ } else {
+ $this->fail( 'Unexpected permission check' );
+ }
+ } ) );
+
+ $passwordReset = new PasswordReset( $config, $authManager );
+
+ $this->assertSame( $isAllowed, $passwordReset->isAllowed( $user )->isGood() );
+ $this->assertSame( $isAllowedToDisplayPassword,
+ $passwordReset->isAllowed( $user, true )->isGood() );
+ }
+
+ public function provideIsAllowed() {
+ return [
+ [
+ 'passwordResetRoutes' => [],
+ 'enableEmail' => true,
+ 'allowsAuthenticationDataChange' => true,
+ 'canEditPrivate' => true,
+ 'canSeePassword' => true,
+ 'userIsBlocked' => false,
+ 'isAllowed' => false,
+ 'isAllowedToDisplayPassword' => false,
+ ],
+ [
+ 'passwordResetRoutes' => [ 'username' => true ],
+ 'enableEmail' => false,
+ 'allowsAuthenticationDataChange' => true,
+ 'canEditPrivate' => true,
+ 'canSeePassword' => true,
+ 'userIsBlocked' => false,
+ 'isAllowed' => false,
+ 'isAllowedToDisplayPassword' => false,
+ ],
+ [
+ 'passwordResetRoutes' => [ 'username' => true ],
+ 'enableEmail' => true,
+ 'allowsAuthenticationDataChange' => false,
+ 'canEditPrivate' => true,
+ 'canSeePassword' => true,
+ 'userIsBlocked' => false,
+ 'isAllowed' => false,
+ 'isAllowedToDisplayPassword' => false,
+ ],
+ [
+ 'passwordResetRoutes' => [ 'username' => true ],
+ 'enableEmail' => true,
+ 'allowsAuthenticationDataChange' => true,
+ 'canEditPrivate' => false,
+ 'canSeePassword' => true,
+ 'userIsBlocked' => false,
+ 'isAllowed' => false,
+ 'isAllowedToDisplayPassword' => false,
+ ],
+ [
+ 'passwordResetRoutes' => [ 'username' => true ],
+ 'enableEmail' => true,
+ 'allowsAuthenticationDataChange' => true,
+ 'canEditPrivate' => true,
+ 'canSeePassword' => true,
+ 'userIsBlocked' => true,
+ 'isAllowed' => false,
+ 'isAllowedToDisplayPassword' => false,
+ ],
+ [
+ 'passwordResetRoutes' => [ 'username' => true ],
+ 'enableEmail' => true,
+ 'allowsAuthenticationDataChange' => true,
+ 'canEditPrivate' => true,
+ 'canSeePassword' => false,
+ 'userIsBlocked' => false,
+ 'isAllowed' => true,
+ 'isAllowedToDisplayPassword' => false,
+ ],
+ [
+ 'passwordResetRoutes' => [ 'username' => true ],
+ 'enableEmail' => true,
+ 'allowsAuthenticationDataChange' => true,
+ 'canEditPrivate' => true,
+ 'canSeePassword' => true,
+ 'userIsBlocked' => false,
+ 'isAllowed' => true,
+ 'isAllowedToDisplayPassword' => true,
+ ],
+ ];
+ }
+
+ public function testExecute_email() {
+ $config = new HashConfig( [
+ 'PasswordResetRoutes' => [ 'username' => true, 'email' => true ],
+ 'EnableEmail' => true,
+ ] );
+
+ $authManager = $this->getMockBuilder( AuthManager::class )->disableOriginalConstructor()
+ ->getMock();
+ $authManager->expects( $this->any() )->method( 'allowsAuthenticationDataChange' )
+ ->willReturn( Status::newGood() );
+ $authManager->expects( $this->exactly( 2 ) )->method( 'changeAuthenticationData' );
+
+ $request = new FauxRequest();
+ $request->setIP( '1.2.3.4' );
+ $performingUser = $this->getMock( User::class );
+ $performingUser->expects( $this->any() )->method( 'getRequest' )->willReturn( $request );
+ $performingUser->expects( $this->any() )->method( 'isAllowed' )->willReturn( true );
+
+ $targetUser1 = $this->getMock( User::class );
+ $targetUser2 = $this->getMock( User::class );
+ $targetUser1->expects( $this->any() )->method( 'getName' )->willReturn( 'User1' );
+ $targetUser2->expects( $this->any() )->method( 'getName' )->willReturn( 'User2' );
+ $targetUser1->expects( $this->any() )->method( 'getId' )->willReturn( 1 );
+ $targetUser2->expects( $this->any() )->method( 'getId' )->willReturn( 2 );
+ $targetUser1->expects( $this->any() )->method( 'getEmail' )->willReturn( 'foo@bar.baz' );
+ $targetUser2->expects( $this->any() )->method( 'getEmail' )->willReturn( 'foo@bar.baz' );
+
+ $passwordReset = $this->getMockBuilder( PasswordReset::class )
+ ->setMethods( [ 'getUsersByEmail' ] )->setConstructorArgs( [ $config, $authManager ] )
+ ->getMock();
+ $passwordReset->expects( $this->any() )->method( 'getUsersByEmail' )->with( 'foo@bar.baz' )
+ ->willReturn( [ $targetUser1, $targetUser2 ] );
+
+ $status = $passwordReset->isAllowed( $performingUser );
+ $this->assertTrue( $status->isGood() );
+
+ $status = $passwordReset->execute( $performingUser, null, 'foo@bar.baz' );
+ $this->assertTrue( $status->isGood() );
+ }
+}
dépôts / lhc / web / wiklou.git / commitdiff